Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Outlook Software may be infected

This is a discussion on Outlook Software may be infected within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. I have been working with Corday - your office forum - dealing with red x in attachments that will not


Closed Thread
 
Thread Tools Search this Thread
Old 03-17-2017, 09:50 AM   #1
Registered Member
 
Join Date: Aug 2006
Posts: 322
OS: win 10



I have been working with Corday - your office forum - dealing with red x in attachments that will not open but will open in my hot mail acct. One of my emails to him contained a 5 min video out of the blue. I have been receiving 35-40 junk mails in the last 8m and it is increasing. I have run a variety of virus/spam local/on-line software but nothing has been effective.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.953
Run by admin at 11:56:16 on 2017-03-17
Microsoft Windows 10 Pro 10.0.14393.0.1252.1.1033.18.3984.2392 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
C:\Windows\system32\IProsetMonitor.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files\Macrium\Reflect\ReflectService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\system32\svchost.exe -k SDRSVC
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Bill\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
C:\Users\Bill\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\WinZip\FAHWindow64.exe
C:\Program Files\WinZip\WzPreloader.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: IEExtension.VDownloaderBHO: {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [OneDrive] "C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\Users\admin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ERUNTA~1.LNK - C:\Program Files (x86)\ERUNT\AUTOBACK.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\UPDATE~1.LNK - C:\Program Files\WinZip\WZUpdateNotifier.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\WINZIP~1.LNK - C:\Program Files\WinZip\WzPreloader.exe
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {CAFEEFAC-0016-0000-FFFF-ABCDEFFEDCBA} - hxxp://javadl-esd.oracle.com/update/1.6.0/jinstall-6u21-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{73ddf6c9-5d23-4850-8c87-f6d583c1f0b1} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = Google
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [IntelliType Pro] "C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"
x64-Run: [IntelliPoint] "C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-RunOnce: [DCERegBootClean64] C:\WINDOWS\RegBootClean64.exe
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\hsw0zzkn.default-1398603889828\
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrlui.dll
FF - plugin: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-8 48992]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2012-7-7 53488]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-9-24 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-28 227328]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2011-8-11 173472]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-9-22 83768]
R2 CDPUserSvc_1d344d3;CDPUserSvc_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-9-28 25800]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2011-12-22 165032]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [2011-2-24 212944]
R2 OneSyncSvc_1d344d3;Sync Host_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-12-22 1128952]
R2 ReflectService.exe;Macrium Reflect Image Mounting Service;C:\Program Files\Macrium\Reflect\ReflectService.exe [2016-8-11 3764472]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-22 2656280]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-9-29 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WinisoCDBus;WinISO Virtual CD Drive;C:\WINDOWS\System32\drivers\WinisoCDBus.sys [2016-5-2 204032]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2011-12-22 317440]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 PimIndexMaintenanceSvc_1d344d3;Contact Data_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 UnistoreSvc_1d344d3;User Data Storage_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_1d344d3;User Data Access_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2016-7-16 24576]
S2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S2 XobniService;XobniService;C:\Program Files (x86)\Xobni\XobniService.exe [2011-5-2 62184]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 ampa;ampa;C:\WINDOWS\System32\ampa.sys [2017-2-16 19568]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2016-9-29 127328]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2016-7-16 157024]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2016-7-16 141152]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-28 118272]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 cleanhlp;cleanhlp;C:\EEK\Run\cleanhlp64.sys [2014-7-24 57024]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-1-16 1039376]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 gfiark;gfiark;C:\WINDOWS\System32\drivers\gfiark.sys [2014-7-24 41032]
S3 gfiutil;gfiutil;C:\WINDOWS\System32\drivers\gfiutil.sys [2014-7-24 31264]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IFCoEMP;IFCoEMP;C:\WINDOWS\System32\drivers\ifM52x64.sys [2011-12-22 339728]
S3 IFCoEVB;IFCoEVB;C:\WINDOWS\System32\drivers\ifP52x64.sys [2011-12-22 65808]
S3 Impcd;Impcd;C:\WINDOWS\System32\drivers\Impcd.sys [2011-12-22 158976]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-11 64352]
S3 MessagingService_1d344d3;MessagingService_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2016-7-16 179040]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 pmxdrv;pmxdrv;C:\WINDOWS\System32\drivers\pmxdrv.sys [2011-12-22 31152]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 semav6msr64;semav6msr64;C:\WINDOWS\System32\drivers\semav6msr64.sys [2016-10-22 21984]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-9-29 2889896]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-14 1312768]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-9-29 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2016-7-16 44496]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-3-14 719872]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_1d344d3;Windows Push Notifications User Service_1d344d3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-3-14 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-9-24 43520]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2017-1-11 822624]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2016-7-16 1227264]
.
=============== Created Last 30 ================
.
2017-03-17 14:48:20 -------- d-----w- C:\Users\admin\AppData\Local\WinZip
2017-03-17 14:47:21 -------- d-----w- C:\ProgramData\UniqueId
2017-03-16 21:04:04 12654400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2917799C-2B70-4B5C-B0BB-65266C62F8EE}\mpengine.dll
2017-03-16 14:02:52 12654400 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-03-15 15:10:38 321480 ----a-w- C:\Program Files (x86)\Mozilla Firefox\tobedeleted\rep51E0.tmp
2017-03-14 22:03:34 6667528 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2017-03-14 22:02:59 968704 ----a-w- C:\WINDOWS\SysWow64\Unistore.dll
2017-03-14 22:01:59 4746752 ----a-w- C:\WINDOWS\System32\jscript9.dll
2017-03-14 22:00:59 947712 ----a-w- C:\WINDOWS\System32\SystemSettings.Handlers.dll
2017-03-11 14:25:03 399360 ----a-w- C:\WINDOWS\RegBootClean64.exe
2017-03-11 14:02:55 -------- d-----w- C:\WINDOWS\Trend Micro
2017-03-11 14:00:20 332512 ----a-w- C:\WINDOWS\System32\drivers\tmcomm.sys
2017-03-11 13:48:44 -------- d-----w- C:\Program Files\WinPcap
2017-03-11 13:48:39 -------- d-----w- C:\Program Files (x86)\Trend Micro
2017-03-11 13:48:06 -------- d-----w- C:\ProgramData\Trend Micro
2017-03-10 23:35:43 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{29BBE9CC-DE0E-4809-B006-B30CC7314F94}\gapaengine.dll
2017-03-09 18:58:15 -------- d-----w- C:\Program Files\iPod
2017-03-09 18:58:14 -------- d---a-w- C:\Program Files\iTunes
2017-03-09 06:17:08 12935296 ----a-w- C:\WINDOWS\System32\igdumd64.dll
2017-03-09 06:17:08 11330576 ----a-w- C:\WINDOWS\SysWow64\igdumd32.dll
2017-03-09 06:17:06 975184 ----a-w- C:\WINDOWS\SysWow64\igfxcmrt32.dll
2017-03-09 06:17:06 558728 ----a-w- C:\WINDOWS\System32\iglhsip64.dll
2017-03-09 06:17:06 553424 ----a-w- C:\WINDOWS\SysWow64\iglhsip32.dll
2017-03-09 06:17:06 51184 ----a-w- C:\WINDOWS\System32\igfxexps.dll
2017-03-09 06:17:06 242800 ----a-w- C:\WINDOWS\System32\iglhcp64.dll
2017-03-09 06:17:06 206000 ----a-w- C:\WINDOWS\SysWow64\iglhcp32.dll
2017-03-09 06:17:06 1086408 ----a-w- C:\WINDOWS\System32\igfxcmrt64.dll
2017-03-05 17:16:22 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services
2017-03-05 17:16:02 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2017-03-05 17:13:24 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2017-02-16 22:20:12 1024 ---h--w- C:\AMTAG.BIN
2017-02-16 22:19:57 19568 ----a-w- C:\WINDOWS\SysWow64\ampa.sys
2017-02-16 22:19:57 19568 ----a-w- C:\WINDOWS\System32\ampa.sys
2017-02-16 22:19:56 1920624 ----a-w- C:\WINDOWS\ampa.exe
2017-02-16 22:19:53 -------- d---a-w- C:\Program Files (x86)\AOMEI Partition Assistant Standard Edition 6.0
.
==================== Find3M ====================
.
2017-03-10 05:17:56 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-03-10 05:17:56 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-03-09 06:17:08 13182528 ----a-w- C:\WINDOWS\System32\igd10umd64.dll
2017-03-09 06:17:08 11460448 ----a-w- C:\WINDOWS\SysWow64\igd10umd32.dll
2017-03-04 07:57:44 192352 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2017-03-04 07:57:43 315744 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2017-03-04 07:57:40 484584 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2017-03-04 07:44:57 1470816 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2017-03-04 07:40:53 965472 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2017-03-04 07:35:25 142176 ----a-w- C:\WINDOWS\System32\acmigration.dll
2017-03-04 07:35:25 1294688 ----a-w- C:\WINDOWS\System32\aeinv.dll
2017-03-04 07:35:22 86368 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2017-03-04 07:35:22 655200 ----a-w- C:\WINDOWS\System32\generaltel.dll
2017-03-04 07:35:22 565088 ----a-w- C:\WINDOWS\System32\devinv.dll
2017-03-04 07:35:22 343904 ----a-w- C:\WINDOWS\System32\invagent.dll
2017-03-04 07:35:22 1617760 ----a-w- C:\WINDOWS\System32\appraiser.dll
2017-03-04 07:35:21 378720 ----a-w- C:\WINDOWS\System32\atmfd.dll
2017-03-04 07:35:21 242528 ----a-w- C:\WINDOWS\System32\aepic.dll
2017-03-04 07:35:15 590952 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2017-03-04 07:35:09 38240 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2017-03-04 07:35:09 315232 ----a-w- C:\WINDOWS\System32\dcntel.dll
2017-03-04 07:27:29 2170720 ----a-w- C:\WINDOWS\System32\AppVEntSubsystems64.dll
2017-03-04 07:27:09 603488 ----a-w- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2017-03-04 07:26:53 794416 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2017-03-04 07:25:44 1117024 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2017-03-04 07:24:33 90976 ----a-w- C:\WINDOWS\System32\drivers\IPMIDrv.sys
2017-03-04 07:24:33 354264 ----a-w- C:\WINDOWS\System32\systemreset.exe
2017-03-04 07:24:27 108384 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2017-03-04 07:24:23 894096 ----a-w- C:\WINDOWS\System32\winresume.exe
2017-03-04 07:24:20 1051112 ----a-w- C:\WINDOWS\System32\winresume.efi
2017-03-04 07:24:05 2186896 ----a-w- C:\WINDOWS\System32\hevcdecoder.dll
2017-03-04 07:24:04 2482280 ----a-w- C:\WINDOWS\System32\msmpeg2vdec.dll
2017-03-04 07:23:13 2512304 ----a-w- C:\WINDOWS\System32\WMVDECOD.DLL
2017-03-04 07:22:41 2213760 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-03-04 07:22:22 1354312 ----a-w- C:\WINDOWS\System32\winload.efi
2017-03-04 07:22:22 1172984 ----a-w- C:\WINDOWS\System32\winload.exe
2017-03-04 07:22:21 7786336 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-03-04 07:21:04 2255712 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2017-03-04 07:20:52 379744 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys
2017-03-04 07:20:50 128352 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys
2017-03-04 07:19:11 2681200 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2017-03-04 07:19:02 2049480 ----a-w- C:\WINDOWS\System32\wmpmde.dll
2017-03-04 07:18:48 764392 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2017-03-04 07:18:47 1181024 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2017-03-04 07:18:27 118624 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2017-03-04 07:17:22 409952 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS
2017-03-04 07:15:25 63328 ----a-w- C:\WINDOWS\System32\drivers\dam.sys
2017-03-04 07:15:14 404320 ----a-w- C:\WINDOWS\System32\WinSetupUI.dll
2017-03-04 07:15:08 1000280 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2017-03-04 07:13:27 635456 ----a-w- C:\WINDOWS\System32\ci.dll
2017-03-04 07:11:48 328008 ----a-w- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll
2017-03-04 07:11:41 266544 ----a-w- C:\WINDOWS\System32\policymanager.dll
2017-03-04 07:10:08 360040 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2017-03-04 07:10:08 2828384 ----a-w- C:\WINDOWS\System32\d3d11.dll
2017-03-04 07:10:01 2189664 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-03-04 07:08:59 130912 ----a-w- C:\WINDOWS\System32\drivers\storahci.sys
2017-03-04 07:08:20 342456 ----a-w- C:\WINDOWS\System32\wintrust.dll
2017-03-04 07:08:18 624048 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2017-03-04 07:08:17 509280 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2017-03-04 07:08:07 450400 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2017-03-04 07:08:02 223584 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2017-03-04 0736 1706488 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2017-03-04 07:04:33 2048496 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2017-03-04 07:04:24 1362512 ----a-w- C:\WINDOWS\SysWow64\wmpmde.dll
2017-03-04 07:04:19 8169536 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-03-04 07:04:03 1063472 ----a-w- C:\WINDOWS\System32\mfds.dll
2017-03-04 07:01:57 137936 ----a-w- C:\WINDOWS\System32\AuthHost.exe
2017-03-04 07:01:53 128648 ----a-w- C:\WINDOWS\System32\gpapi.dll
2017-03-04 07:01:52 201568 ----a-w- C:\WINDOWS\System32\basecsp.dll
2017-03-04 06:59:01 1570208 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2017-03-04 06:58:58 628552 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2017-03-04 06:58:58 322912 ----a-w- C:\WINDOWS\System32\input.dll
2017-03-04 06:58:49 1416224 ----a-w- C:\WINDOWS\System32\msctf.dll
2017-03-04 06:57:36 2536288 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2017-03-04 06:57:26 372432 ----a-w- C:\WINDOWS\System32\Windows.Media.MediaControl.dll
2017-03-04 06:57:17 387872 ----a-w- C:\WINDOWS\System32\wmpps.dll
2017-03-04 06:56:04 263472 ----a-w- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll
2017-03-04 06:56:03 248992 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2017-03-04 06:54:12 2277288 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2017-03-04 06:54:03 524776 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2017-03-04 06:53:38 1431232 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2017-03-04 06:53:33 136032 ----a-w- C:\WINDOWS\SysWow64\CloudExperienceHostUser.dll
2017-03-04 06:53:19 781152 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-03-04 06:53:19 5722320 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2017-03-04 06:53:11 493912 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2017-03-04 06:53:08 975744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2017-03-04 06:53:07 313568 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2017-03-04 06:53:03 861024 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2017-03-04 06:52:59 549088 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2017-03-04 06:52:02 272720 ----a-w- C:\WINDOWS\SysWow64\wintrust.dll
2017-03-04 06:51:38 576408 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2017-03-04 06:51:37 1980768 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2017-03-04 06:50:44 846560 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2017-03-04 06:46:40 4312248 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2017-03-04 06:46:40 321792 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2017-03-04 06:45:15 173408 ----a-w- C:\WINDOWS\SysWow64\basecsp.dll
2017-03-04 06:45:07 112120 ----a-w- C:\WINDOWS\SysWow64\gpapi.dll
2017-03-04 06:42:57 7216640 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-03-04 06:42:41 276832 ----a-w- C:\WINDOWS\SysWow64\input.dll
2017-03-04 06:42:39 1415240 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
.
============= FINISH: 11:56:34.47 ===============
joslin is offline  
Sponsored Links
Advertisement
 
Old 04-02-2017, 06:41 AM   #2
Registered Member
 
Join Date: Aug 2006
Posts: 322
OS: win 10



Cleaned off disk and reinstalled win 10 with new office 2010
joslin is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Hotmail Account is sending spam
Hi, Last night it seems that my hotmail account has been spamming all my contacts. I have avast and Malwarebytes and have run this today with no viruses detected. I have read on some of the forums regarding this issues that either there could be a key logger or perhaps my account details...
nathanjrussell General Computer Security 13 10-15-2011 06:58 PM
Regedit.exe infected and slowed down pc work
Hello. I need solution for my girl laptop and thanks very much for help at start. It's started from that laptop start working slow next I do combofix - it's say that regedit.exe is infected. That problem was ignored for about month and yesterday she was surf on the internet and avast show that...
9pieces Inactive Malware Help Topics 2 04-04-2011 06:13 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:23 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts