Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

DDS Logs: Flash Player for Edge

This is a discussion on DDS Logs: Flash Player for Edge within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. First off, I am not a newbie, so don't treat me like one. I've been doing this for nearly 30


Closed Thread
 
Thread Tools Search this Thread
Old 02-07-2017, 05:14 PM   #1
Registered Member
 
storm5510's Avatar
 
Join Date: Mar 2009
Location: Madison, Indiana
Posts: 435
OS: Windows 10 Pro v1909

My System


First off, I am not a newbie, so don't treat me like one. I've been doing this for nearly 30 years.

This all seemed to start when I received a notification in MS Edge that a Flash Player update was needed. The update was loaded with "junk" as I would call it. Chromium, Byte Fence, and something from Yahoo. The Flash update never finished, and I doubt that it was an update at all.

I managed to uninstall Chromium and Byte Fence. At the bottom of the list application list was something which started with Yahoo! I don't remember the rest. It would not uninstall.

I did some digging on my own. I opened a command prompt and did a folder search for anything containing the word yahoo. It went like this. "dir c:\ yahoo*.* /s" This search found one thing. A scheduled task in the Windows\Tasks folder. The name was "Yahoo! Powered tonis.job" I deleted it and did a system restart. The only scheduled task I should have had was an Epson printer driver update check. It was still there. There is still a reference to this in the registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\CompatibilityAdapter\Signatures. I left it.

After I removed the task, Edges' behavior seemed to improve. Since I was not able to perform a proper uninstall of the Yahoo process, some of it is still floating around somewhere.

So, that's it. Take a look at the logs and let me know what you think. I have a fall-back: An Acronis TrueImage full backup from late January which I can restore.

=======================

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.0
Run by Norman at 19:14:04 on 2017-02-07
Microsoft Windows 10 Pro 10.0.14393.0.1252.1.2057.18.4040.2465 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
C:\WINDOWS\system32\EscSvc64.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\system32\AUDIODG.EXE
svchost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.105.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Windows\System32\spool\drivers\x64\3\E_YATIMBE.EXE
C:\Misc\Sleeper.exe
C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\InstallAgent.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\SysWoW64\DllHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.palikan.com/?f=1&a=plk_coinisre_17_06_ssg02&cd=2XzuyEtN2Y1L1QzuyC0CtA0B0EyDtC0DzytD0A0A0DzytD0CtN0D0Tzu0StCzzyCtAtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0ByD0FyEtBtDzytGtCyBzytBtG0BtDyE0DtGtB0E0C0EtG0E0BzytAtCzztBtB0Ezy0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0DzytC0CtDtG0BtB0DtCtGyE0ByBzytGzz0FtAtAtGtAyCtAyDtBtAzz0DtDtC0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyByEzy&cr=1168399139&ir=
uLocal Page = %11%\blank.htm
mStart Page = hxxp://www.palikan.com/?f=1&a=plk_coinisre_17_06_ssg02&cd=2XzuyEtN2Y1L1QzuyC0CtA0B0EyDtC0DzytD0A0A0DzytD0CtN0D0Tzu0StCzzyCtAtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0ByD0FyEtBtDzytGtCyBzytBtG0BtDyE0DtGtB0E0C0EtG0E0BzytAtCzztBtB0Ezy0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0DzytC0CtDtG0BtB0DtCtGyE0ByBzytGzz0FtAtAtGtAyCtAyDtBtAzz0DtDtC0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyByEzy&cr=1168399139&ir=
uRun: [EPLTarget\P0000000000000000] C:\WINDOWS\System32\spool\DRIVERS\x64\3\E_YATIMBE.EXE /EPT "EPLTarget\P0000000000000000" /M "WF-2650 Series" /EF "HKCU"
mRun: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
mRun: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
StartupFolder: C:\Users\Norman\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Sleeper.lnk - C:\Misc\Sleeper.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{c346502b-5e9f-4502-9f9c-ffe0ec1d3f44} : DHCPNameServer = 192.168.254.254
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxp://www.palikan.com/?f=1&a=plk_coinisre_17_06_ssg02&cd=2XzuyEtN2Y1L1QzuyC0CtA0B0EyDtC0DzytD0A0A0DzytD0CtN0D0Tzu0StCzzyCtAtN1L2XzutAtFtByDtFtCtFyDtBtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0ByD0FyEtBtDzytGtCyBzytBtG0BtDyE0DtGtB0E0C0EtG0E0BzytAtCzztBtB0Ezy0EyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0DzytC0CtDtG0BtB0DtCtGyE0ByBzytGzz0FtAtAtGtAyCtAyDtBtAzz0DtDtC0E0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyByEzy&cr=1168399139&ir=
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Acronis Scheduler2 Service] "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Norman\AppData\Roaming\Mozilla\Firefox\Profiles\usyvoq48.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 file_tracker;Acronis File Tracker Driver;C:\WINDOWS\System32\drivers\file_tracker.sys [2017-1-24 375136]
R0 fltsrv;Acronis Storage Filter Management;C:\WINDOWS\System32\drivers\fltsrv.sys [2017-1-24 181088]
R0 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-22 48992]
R0 tib;Acronis TIB Manager;C:\WINDOWS\System32\drivers\tib.sys [2017-1-24 1267544]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-11-22 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-11-22 227328]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R2 afcdpsrv;Acronis Nonstop Backup Service;C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2017-1-24 6086232]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_568e42;CDPUserSvc_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe [2016-8-2 677376]
R2 EpsonScanSvc;Epson Scanner Service;C:\WINDOWS\System32\escsvc64.exe [2017-1-25 144560]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2016-7-28 21184]
R2 mmsminisrv;Acronis Managed Machine Service Mini;C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [2016-8-15 4692840]
R2 mobile_backup_server;Acronis Mobile Backup Server;C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [2016-7-18 7717528]
R2 mobile_backup_status_server;Acronis Mobile Backup Status Server;C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [2016-9-13 1510712]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-1-24 462784]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-1-24 459832]
R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2017-1-24 1163712]
R2 OneSyncSvc_568e42;Sync Host_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 syncagentsrv;Acronis Sync Agent Service;C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2016-8-11 9729272]
R2 tib_mounter;Acronis TIB Mounter;C:\WINDOWS\System32\drivers\tib_mounter.sys [2017-1-24 212320]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 virtual_file;Acronis Virtual File Driver;C:\WINDOWS\System32\drivers\virtual_file.sys [2017-1-24 331104]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-11-22 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 PimIndexMaintenanceSvc_568e42;Contact Data_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UnistoreSvc_568e42;User Data Storage_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_568e42;User Data Access_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2016-11-22 127328]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2016-7-16 157024]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2016-7-16 141152]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-11-22 118272]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 MDA_NTDRV;MDA_NTDRV;C:\WINDOWS\System32\MDA_NTDRV.sys [2013-2-25 21208]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-11-22 64352]
S3 MessagingService_568e42;MessagingService_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2016-7-16 179040]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2016-11-22 113152]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-1-24 462784]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-1-24 27584]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-1-24 46016]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-11-22 2889896]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-11-22 1312768]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-11-22 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2016-7-27 139264]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
S3 tnd;Acronis Try&Decide filter;C:\WINDOWS\System32\drivers\tnd.sys [2017-1-24 687968]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-11-22 719360]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_568e42;Windows Push Notifications User Service_568e42;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-1-24 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-11-22 43520]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2017-1-24 822624]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2016-7-16 1227264]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-02-08 0034 12229912 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{0B5B9B13-CA86-41EC-AB52-67E62B9D8AE7}\mpengine.dll
2017-02-07 16:45:42 12229912 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-02-07 02:57:53 -------- d-----w- C:\Users\Norman\AppData\Local\Mozilla
2017-02-07 02:57:48 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-07 02:57:27 -------- d-----w- C:\Users\Norman\AppData\Local\Chromium
2017-02-07 02:15:51 -------- d-----w- C:\Users\Norman\AppData\Local\Adobe
2017-02-07 02:15:40 -------- d-----w- C:\ProgramData\{EEE42B87-64A6-A141-E260-3F037822B4CD}
2017-02-07 02:15:34 -------- d-----w- C:\Users\Norman\AppData\Local\lafe
2017-02-07 01:01:53 -------- d-----w- C:\Program Files (x86)\Common Files\SONY Digital Images
2017-02-07 01:01:26 -------- d-----w- C:\Program Files (x86)\Ulead Systems
2017-02-06 17:50:09 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2017-02-06 17:50:03 -------- d-----w- C:\Program Files (x86)\Windows Media Components
2017-02-06 07:46:08 -------- d-----w- C:\Users\Norman\AppData\Roaming\Digiarty
2017-02-06 07:45:53 -------- d-----w- C:\Program Files (x86)\Digiarty
2017-02-05 19:16:21 -------- d-----w- C:\ProgramData\BSD
2017-02-05 19:15:37 -------- d-----w- C:\Program Files (x86)\Auslogics
2017-02-01 15:37:49 -------- d-----w- C:\Users\Norman\AppData\Roaming\Big Angry Dog
2017-02-01 15:37:46 -------- d---a-w- C:\Program Files\Hardwipe
2017-02-01 13:26:27 82432 ----a-w- C:\WINDOWS\System32\VSD3DWARP12Debug.dll
2017-02-01 13:26:27 6583296 ----a-w- C:\WINDOWS\System32\d3d12warp.dll
2017-02-01 13:26:27 61952 ----a-w- C:\WINDOWS\System32\VSD3DWARPDebug.dll
2017-02-01 13:26:27 5850624 ----a-w- C:\WINDOWS\System32\VsGraphicsDesktopEngine.exe
2017-02-01 13:26:27 4978176 ----a-w- C:\WINDOWS\SysWow64\d3d12warp.dll
2017-02-01 13:26:27 4596224 ----a-w- C:\WINDOWS\SysWow64\VsGraphicsDesktopEngine.exe
2017-02-01 13:26:27 2795520 ----a-w- C:\WINDOWS\System32\d3d12SDKLayers.dll
2017-02-01 13:26:27 2220032 ----a-w- C:\WINDOWS\SysWow64\d3d12SDKLayers.dll
2017-02-01 13:26:26 64000 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARP12Debug.dll
2017-02-01 13:26:26 60928 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARPDebug.dll
2017-02-01 13:26:26 384000 ----a-w- C:\WINDOWS\System32\DXCpl.exe
2017-02-01 13:26:26 362496 ----a-w- C:\WINDOWS\SysWow64\DXCpl.exe
2017-02-01 07:08:45 -------- d-----w- C:\Users\Norman\AppData\Roaming\NuGet
2017-02-01 03:47:26 1654528 ----a-w- C:\ProgramData\Microsoft\WDExpress\14.0\1033\ResourceCache.dll
2017-02-01 03:35:31 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 12.0
2017-02-01 03:31:21 -------- d---a-w- C:\Program Files\Application Verifier
2017-02-01 03:31:21 -------- d---a-w- C:\Program Files (x86)\Application Verifier
2017-02-01 03:31:17 -------- d---a-w- C:\ProgramData\Windows App Certification Kit
2017-02-01 03:04:29 -------- d---a-w- C:\Program Files\IIS
2017-02-01 03:04:29 -------- d-----w- C:\Program Files (x86)\IIS
2017-02-01 02:41:18 -------- d-----w- C:\ProgramData\NuGet
2017-02-01 02:41:18 -------- d-----w- C:\Program Files (x86)\NuGet
2017-02-01 02:20:54 -------- d---a-w- C:\Program Files (x86)\Common Files\Merge Modules
2017-02-01 01:40:20 -------- d-----w- C:\Program Files (x86)\Windows Kits
2017-02-01 01:40:20 -------- d-----w- C:\Program Files (x86)\Common Files\Microsoft
2017-02-01 01:34:19 -------- d-----w- C:\Program Files (x86)\Microsoft Help Viewer
2017-02-01 01:31:22 -------- d-----w- C:\WINDOWS\SysWow64\1033
2017-02-01 01:31:22 -------- d-----w- C:\WINDOWS\System32\1033
2017-02-01 01:31:07 -------- d---a-w- C:\Program Files\Microsoft SQL Server
2017-02-01 01:31:07 -------- d---a-w- C:\Program Files (x86)\Microsoft SQL Server
2017-02-01 01:28:21 -------- d---a-w- C:\Program Files\Microsoft SQL Server Compact Edition
2017-02-01 01:28:20 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-02-01 01:27:56 -------- d---a-w- C:\Program Files (x86)\Microsoft Visual Studio 14.0
2017-01-31 18:39:10 -------- d-----w- C:\Users\Norman\AppData\Local\N_A
2017-01-27 17:10:03 -------- d-----w- C:\Users\Norman\AppData\Roaming\log
2017-01-26 01:26:29 -------- d---a-w- C:\Program Files (x86)\ExactFile
2017-01-25 19:21:52 -------- d-----w- C:\Program Files\Macrorit
2017-01-25 18:59:51 -------- d-----w- C:\ProgramData\Auslogics
2017-01-25 18:53:20 -------- d-----w- C:\Program Files\Common Files\EPSON
2017-01-25 18:51:14 -------- d-----w- C:\Program Files\EPSON
2017-01-25 18:50:44 -------- d---a-w- C:\Program Files (x86)\EPSON Software
2017-01-25 18:50:37 -------- d-----w- C:\Program Files\EpsonNet
2017-01-25 18:50:25 466944 ----a-w- C:\WINDOWS\System32\esxw2ud.dll
2017-01-25 18:50:25 147472 ----a-w- C:\WINDOWS\SysWow64\twaindsm.dll
2017-01-25 18:50:25 144560 ----a-w- C:\WINDOWS\System32\escsvc64.exe
2017-01-25 18:50:25 -------- d-----w- C:\Program Files (x86)\epson
2017-01-25 18:49:55 10752 ----a-w- C:\WINDOWS\System32\E_GCINST.DLL
2017-01-25 18:49:53 83968 ----a-w- C:\WINDOWS\System32\E_YD4BMBE.DLL
2017-01-25 18:49:53 179712 ----a-w- C:\WINDOWS\System32\E_YLMBMBE.DLL
2017-01-25 18:49:50 -------- d-----w- C:\ProgramData\EPSON
2017-01-25 18:44:24 -------- d---a-w- C:\Program Files (x86)\Microsoft ActiveSync
2017-01-25 18:44:21 -------- d-----w- C:\WINDOWS\SHELLNEW
2017-01-25 18:43:25 -------- d-----w- C:\WINDOWS\PCHEALTH
2017-01-25 18:39:47 -------- d-----w- C:\Program Files (x86)\Common Files\Ulead Systems
2017-01-25 18:39:41 -------- d-----w- C:\Program Files (x86)\Corel
2017-01-25 18:37:30 -------- d-----w- C:\WINDOWS\Downloaded Installations
2017-01-25 06:02:12 142848 ----a-w- C:\WINDOWS\System32\poqexec.exe
2017-01-25 06:02:12 120320 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2017-01-25 03:59:04 -------- d-----w- C:\Users\Norman\AppData\Local\ConnectedDevicesPlatform
2017-01-25 03:44:20 -------- d--h--w- C:\Users\Norman\AppData
2017-01-25 03:44:20 -------- d-----w- C:\Users\Norman\AppData\Local\Temp
2017-01-25 03:44:20 -------- d-----w- C:\Users\Norman\AppData\Local\Microsoft
2017-01-25 03:41:50 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2017-01-25 03:41:50 7639617 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2017-01-25 03:41:50 71224 ----a-w- C:\WINDOWS\System32\nvshext.dll
2017-01-25 03:41:50 6384576 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2017-01-25 03:41:50 548408 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2017-01-25 03:41:50 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2017-01-25 03:41:50 2475968 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2017-01-25 03:41:50 1764408 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2017-01-25 03:41:32 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2017-01-25 03:41:27 -------- d-----w- C:\Program Files\NVIDIA Corporation
2017-01-25 03:41:27 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2017-01-25 02:27:58 73032 ----a-w- C:\WINDOWS\System32\e1cmsg.dll
2017-01-25 02:27:58 36472 ----a-w- C:\WINDOWS\System32\NicCo36.dll
2017-01-25 02:27:58 101224 ----a-w- C:\WINDOWS\System32\NicInstC.dll
2017-01-25 02:27:57 452432 ----a-w- C:\WINDOWS\System32\drivers\e1c63x64.sys
2017-01-25 01:12:38 -------- d-----w- C:\Users\Norman\AppData\Local\PackageStaging
2017-01-25 01:10:30 -------- d-----w- C:\Users\Norman\AppData\Local\Comms
2017-01-25 00:57:22 -------- d-----w- C:\Program Files (x86)\Western Digital Corporation
2017-01-24 22:39:07 -------- d-sh--w- C:\Recovery
2017-01-24 22:39:00 -------- dc----w- C:\WINDOWS\Panther
2017-01-24 22:37:04 -------- d-----w- C:\Windows.old
2017-01-24 21:04:09 -------- d-----w- C:\Users\Norman\AppData\Local\ElevatedDiagnostics
2017-01-24 11:22:06 -------- d-----w- C:\Weather Pictures
2017-01-24 11:22:05 -------- d-----w- C:\VB.Net
2017-01-24 11:22:03 -------- d-----w- C:\VB Projects
2017-01-24 11:22:03 -------- d-----w- C:\Temp4
2017-01-24 11:22:03 -------- d-----w- C:\Temp3
2017-01-24 11:22:01 -------- d-----w- C:\Temp2
2017-01-24 11:22:00 -------- d-----w- C:\Temp
2017-01-24 11:21:59 -------- d-----w- C:\Prime95
2017-01-24 11:21:53 -------- d-----w- C:\Photos
2017-01-24 11:21:00 -------- d-----w- C:\Blowfish
2017-01-24 11:20:59 -------- d-----w- C:\audiograbber
2017-01-24 11:20:57 -------- d-----w- C:\clucas
2017-01-24 11:20:16 -------- d-----w- C:\kodak
2017-01-24 11:20:12 -------- d-----w- C:\IrfanView
2017-01-24 11:19:59 -------- d-----w- C:\IconForge
2017-01-24 11:19:59 -------- d-----w- C:\Hold
2017-01-24 11:19:51 -------- d-----w- C:\Misc
2017-01-24 11:16:30 -------- d-----w- C:\Program Files (x86)\VideoLAN
2017-01-24 11:15:07 -------- d---a-w- C:\Program Files (x86)\BurnAware Free
2017-01-24 11:14:36 -------- d-----w- C:\Program Files\Axantum
2017-01-24 11:11:54 99384 ----a-w- C:\Users\Norman\AppData\Roaming\inst.exe
2017-01-24 11:11:54 82816 ----a-w- C:\Users\Norman\AppData\Roaming\pcouffin.sys
2017-01-24 11:11:52 -------- d-----w- C:\Program Files (x86)\vso
2017-01-24 11:11:22 -------- d-----w- C:\Users\Norman\AppData\Roaming\IrfanView
2017-01-24 11:11:21 -------- d---a-w- C:\Program Files (x86)\IrfanView
2017-01-24 11:10:51 -------- d---a-w- C:\Program Files (x86)\HxD
2017-01-24 11:07:27 -------- d-----w- C:\Program Files (x86)\DVD Decrypter
2017-01-24 1100 -------- d---a-w- C:\Program Files\Defraggler
2017-01-24 11:05:09 -------- d---a-w- C:\Program Files (x86)\CrystalDiskInfo
2017-01-24 11:04:56 -------- d-----w- C:\Users\Norman\AppData\Local\Programs
2017-01-24 11:01:28 -------- d---a-w- C:\Program Files\CCleaner
2017-01-24 10:43:49 -------- d-----w- C:\Users\Norman\AppData\Local\Diagnostics
2017-01-24 10:38:33 -------- d---a-w- C:\Program Files\Bonjour
2017-01-24 10:38:33 -------- d---a-w- C:\Program Files (x86)\Bonjour
2017-01-24 10:37:57 375136 ----a-w- C:\WINDOWS\System32\drivers\file_tracker.sys
2017-01-24 10:37:57 -------- d-----w- C:\ProgramData\Acronis Mobile Backup Data
2017-01-24 10:37:54 331104 ----a-w- C:\WINDOWS\System32\drivers\virtual_file.sys
2017-01-24 10:37:53 687968 ----a-w- C:\WINDOWS\System32\drivers\tnd.sys
2017-01-24 10:37:53 212320 ----a-w- C:\WINDOWS\System32\drivers\tib_mounter.sys
2017-01-24 10:37:52 1267544 ----a-w- C:\WINDOWS\System32\drivers\tib.sys
2017-01-24 10:37:50 368480 ----a-w- C:\WINDOWS\System32\drivers\snapman.sys
2017-01-24 10:37:49 181088 ----a-w- C:\WINDOWS\System32\drivers\fltsrv.sys
2017-01-24 10:00:56 -------- d-----w- C:\WINDOWS\System32\MRT
2017-01-24 09:59:52 -------- d-----r- C:\Users\Norman\OneDrive
2017-01-24 09:58:29 -------- d-----w- C:\Users\Norman\AppData\Local\Publishers
2017-01-24 09:58:01 -------- d-----r- C:\Users\Norman\Searches
2017-01-24 09:58:01 -------- d-----r- C:\Users\Norman\Contacts
2017-01-24 09:54:39 41472 ------w- C:\WINDOWS\SysWow64\Windows.Speech.Pal.dll
2017-01-24 08:05:05 -------- d-----w- C:\Users\Norman\AppData\Local\PeerDistRepub
2017-01-24 07:57:18 202032 ----a-w- C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
2017-01-24 07:50:46 -------- d-----w- C:\Users\Norman\AppData\Roaming\NVIDIA
2017-01-24 07:46:50 -------- d-----w- C:\mfaktc
2017-01-24 07:44:27 -------- d-----w- C:\Users\Norman\AppData\Local\CEF
2017-01-24 07:44:16 120256 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2017-01-24 07:44:15 1854400 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2017-01-24 07:44:15 1755072 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2017-01-24 07:44:15 1317312 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2017-01-24 07:44:14 1452480 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2017-01-24 07:43:40 269600 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2017-01-24 07:43:40 261920 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2017-01-24 07:43:40 125216 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2017-01-24 07:43:40 110880 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2017-01-24 07:43:40 -------- d-----w- C:\Program Files (x86)\VulkanRT
2017-01-24 07:43:10 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2017-01-24 07:42:04 -------- d-----w- C:\ProgramData\Package Cache
2017-01-24 07:35:09 511328 ----a-w- C:\WINDOWS\System32\d3dx10_43.dll
2017-01-24 07:35:09 470880 ----a-w- C:\WINDOWS\SysWow64\d3dx10_43.dll
2017-01-24 07:35:09 276832 ----a-w- C:\WINDOWS\System32\d3dx11_43.dll
2017-01-24 07:35:09 248672 ----a-w- C:\WINDOWS\SysWow64\d3dx11_43.dll
2017-01-24 07:35:08 2401112 ----a-w- C:\WINDOWS\System32\D3DX9_43.dll
2017-01-24 07:35:08 1998168 ----a-w- C:\WINDOWS\SysWow64\D3DX9_43.dll
2017-01-24 07:34:49 -------- d-----w- C:\Users\Norman\AppData\Local\NVIDIA Corporation
2017-01-24 07:34:49 -------- d-----w- C:\Users\Norman\AppData\Local\NVIDIA
2017-01-24 07:33:58 838224 ----a-w- C:\WINDOWS\System32\msvcr110.dll
2017-01-24 07:33:58 670800 ----a-w- C:\WINDOWS\System32\msvcp110.dll
2017-01-24 07:33:58 3942864 ----a-w- C:\WINDOWS\System32\LogiLDA.DLL
2017-01-24 07:33:58 363616 ----a-w- C:\WINDOWS\System32\vccorlib110.dll
2017-01-24 07:33:58 2468304 ----a-w- C:\WINDOWS\System32\LdaCx2.dll
2017-01-24 07:33:52 1558648 ----a-w- C:\WINDOWS\System32\nvdispgenco6435582.dll
2017-01-24 07:33:51 1898104 ----a-w- C:\WINDOWS\System32\nvdispco6435582.dll
2017-01-24 07:30:52 1187344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2017-01-24 07:30:52 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7505EA83-1D9D-46FB-BA41-7AD0082355EF}\gapaengine.dll
2017-01-24 07:30:29 485032 ------w- C:\WINDOWS\System32\MpSigStub.exe
2017-01-24 07:20:32 -------- d-----w- C:\Users\Norman\AppData\Local\MicrosoftEdge
2017-01-19 03:08:52 712096 ----a-w- C:\WINDOWS\System32\ndm-fre.exe
.
==================== Find3M ====================
.
2017-01-24 22:32:30 180224 ----a-w- C:\WINDOWS\System32\enrollmentapi.dll
2017-01-24 09:57:57 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-GPOV9FN_defaultuser0_HistoryPrediction.bin
2017-01-24 09:20:41 635904 ------w- C:\WINDOWS\SysWow64\mqsnap.dll
2017-01-24 09:20:41 14848 ------w- C:\WINDOWS\SysWow64\mqcertui.dll
2016-12-29 08:21:02 97784 ----a-w- C:\WINDOWS\suite.vssMgr.exe
2016-12-22 23:13:26 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-12-22 23:13:26 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-11-22 23:20:16 583680 ----a-w- C:\WINDOWS\System32\quickassist.exe
2016-11-22 23:16:11 27136 ----a-w- C:\WINDOWS\SysWow64\opencl.dll
2016-11-22 23:14:59 99840 ----a-w- C:\WINDOWS\SysWow64\rdvgumd32.dll
2016-11-22 22:56:38 6354944 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2016-11-22 22:55:59 896512 ----a-w- C:\WINDOWS\SysWow64\fontext.dll
2016-11-22 22:54:33 75104 ----a-w- C:\WINDOWS\System32\SyncAppvPublishingServer.exe
2016-11-22 22:54:33 291680 ----a-w- C:\WINDOWS\System32\AppVStreamingUX.exe
2016-11-22 22:54:33 268128 ----a-w- C:\WINDOWS\System32\AppVFileSystemMetadata.dll
2016-11-22 22:54:33 236384 ----a-w- C:\WINDOWS\System32\AppVStreamMap.dll
2016-11-22 22:54:33 21856 ----a-w- C:\WINDOWS\System32\ScriptRunner.exe
2016-11-22 22:54:33 202592 ----a-w- C:\WINDOWS\System32\AppVStreamingUX.dll
2016-11-22 22:54:33 178528 ----a-w- C:\WINDOWS\System32\AppVNice.exe
2016-11-22 22:54:33 157024 ----a-w- C:\WINDOWS\System32\drivers\AppvVemgr.sys
2016-11-22 22:54:33 141152 ----a-w- C:\WINDOWS\System32\drivers\AppvVfs.sys
2016-11-22 22:54:33 13824 ----a-w- C:\WINDOWS\System32\appvetwstreamingux.dll
2016-11-22 22:54:33 129024 ----a-w- C:\WINDOWS\System32\appvetwclientres.dll
2016-11-22 22:54:17 88064 ----a-w- C:\WINDOWS\System32\rdpsign.exe
2016-11-22 22:49:49 3753984 ----a-w- C:\WINDOWS\System32\bootux.dll
2016-11-22 22:49:49 199008 ----a-w- C:\WINDOWS\System32\drivers\wof.sys
2016-11-22 22:48:50 4096 ----a-w- C:\WINDOWS\SysWow64\wbem\en\Microsoft.AppV.AppVClientWmi.resources.dll
2016-11-22 22:48:50 4096 ----a-w- C:\WINDOWS\System32\wbem\en\Microsoft.AppV.AppVClientWmi.resources.dll
2016-11-22 22:48:45 11776 ----a-w- C:\WINDOWS\SysWow64\drivers\en-GB\NdisImPlatform.sys.mui
2016-11-22 22:48:44 8192 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
2016-11-22 22:48:44 6656 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2016-11-22 22:48:44 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2016-11-22 22:48:44 2560 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\en-GB\SensorsCx.dll.mui
.
============= FINISH: 19:14:47.16 ===============
Attached Files
File Type: txt attach.txt (16.8 KB, 29 views)
storm5510 is offline  
Sponsored Links
Advertisement
 
Old 02-08-2017, 08:35 AM   #2
Registered Member
 
storm5510's Avatar
 
Join Date: Mar 2009
Location: Madison, Indiana
Posts: 435
OS: Windows 10 Pro v1909

My System


Don't bother with this. Update downloaded an nVidia display driver which caused a series of blue-screens and reboots. I wiped the drive.
storm5510 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Flash Player Help / Release Notes | Flash Player® 21 AIR® 21
https://helpx.adobe.com/flash-player/release-note/fp_21_air_21_release_notes.html
JMH3143 Computer Security News 0 03-23-2016 05:04 PM
Adobe Flash Player fails to load video on some sites
Been having issues with Flash player for months now. The weird thing is that most videos on most sites still work, but some sites will display the "movie not loaded" upon right click, with the solid white box at where the video player is. - This happens on ALL browsers. Chrome, IE, Firefox. All...
Windbrand Windows 8, 8.1 Support 1 11-14-2015 07:27 PM
Adobe Flash Player 19.0.0.185 Now Available for Download
Adobe Flash Player 19.0.0.185 Now Available for Download - Softpedia
JMH3143 Computer Security News 0 09-22-2015 12:18 AM
Problems with flash player in steam with window 8
Hey guys , recently installed steam , but to view videos, pictures etc. of a particular game, it requires flash player to be installed so I go to this link Adobe - Install a different version of Adobe Flash Player There is n option for windows 8 OS flash player installation , and I found out...
Reece12sky Windows 8, 8.1 Support 1 04-27-2013 01:35 AM
Adobe admits Google engineer responsible for Flash Player bug patches
Adobe last week acknowledged that as many as 80 bugs in Flash Player were reported by a Google security engineer, as it continued to defend its decision not to spell out details of the vulnerabilities. Google also cited the same number, apparently putting to rest the spat between the engineer,...
Glaswegian Computer Security News 0 08-16-2011 02:11 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 12:26 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts