I just got the computer back from upgrade to win 10 from win 7 but same problems as in the past and have been working in the win 10 forum:
http://www.techsupportforum.com/foru...ml#post6884602
They found a program iSunshare that wasn't loaded. Then this morning went to check if the admin account had the correct name when set up using Magic Jelly Bean and there was no uncheck box for extra software but have this popup of PC Machanic that won't go away and is a problem.
So, is the iSunshare malware and can be taken off and obviously this PC Machanic is malware and needs to go.
Thank you.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by 93 at 6:24:26 on 2016-02-02
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.7105.5318 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\fontdrvhost.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\splwow64.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.pugetsystems.com/welcome.php?oid=117561
uLocal Page = %11%\blank.htm
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [OneDrive] "C:\Users\93\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [f.lux] "C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{dbb5ab4c-4765-46c1-8ced-39aa33d4c16e} : DHCPNameServer = 192.168.0.1 205.171.2.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-10-29 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-29 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2015-10-29 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-10-29 218624]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-10-29 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-29 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2016-1-20 936728]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-29 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc [2015-10-29 43944]
R2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-7-18 373160]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
R2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-10-29 43944]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-10-29 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-1-20 25816]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-10-29 20480]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2015-10-22 192648]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-10-29 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-29 364464]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-20 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-10-29 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-10-29 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2015-10-29 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-10-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-29 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2015-10-29 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2016-1-20 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-29 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-10-29 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-29 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2015-10-29 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-29 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-10-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-10-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-10-29 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-10-29 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-10-29 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-10-28 474376]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-10-29 46432]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-10-29 26624]
S3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-29 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-29 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-1-20 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-29 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-10-29 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-10-29 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-10-29 58720]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2015-10-29 930656]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2015-10-29 1297408]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-10-29 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-10-29 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2015-10-29 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-10-29 34144]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2015-10-29 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-10-29 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-29 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-10-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-10-29 28512]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-10-29 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-29 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-10-29 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-10-29 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-10-29 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-10-29 27488]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-10-29 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2015-10-29 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-10-29 43944]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-10-29 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-10-29 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-10-29 43944]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\drivers\WSDScan.sys [2015-10-29 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-10-29 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2015-10-29 26112]
S4 CDPSvc;Connected Device Platform Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-02-02 13:57:07 -------- d-----w- C:\Users\93\AppData\Roaming\Uniblue
2016-02-02 13:57:07 -------- d-----w- C:\Program Files (x86)\Uniblue
2016-02-02 13:55:17 -------- d-----w- C:\Users\93\AppData\Roaming\OpenCandy
2016-02-02 13:55:17 -------- d-----w- C:\Program Files (x86)\Magical Jelly Bean
2016-02-01 16:46:46 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8FB18EE4-DF5D-48B5-AE2F-3D118B8E7121}\mpengine.dll
2016-01-31 14:18:57 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-01-31 10:07:43 -------- d-----w- C:\Program Files\CPUID
2016-01-30 17:25:01 901288 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc55.dll
2016-01-30 17:25:01 59560 ----a-w- C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
2016-01-30 17:25:01 1287848 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin55.dll
2016-01-30 17:25:01 10592424 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt55.dll
2016-01-29 13:19:01 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C024F49-6514-4627-8DC1-D8AC8241D782}\gapaengine.dll
2016-01-28 15:00:44 200 ----a-w- C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 15:00:44 -------- d-----w- C:\Intel
2016-01-27 22:41:11 -------- d-----r- C:\Sandbox
2016-01-27 21:56:24 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu
2016-01-27 21:55:59 -------- d-----w- C:\ProgramData\CanonIJPLM
2016-01-27 21:55:33 336896 ----a-w- C:\Windows\SysWow64\CNC_C9L.dll
2016-01-27 21:55:33 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2016-01-27 21:54:03 -------- d-----w- C:\ProgramData\CanonIJWSpt
2016-01-27 21:52:23 -------- d-----w- C:\Program Files\Canon
2016-01-27 21:29:11 369664 ----a-w- C:\Windows\System32\CNC_C9L.dll
2016-01-27 21:29:11 316928 ----a-w- C:\Windows\System32\CNC_C9C.dll
2016-01-27 21:29:11 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
2016-01-27 21:29:11 105984 ----a-w- C:\Windows\System32\CNC_C9I.dll
2016-01-27 21:28:00 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDC9.DLL
2016-01-27 21:28:00 102912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPC9.DLL
2016-01-27 21:27:57 406016 ----a-w- C:\Windows\System32\CNMLMC9.DLL
2016-01-27 21:24:49 -------- d-----w- C:\Program Files (x86)\Canon
2016-01-27 20:36:24 -------- d-----w- C:\Program Files (x86)\ESET
2016-01-27 20:30:55 -------- d-----w- C:\Program Files\Sandboxie
2016-01-27 20:23:16 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-01-27 20:19:39 -------- d-----w- C:\Users\93\AppData\Local\FluxSoftware
2016-01-27 20:18:26 -------- d-----w- C:\ProgramData\Licenses
2016-01-27 20:18:25 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2016-01-27 20:18:23 -------- d---a-w- C:\Program Files (x86)\SpywareBlaster
2016-01-27 20:04:44 -------- d-----w- C:\Users\93\AppData\Local\Adobe
2016-01-27 20:00:59 884736 ----a-w- C:\Windows\System32\rasdlg.dll
2016-01-27 19:49:22 -------- d-----w- C:\Windows\PCHEALTH
2016-01-27 19:46:28 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2016-01-27 19:46:07 -------- d-----w- C:\Users\93\AppData\Local\Microsoft Help
2016-01-26 16:26:48 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-25 23:11:37 -------- d-----w- C:\Windows\System32\DAX2
2016-01-25 23:11:32 -------- d-----w- C:\Windows\SysWow64\RTCOM
2016-01-25 23:11:32 -------- d-----w- C:\Program Files\Realtek
2016-01-25 22:57:36 -------- d-----w- C:\Users\93\Intel
2016-01-25 22:32:58 -------- d--h--w- C:\Program Files (x86)\Temp
2016-01-25 22:32:08 -------- d-----w- C:\Users\93\AppData\Local\Macromedia
2016-01-23 01:37:28 -------- d-----w- C:\Users\93\AppData\Roaming\MAXON
2016-01-23 00:46:27 -------- d-----w- C:\Users\93\AppData\Local\.magick
2016-01-23 00:36:55 -------- d-----w- C:\Users\93\AppData\Local\IsolatedStorage
2016-01-21 20:42:18 -------- d-----w- C:\Windows\System32\SleepStudy
2016-01-20 22:32:48 -------- d-----w- C:\Windows\System32\MRT
2016-01-20 21:12:47 778936 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2016-01-20 21:12:47 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2016-01-20 21:12:47 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-01-20 21:12:46 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2016-01-20 21:12:46 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-01-20 21:12:46 1166520 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2016-01-20 21:08:48 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-01-20 21:08:36 301728 ------w- C:\Windows\System32\MpSigStub.exe
2016-01-20 20:56:59 83736 ----a-w- C:\Windows\System32\xinput1_2.dll
2016-01-20 20:52:30 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2016-01-20 20:49:32 -------- d-----w- C:\ProgramData\Package Cache
2016-01-20 20:37:46 -------- d---a-w- C:\Program Files\iTunes
2016-01-20 20:37:46 -------- d-----w- C:\Program Files\iPod
2016-01-20 20:37:46 -------- d-----w- C:\Program Files (x86)\iTunes
2016-01-20 20:37:41 -------- d-----w- C:\Users\93\AppData\Local\Apple
2016-01-20 20:37:38 -------- d---a-w- C:\Program Files\Bonjour
2016-01-20 20:37:38 -------- d---a-w- C:\Program Files (x86)\Bonjour
2016-01-20 20:37:08 -------- d-----w- C:\Users\93\AppData\Local\Google
2016-01-20 20:36:23 -------- d-----w- C:\Users\93\AppData\Local\Programs
2016-01-20 20:36:10 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-20 20:35:55 -------- d---a-w- C:\Program Files\CCleaner
2016-01-20 20:33:11 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2016-01-20 20:32:50 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2016-01-20 20:29:19 -------- d-----w- C:\Users\93\AppData\Local\MicrosoftEdge
2016-01-20 20:18:36 189952 ----a-w- C:\Windows\System32\igfxCoIn_v4300.dll
2016-01-20 20:18:35 5028408 ----a-w- C:\Windows\SysWow64\igdusc32.dll
2016-01-20 20:18:35 34083104 ----a-w- C:\Windows\SysWow64\igdumdim32.dll
2016-01-20 20:18:33 11441600 ----a-w- C:\Windows\SysWow64\igd10iumd32.dll
2016-01-20 19:05:40 -------- d-----w- C:\Users\93\AppData\Local\Comms
2016-01-20 18:49:37 -------- d-----r- C:\Users\93\OneDrive
2016-01-20 18:49:19 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2016-01-20 18:49:15 -------- d-----w- C:\Users\93\AppData\Local\ActiveSync
2016-01-20 18:07:57 99848 ----a-w- C:\Windows\System32\OpenCL.DLL
2016-01-20 18:07:57 103944 ----a-w- C:\Windows\SysWow64\OpenCL.DLL
2016-01-20 18:07:15 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-01-20 18:05:56 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2016-01-20 18:05:56 15232 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2016-01-20 18:05:56 -------- d-----w- C:\Program Files (x86)\ASUS
2016-01-20 18:05:55 -------- d-----w- C:\Program Files\ASUS
2016-01-20 01:49:30 -------- d-----w- C:\Windows\System32\wbem\Performance
2016-01-20 01:46:53 -------- d-----w- C:\ProgramData\USOShared
2016-01-20 01:46:31 2718208 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF\good
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF\bad
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF
2016-01-20 01:45:15 -------- d-sh--we C:\ProgramData\Documents
2016-01-20 01:45:14 -------- d-sh--we C:\Documents and Settings
2016-01-20 01:45:10 -------- d-sh--w- C:\Recovery
2016-01-20 01:43:00 -------- d-s---w- C:\Windows\System32\Microsoft
2016-01-20 01:42:23 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2016-02-01 15:53:19 136192 ----a-w- C:\Windows\System32\telnet.exe
2016-01-20 20:31:04 99288 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys
2016-01-20 20:31:04 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2016-01-16 06:37:05 202472 ----a-w- C:\Windows\System32\wscapi.dll
2016-01-16 06:36:40 713568 ----a-w- C:\Windows\System32\invagent.dll
2016-01-16 06:36:31 1173344 ----a-w- C:\Windows\System32\aeinv.dll
2016-01-16 06:34:51 513888 ----a-w- C:\Windows\System32\devinv.dll
2016-01-16 06:24:34 538632 ----a-w- C:\Windows\System32\WWanAPI.dll
2016-01-16 06:23:47 8728920 ----a-w- C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2016-01-16 06:23:44 369912 ----a-w- C:\Windows\System32\audiodg.exe
2016-01-16 06:23:37 536256 ----a-w- C:\Windows\System32\AudioSes.dll
2016-01-16 06:23:36 848160 ----a-w- C:\Windows\System32\mfsvr.dll
2016-01-16 06:23:35 785088 ----a-w- C:\Windows\System32\evr.dll
2016-01-16 06:23:33 408120 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2016-01-16 06:21:33 1750440 ----a-w- C:\Windows\System32\WpcMon.exe
2016-01-16 06:20:58 6600904 ----a-w- C:\Windows\System32\windows.storage.dll
2016-01-16 06:20:56 431240 ----a-w- C:\Windows\SysWow64\WWanAPI.dll
2016-01-16 06:20:12 6971752 ----a-w- C:\Windows\SysWow64\Windows.Media.Protection.PlayReady.dll
2016-01-16 06:20:01 652312 ----a-w- C:\Windows\SysWow64\evr.dll
2016-01-16 06:20:00 366224 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2016-01-16 06:19:59 709688 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2016-01-16 06:19:58 405568 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2016-01-16 06:16:49 5238360 ----a-w- C:\Windows\SysWow64\windows.storage.dll
2016-01-16 06:13:32 1998168 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-01-16 06:13:24 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys
2016-01-16 06:12:49 1415200 ----a-w- C:\Windows\System32\msctf.dll
2016-01-16 06:09:25 1089880 ----a-w- C:\Windows\System32\drivers\http.sys
2016-01-16 06:08:56 440152 ----a-w- C:\Windows\System32\services.exe
2016-01-16 06:08:06 1174008 ----a-w- C:\Windows\SysWow64\msctf.dll
2016-01-16 05:46:08 67072 ----a-w- C:\Windows\System32\drivers\usbser.sys
2016-01-16 05:45:13 16986112 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2016-01-16 05:44:38 13824 ----a-w- C:\Windows\System32\rastlsext.dll
2016-01-16 05:44:28 22394368 ----a-w- C:\Windows\System32\edgehtml.dll
2016-01-16 05:44:25 166400 ----a-w- C:\Windows\System32\MusNotification.exe
2016-01-16 05:43:19 97280 ----a-w- C:\Windows\System32\winhttpcom.dll
2016-01-16 05:42:37 13824 ----a-w- C:\Windows\System32\sscoreext.dll
2016-01-16 05:42:18 120320 ----a-w- C:\Windows\System32\MapsBtSvc.dll
2016-01-16 05:41:11 55296 ----a-w- C:\Windows\System32\MusNotificationUx.exe
2016-01-16 05:40:46 49152 ----a-w- C:\Windows\System32\pcaui.exe
2016-01-16 05:40:12 106496 ----a-w- C:\Windows\System32\rasauto.dll
2016-01-16 05:40:11 19456 ----a-w- C:\Windows\System32\rasautou.exe
2016-01-16 05:40:05 11545088 ----a-w- C:\Windows\System32\twinui.dll
2016-01-16 05:39:18 149504 ----a-w- C:\Windows\System32\FilterDS.dll
2016-01-16 05:38:42 406528 ----a-w- C:\Windows\System32\MusUpdateHandlers.dll
2016-01-16 05:38:26 7979008 ----a-w- C:\Windows\System32\mos.dll
2016-01-16 05:38:22 193024 ----a-w- C:\Windows\System32\SimCfg.dll
2016-01-16 05:38:18 130560 ----a-w- C:\Windows\System32\winbio.dll
2016-01-16 05:37:47 73728 ----a-w- C:\Windows\System32\SMSRouter.dll
2016-01-16 05:37:43 190464 ----a-w- C:\Windows\System32\wscsvc.dll
2016-01-16 05:37:00 617984 ----a-w- C:\Windows\System32\StorSvc.dll
2016-01-16 05:37:00 274944 ----a-w- C:\Windows\System32\DisplayManager.dll
2016-01-16 05:36:57 475648 ----a-w- C:\Windows\System32\DDDS.dll
2016-01-16 05:36:46 160768 ----a-w- C:\Windows\System32\SimAuth.dll
2016-01-16 05:36:17 638464 ----a-w- C:\Windows\System32\enterprisecsps.dll
2016-01-16 05:36:06 11776 ----a-w- C:\Windows\SysWow64\rastlsext.dll
2016-01-16 05:35:03 13018624 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2016-01-16 05:34:59 590848 ----a-w- C:\Windows\System32\SmsRouterSvc.dll
2016-01-16 05:34:55 79360 ----a-w- C:\Windows\SysWow64\winhttpcom.dll
2016-01-16 05:34:38 477696 ----a-w- C:\Windows\System32\srcore.dll
2016-01-16 05:34:33 275456 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll
2016-01-16 05:34:25 610816 ----a-w- C:\Windows\System32\rastls.dll
2016-01-16 05:33:53 87040 ----a-w- C:\Windows\SysWow64\MapsBtSvc.dll
2016-01-16 05:33:08 726528 ----a-w- C:\Windows\System32\wlidcli.dll
2016-01-16 05:33:08 574976 ----a-w- C:\Windows\System32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-16 05:32:30 41984 ----a-w- C:\Windows\SysWow64\pcaui.exe
2016-01-16 05:32:13 621568 ----a-w- C:\Windows\System32\wbiosrvc.dll
2016-01-16 05:31:58 343552 ----a-w- C:\Windows\System32\SensorsApi.dll
2016-01-16 05:31:54 17408 ----a-w- C:\Windows\SysWow64\rasautou.exe
2016-01-16 05:31:36 851456 ----a-w- C:\Windows\System32\MapsStore.dll
2016-01-16 05:31:30 794112 ----a-w- C:\Windows\System32\winhttp.dll
2016-01-16 05:31:28 440320 ----a-w- C:\Windows\System32\CredProvDataModel.dll
2016-01-16 05:30:35 2127360 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-01-16 05:30:19 157696 ----a-w- C:\Windows\SysWow64\SimCfg.dll
2016-01-16 05:30:18 93696 ----a-w- C:\Windows\SysWow64\winbio.dll
2016-01-16 05:30:06 1053696 ----a-w- C:\Windows\System32\audiosrv.dll
2016-01-16 05:29:56 1500672 ----a-w- C:\Windows\System32\RecoveryDrive.exe
2016-01-16 05:29:06 200704 ----a-w- C:\Windows\SysWow64\DisplayManager.dll
2016-01-16 05:28:52 129024 ----a-w- C:\Windows\SysWow64\SimAuth.dll
2016-01-16 05:28:03 2624512 ----a-w- C:\Windows\System32\InputService.dll
2016-01-16 05:28:02 9918976 ----a-w- C:\Windows\SysWow64\twinui.dll
2016-01-16 05:28:02 1318912 ----a-w- C:\Windows\System32\wifinetworkmanager.dll
2016-01-16 05:26:52 535040 ----a-w- C:\Windows\SysWow64\rastls.dll
2016-01-16 05:26:14 345600 ----a-w- C:\Windows\System32\TextInputFramework.dll
2016-01-16 05:26:11 260608 ----a-w- C:\Windows\System32\MTFServer.dll
2016-01-16 05:26:09 175616 ----a-w- C:\Windows\System32\Windows.UI.Core.TextInput.dll
2016-01-16 05:25:59 235008 ----a-w- C:\Windows\System32\MTF.dll
2016-01-16 05:25:39 510976 ----a-w- C:\Windows\SysWow64\wlidcli.dll
2016-01-16 05:25:21 457728 ----a-w- C:\Windows\System32\ipnathlp.dll
2016-01-16 05:24:56 2057216 ----a-w- C:\Windows\System32\wlidsvc.dll
2016-01-16 05:24:44 273408 ----a-w- C:\Windows\SysWow64\SensorsApi.dll
2016-01-16 05:24:29 18678272 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2016-01-16 05:24:13 613888 ----a-w- C:\Windows\SysWow64\winhttp.dll
2016-01-16 05:24:13 350720 ----a-w- C:\Windows\SysWow64\CredProvDataModel.dll
2016-01-16 05:23:07 2050048 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-01-16 05:21:51 6297088 ----a-w- C:\Windows\SysWow64\mos.dll
2016-01-16 05:20:40 1944576 ----a-w- C:\Windows\SysWow64\InputService.dll
2016-01-16 05:20:38 2597888 ----a-w- C:\Windows\System32\NetworkMobileSettings.dll
2016-01-16 05:20:22 799744 ----a-w- C:\Windows\SysWow64\rasdlg.dll
2016-01-16 05:20:18 7199232 ----a-w- C:\Windows\System32\BingMaps.dll
2016-01-16 05:19:33 733184 ----a-w- C:\Windows\System32\rasapi32.dll
.
============= FINISH: 6:25:13.37 ===============
http://www.techsupportforum.com/foru...ml#post6884602
They found a program iSunshare that wasn't loaded. Then this morning went to check if the admin account had the correct name when set up using Magic Jelly Bean and there was no uncheck box for extra software but have this popup of PC Machanic that won't go away and is a problem.
So, is the iSunshare malware and can be taken off and obviously this PC Machanic is malware and needs to go.
Thank you.
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by 93 at 6:24:26 on 2016-02-02
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.7105.5318 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\dashost.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Uniblue\PC-Mechanic\pc-mechanic.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\fontdrvhost.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Windows\splwow64.exe
C:\Windows\system32\PrintIsolationHost.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.pugetsystems.com/welcome.php?oid=117561
uLocal Page = %11%\blank.htm
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [OneDrive] "C:\Users\93\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [f.lux] "C:\Users\93\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.0.1 205.171.2.25
TCP: Interfaces\{dbb5ab4c-4765-46c1-8ced-39aa33d4c16e} : DHCPNameServer = 192.168.0.1 205.171.2.25
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\93\AppData\Roaming\Mozilla\Firefox\Profiles\it167470.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll
.
============= SERVICES / DRIVERS ===============
.
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-10-29 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-29 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2015-10-29 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-10-29 218624]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-10-29 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-29 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2016-1-20 936728]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-29 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc [2015-10-29 43944]
R2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-7-18 373160]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
R2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-10-29 43944]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-10-29 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2016-1-20 25816]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-10-29 20480]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2015-10-22 192648]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-10-29 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-29 364464]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-20 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-7-9 327296]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-10-29 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-10-29 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2015-10-29 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-10-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-29 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2015-10-29 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2016-1-20 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-29 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-10-29 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-29 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2015-10-29 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-29 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-10-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-10-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-10-29 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-10-29 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-10-29 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-10-28 474376]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-10-29 46432]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-10-29 26624]
S3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-29 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-29 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2016-1-20 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-29 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-10-29 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-10-29 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-10-29 58720]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2015-10-29 930656]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2015-10-29 1297408]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-10-29 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-10-29 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2015-10-29 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-10-29 34144]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2015-10-29 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-10-29 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-29 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-10-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-10-29 28512]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-10-29 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-29 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-10-29 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-10-29 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-10-29 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-10-29 27488]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-10-29 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2015-10-29 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-10-29 43944]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-10-29 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-10-29 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-10-29 43944]
S3 WSDScan;WSD Scan Support;C:\Windows\System32\drivers\WSDScan.sys [2015-10-29 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-10-29 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2015-10-29 26112]
S4 CDPSvc;Connected Device Platform Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService [2015-10-29 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-02-02 13:57:07 -------- d-----w- C:\Users\93\AppData\Roaming\Uniblue
2016-02-02 13:57:07 -------- d-----w- C:\Program Files (x86)\Uniblue
2016-02-02 13:55:17 -------- d-----w- C:\Users\93\AppData\Roaming\OpenCandy
2016-02-02 13:55:17 -------- d-----w- C:\Program Files (x86)\Magical Jelly Bean
2016-02-01 16:46:46 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8FB18EE4-DF5D-48B5-AE2F-3D118B8E7121}\mpengine.dll
2016-01-31 14:18:57 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-01-31 10:07:43 -------- d-----w- C:\Program Files\CPUID
2016-01-30 17:25:01 901288 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuuc55.dll
2016-01-30 17:25:01 59560 ----a-w- C:\Program Files (x86)\Mozilla Firefox\lgpllibs.dll
2016-01-30 17:25:01 1287848 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icuin55.dll
2016-01-30 17:25:01 10592424 ----a-w- C:\Program Files (x86)\Mozilla Firefox\icudt55.dll
2016-01-29 13:19:01 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1C024F49-6514-4627-8DC1-D8AC8241D782}\gapaengine.dll
2016-01-28 15:00:44 200 ----a-w- C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-28 15:00:44 -------- d-----w- C:\Intel
2016-01-27 22:41:11 -------- d-----r- C:\Sandbox
2016-01-27 21:56:24 -------- d--h--w- C:\ProgramData\CanonIJQuickMenu
2016-01-27 21:55:59 -------- d-----w- C:\ProgramData\CanonIJPLM
2016-01-27 21:55:33 336896 ----a-w- C:\Windows\SysWow64\CNC_C9L.dll
2016-01-27 21:55:33 15872 ----a-w- C:\Windows\SysWow64\CNHMCA.dll
2016-01-27 21:54:03 -------- d-----w- C:\ProgramData\CanonIJWSpt
2016-01-27 21:52:23 -------- d-----w- C:\Program Files\Canon
2016-01-27 21:29:11 369664 ----a-w- C:\Windows\System32\CNC_C9L.dll
2016-01-27 21:29:11 316928 ----a-w- C:\Windows\System32\CNC_C9C.dll
2016-01-27 21:29:11 17920 ----a-w- C:\Windows\System32\CNHMCA6.dll
2016-01-27 21:29:11 105984 ----a-w- C:\Windows\System32\CNC_C9I.dll
2016-01-27 21:28:00 30208 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPDC9.DLL
2016-01-27 21:28:00 102912 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\CNMPPC9.DLL
2016-01-27 21:27:57 406016 ----a-w- C:\Windows\System32\CNMLMC9.DLL
2016-01-27 21:24:49 -------- d-----w- C:\Program Files (x86)\Canon
2016-01-27 20:36:24 -------- d-----w- C:\Program Files (x86)\ESET
2016-01-27 20:30:55 -------- d-----w- C:\Program Files\Sandboxie
2016-01-27 20:23:16 192216 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2016-01-27 20:19:39 -------- d-----w- C:\Users\93\AppData\Local\FluxSoftware
2016-01-27 20:18:26 -------- d-----w- C:\ProgramData\Licenses
2016-01-27 20:18:25 129872 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL
2016-01-27 20:18:23 -------- d---a-w- C:\Program Files (x86)\SpywareBlaster
2016-01-27 20:04:44 -------- d-----w- C:\Users\93\AppData\Local\Adobe
2016-01-27 20:00:59 884736 ----a-w- C:\Windows\System32\rasdlg.dll
2016-01-27 19:49:22 -------- d-----w- C:\Windows\PCHEALTH
2016-01-27 19:46:28 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services
2016-01-27 19:46:07 -------- d-----w- C:\Users\93\AppData\Local\Microsoft Help
2016-01-26 16:26:48 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-25 23:11:37 -------- d-----w- C:\Windows\System32\DAX2
2016-01-25 23:11:32 -------- d-----w- C:\Windows\SysWow64\RTCOM
2016-01-25 23:11:32 -------- d-----w- C:\Program Files\Realtek
2016-01-25 22:57:36 -------- d-----w- C:\Users\93\Intel
2016-01-25 22:32:58 -------- d--h--w- C:\Program Files (x86)\Temp
2016-01-25 22:32:08 -------- d-----w- C:\Users\93\AppData\Local\Macromedia
2016-01-23 01:37:28 -------- d-----w- C:\Users\93\AppData\Roaming\MAXON
2016-01-23 00:46:27 -------- d-----w- C:\Users\93\AppData\Local\.magick
2016-01-23 00:36:55 -------- d-----w- C:\Users\93\AppData\Local\IsolatedStorage
2016-01-21 20:42:18 -------- d-----w- C:\Windows\System32\SleepStudy
2016-01-20 22:32:48 -------- d-----w- C:\Windows\System32\MRT
2016-01-20 21:12:47 778936 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2016-01-20 21:12:47 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2016-01-20 21:12:47 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2016-01-20 21:12:46 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2016-01-20 21:12:46 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2016-01-20 21:12:46 1166520 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2016-01-20 21:08:48 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2016-01-20 21:08:36 301728 ------w- C:\Windows\System32\MpSigStub.exe
2016-01-20 20:56:59 83736 ----a-w- C:\Windows\System32\xinput1_2.dll
2016-01-20 20:52:30 77656 ----a-w- C:\Windows\System32\XAPOFX1_5.dll
2016-01-20 20:49:32 -------- d-----w- C:\ProgramData\Package Cache
2016-01-20 20:37:46 -------- d---a-w- C:\Program Files\iTunes
2016-01-20 20:37:46 -------- d-----w- C:\Program Files\iPod
2016-01-20 20:37:46 -------- d-----w- C:\Program Files (x86)\iTunes
2016-01-20 20:37:41 -------- d-----w- C:\Users\93\AppData\Local\Apple
2016-01-20 20:37:38 -------- d---a-w- C:\Program Files\Bonjour
2016-01-20 20:37:38 -------- d---a-w- C:\Program Files (x86)\Bonjour
2016-01-20 20:37:08 -------- d-----w- C:\Users\93\AppData\Local\Google
2016-01-20 20:36:23 -------- d-----w- C:\Users\93\AppData\Local\Programs
2016-01-20 20:36:10 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-20 20:35:55 -------- d---a-w- C:\Program Files\CCleaner
2016-01-20 20:33:11 -------- d-----w- C:\Program Files (x86)\Common Files\postureAgent
2016-01-20 20:32:50 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll
2016-01-20 20:29:19 -------- d-----w- C:\Users\93\AppData\Local\MicrosoftEdge
2016-01-20 20:18:36 189952 ----a-w- C:\Windows\System32\igfxCoIn_v4300.dll
2016-01-20 20:18:35 5028408 ----a-w- C:\Windows\SysWow64\igdusc32.dll
2016-01-20 20:18:35 34083104 ----a-w- C:\Windows\SysWow64\igdumdim32.dll
2016-01-20 20:18:33 11441600 ----a-w- C:\Windows\SysWow64\igd10iumd32.dll
2016-01-20 19:05:40 -------- d-----w- C:\Users\93\AppData\Local\Comms
2016-01-20 18:49:37 -------- d-----r- C:\Users\93\OneDrive
2016-01-20 18:49:19 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2016-01-20 18:49:15 -------- d-----w- C:\Users\93\AppData\Local\ActiveSync
2016-01-20 18:07:57 99848 ----a-w- C:\Windows\System32\OpenCL.DLL
2016-01-20 18:07:57 103944 ----a-w- C:\Windows\SysWow64\OpenCL.DLL
2016-01-20 18:07:15 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2016-01-20 18:05:56 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2016-01-20 18:05:56 15232 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2016-01-20 18:05:56 -------- d-----w- C:\Program Files (x86)\ASUS
2016-01-20 18:05:55 -------- d-----w- C:\Program Files\ASUS
2016-01-20 01:49:30 -------- d-----w- C:\Windows\System32\wbem\Performance
2016-01-20 01:46:53 -------- d-----w- C:\ProgramData\USOShared
2016-01-20 01:46:31 2718208 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF\good
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF\bad
2016-01-20 01:45:30 -------- d-----w- C:\Windows\System32\wbem\MOF
2016-01-20 01:45:15 -------- d-sh--we C:\ProgramData\Documents
2016-01-20 01:45:14 -------- d-sh--we C:\Documents and Settings
2016-01-20 01:45:10 -------- d-sh--w- C:\Recovery
2016-01-20 01:43:00 -------- d-s---w- C:\Windows\System32\Microsoft
2016-01-20 01:42:23 -------- d-----w- C:\Windows\Panther
.
==================== Find3M ====================
.
2016-02-01 15:53:19 136192 ----a-w- C:\Windows\System32\telnet.exe
2016-01-20 20:31:04 99288 ----a-w- C:\Windows\System32\drivers\TeeDriverx64.sys
2016-01-20 20:31:04 1795952 ----a-w- C:\Windows\System32\WdfCoInstaller01011.dll
2016-01-16 06:37:05 202472 ----a-w- C:\Windows\System32\wscapi.dll
2016-01-16 06:36:40 713568 ----a-w- C:\Windows\System32\invagent.dll
2016-01-16 06:36:31 1173344 ----a-w- C:\Windows\System32\aeinv.dll
2016-01-16 06:34:51 513888 ----a-w- C:\Windows\System32\devinv.dll
2016-01-16 06:24:34 538632 ----a-w- C:\Windows\System32\WWanAPI.dll
2016-01-16 06:23:47 8728920 ----a-w- C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2016-01-16 06:23:44 369912 ----a-w- C:\Windows\System32\audiodg.exe
2016-01-16 06:23:37 536256 ----a-w- C:\Windows\System32\AudioSes.dll
2016-01-16 06:23:36 848160 ----a-w- C:\Windows\System32\mfsvr.dll
2016-01-16 06:23:35 785088 ----a-w- C:\Windows\System32\evr.dll
2016-01-16 06:23:33 408120 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2016-01-16 06:21:33 1750440 ----a-w- C:\Windows\System32\WpcMon.exe
2016-01-16 06:20:58 6600904 ----a-w- C:\Windows\System32\windows.storage.dll
2016-01-16 06:20:56 431240 ----a-w- C:\Windows\SysWow64\WWanAPI.dll
2016-01-16 06:20:12 6971752 ----a-w- C:\Windows\SysWow64\Windows.Media.Protection.PlayReady.dll
2016-01-16 06:20:01 652312 ----a-w- C:\Windows\SysWow64\evr.dll
2016-01-16 06:20:00 366224 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2016-01-16 06:19:59 709688 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2016-01-16 06:19:58 405568 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2016-01-16 06:16:49 5238360 ----a-w- C:\Windows\SysWow64\windows.storage.dll
2016-01-16 06:13:32 1998168 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-01-16 06:13:24 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys
2016-01-16 06:12:49 1415200 ----a-w- C:\Windows\System32\msctf.dll
2016-01-16 06:09:25 1089880 ----a-w- C:\Windows\System32\drivers\http.sys
2016-01-16 06:08:56 440152 ----a-w- C:\Windows\System32\services.exe
2016-01-16 06:08:06 1174008 ----a-w- C:\Windows\SysWow64\msctf.dll
2016-01-16 05:46:08 67072 ----a-w- C:\Windows\System32\drivers\usbser.sys
2016-01-16 05:45:13 16986112 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2016-01-16 05:44:38 13824 ----a-w- C:\Windows\System32\rastlsext.dll
2016-01-16 05:44:28 22394368 ----a-w- C:\Windows\System32\edgehtml.dll
2016-01-16 05:44:25 166400 ----a-w- C:\Windows\System32\MusNotification.exe
2016-01-16 05:43:19 97280 ----a-w- C:\Windows\System32\winhttpcom.dll
2016-01-16 05:42:37 13824 ----a-w- C:\Windows\System32\sscoreext.dll
2016-01-16 05:42:18 120320 ----a-w- C:\Windows\System32\MapsBtSvc.dll
2016-01-16 05:41:11 55296 ----a-w- C:\Windows\System32\MusNotificationUx.exe
2016-01-16 05:40:46 49152 ----a-w- C:\Windows\System32\pcaui.exe
2016-01-16 05:40:12 106496 ----a-w- C:\Windows\System32\rasauto.dll
2016-01-16 05:40:11 19456 ----a-w- C:\Windows\System32\rasautou.exe
2016-01-16 05:40:05 11545088 ----a-w- C:\Windows\System32\twinui.dll
2016-01-16 05:39:18 149504 ----a-w- C:\Windows\System32\FilterDS.dll
2016-01-16 05:38:42 406528 ----a-w- C:\Windows\System32\MusUpdateHandlers.dll
2016-01-16 05:38:26 7979008 ----a-w- C:\Windows\System32\mos.dll
2016-01-16 05:38:22 193024 ----a-w- C:\Windows\System32\SimCfg.dll
2016-01-16 05:38:18 130560 ----a-w- C:\Windows\System32\winbio.dll
2016-01-16 05:37:47 73728 ----a-w- C:\Windows\System32\SMSRouter.dll
2016-01-16 05:37:43 190464 ----a-w- C:\Windows\System32\wscsvc.dll
2016-01-16 05:37:00 617984 ----a-w- C:\Windows\System32\StorSvc.dll
2016-01-16 05:37:00 274944 ----a-w- C:\Windows\System32\DisplayManager.dll
2016-01-16 05:36:57 475648 ----a-w- C:\Windows\System32\DDDS.dll
2016-01-16 05:36:46 160768 ----a-w- C:\Windows\System32\SimAuth.dll
2016-01-16 05:36:17 638464 ----a-w- C:\Windows\System32\enterprisecsps.dll
2016-01-16 05:36:06 11776 ----a-w- C:\Windows\SysWow64\rastlsext.dll
2016-01-16 05:35:03 13018624 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2016-01-16 05:34:59 590848 ----a-w- C:\Windows\System32\SmsRouterSvc.dll
2016-01-16 05:34:55 79360 ----a-w- C:\Windows\SysWow64\winhttpcom.dll
2016-01-16 05:34:38 477696 ----a-w- C:\Windows\System32\srcore.dll
2016-01-16 05:34:33 275456 ----a-w- C:\Windows\System32\AudioEndpointBuilder.dll
2016-01-16 05:34:25 610816 ----a-w- C:\Windows\System32\rastls.dll
2016-01-16 05:33:53 87040 ----a-w- C:\Windows\SysWow64\MapsBtSvc.dll
2016-01-16 05:33:08 726528 ----a-w- C:\Windows\System32\wlidcli.dll
2016-01-16 05:33:08 574976 ----a-w- C:\Windows\System32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-16 05:32:30 41984 ----a-w- C:\Windows\SysWow64\pcaui.exe
2016-01-16 05:32:13 621568 ----a-w- C:\Windows\System32\wbiosrvc.dll
2016-01-16 05:31:58 343552 ----a-w- C:\Windows\System32\SensorsApi.dll
2016-01-16 05:31:54 17408 ----a-w- C:\Windows\SysWow64\rasautou.exe
2016-01-16 05:31:36 851456 ----a-w- C:\Windows\System32\MapsStore.dll
2016-01-16 05:31:30 794112 ----a-w- C:\Windows\System32\winhttp.dll
2016-01-16 05:31:28 440320 ----a-w- C:\Windows\System32\CredProvDataModel.dll
2016-01-16 05:30:35 2127360 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-01-16 05:30:19 157696 ----a-w- C:\Windows\SysWow64\SimCfg.dll
2016-01-16 05:30:18 93696 ----a-w- C:\Windows\SysWow64\winbio.dll
2016-01-16 05:30:06 1053696 ----a-w- C:\Windows\System32\audiosrv.dll
2016-01-16 05:29:56 1500672 ----a-w- C:\Windows\System32\RecoveryDrive.exe
2016-01-16 05:29:06 200704 ----a-w- C:\Windows\SysWow64\DisplayManager.dll
2016-01-16 05:28:52 129024 ----a-w- C:\Windows\SysWow64\SimAuth.dll
2016-01-16 05:28:03 2624512 ----a-w- C:\Windows\System32\InputService.dll
2016-01-16 05:28:02 9918976 ----a-w- C:\Windows\SysWow64\twinui.dll
2016-01-16 05:28:02 1318912 ----a-w- C:\Windows\System32\wifinetworkmanager.dll
2016-01-16 05:26:52 535040 ----a-w- C:\Windows\SysWow64\rastls.dll
2016-01-16 05:26:14 345600 ----a-w- C:\Windows\System32\TextInputFramework.dll
2016-01-16 05:26:11 260608 ----a-w- C:\Windows\System32\MTFServer.dll
2016-01-16 05:26:09 175616 ----a-w- C:\Windows\System32\Windows.UI.Core.TextInput.dll
2016-01-16 05:25:59 235008 ----a-w- C:\Windows\System32\MTF.dll
2016-01-16 05:25:39 510976 ----a-w- C:\Windows\SysWow64\wlidcli.dll
2016-01-16 05:25:21 457728 ----a-w- C:\Windows\System32\ipnathlp.dll
2016-01-16 05:24:56 2057216 ----a-w- C:\Windows\System32\wlidsvc.dll
2016-01-16 05:24:44 273408 ----a-w- C:\Windows\SysWow64\SensorsApi.dll
2016-01-16 05:24:29 18678272 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2016-01-16 05:24:13 613888 ----a-w- C:\Windows\SysWow64\winhttp.dll
2016-01-16 05:24:13 350720 ----a-w- C:\Windows\SysWow64\CredProvDataModel.dll
2016-01-16 05:23:07 2050048 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-01-16 05:21:51 6297088 ----a-w- C:\Windows\SysWow64\mos.dll
2016-01-16 05:20:40 1944576 ----a-w- C:\Windows\SysWow64\InputService.dll
2016-01-16 05:20:38 2597888 ----a-w- C:\Windows\System32\NetworkMobileSettings.dll
2016-01-16 05:20:22 799744 ----a-w- C:\Windows\SysWow64\rasdlg.dll
2016-01-16 05:20:18 7199232 ----a-w- C:\Windows\System32\BingMaps.dll
2016-01-16 05:19:33 733184 ----a-w- C:\Windows\System32\rasapi32.dll
.
============= FINISH: 6:25:13.37 ===============