My computer has been infected with the above, if place pop ups in my browser and repeatedly opens new pages of adverts. Norton security detects it and tries to remove it with power eraser but it is not successful.
Following is the dds.txt file
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by BrianwfPC at 18:20:52 on 2016-03-31
Microsoft Windows 10 Home 10.0.10586.0.1252.44.1033.18.8136.6045 [GMT 1:00]
.
AV: Norton Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugincontainer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe
C:\Program Files (x86)\Common Files\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\updater.exe
C:\Windows\system32\dashost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\anyda\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\5\plugin.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\2\plugin.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\8\plugin.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\10\plugin.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
C:\Program Files\Dell\Product Registration\PRSvc.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mStart Page = about:blank
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll
uRun: [OneDrive] "C:\Users\anyda\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 82.163.142.7 95.211.158.134
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{24ca947f-42bd-467e-ba23-118924f63416} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{64639ddd-5488-419d-a779-9ee30c066e53} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{64639ddd-5488-419d-a779-9ee30c066e53} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7b1993cb-cc1c-4e87-b609-f4c32ba45d75} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{7b1993cb-cc1c-4e87-b609-f4c32ba45d75} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{dc737cc9-6e84-45c2-bfc9-7f69b2dc1021} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{dc737cc9-6e84-45c2-bfc9-7f69b2dc1021} : DHCPNameServer = 82.163.142.7
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-mStart Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAAIV1hERBgTdgFdTA0VRQUOIQsABRRHEwYUdw8JUVwXR1YFIk0FA1ADB0VXfVBdFElXTwhsNUtrBFgDQl10KVdcDk4=
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine64\22.6.0.142\coieplg.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.6.0.142\coieplg.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_MAXX6] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
x64-Run: [WavesSvc] "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2015-6-24 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-10-30 46432]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\Windows\System32\drivers\NSx64\1606000.08E\symefasi64.sys [2016-3-2 1621232]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security\NortonData\22.5.5.15\Definitions\BASHDefs\20160316.006\BHDrvx64.sys [2016-3-3 1766640]
R1 ccSet_NS;NS Settings Manager;C:\Windows\System32\drivers\NSx64\1606000.08E\ccsetx64.sys [2016-3-2 173808]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2016-2-9 91912]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security\NortonData\22.5.5.15\Definitions\IPSDefs\20160330.002\IDSviA64.sys [2016-3-31 767224]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\ironx64.sys [2016-3-2 295664]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\symnets.sys [2016-3-2 577768]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2015-6-8 323152]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 Dell Customer Connect;Dell Customer Connect;C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2015-9-22 137968]
R2 Dell Foundation Services;Dell Foundation Services;C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2016-1-15 119656]
R2 Dell Product Registration;Dell Product Registration;C:\Program Files\Dell\Product Registration\PRSvc.exe [2016-1-25 32104]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-1-5 2571352]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-1-5 201816]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-6-24 238320]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-8-27 237272]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-24 18856]
R2 NS;Norton Security;C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\ns.exe [2016-3-2 289080]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-2-9 307456]
R2 Service Mgr GenerousDeal;Service Mgr GenerousDeal;C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugincontainer.exe [2016-2-23 1415912]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-3-14 31928]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 Update Mgr GenerousDeal;Update Mgr GenerousDeal;C:\Program Files (x86)\Common Files\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\updater.exe [2016-2-23 1279720]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2015-6-8 604776]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2016-2-24 245760]
R3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2016-1-5 32464]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2016-1-5 24240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-2-25 157520]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2016-2-9 886528]
R3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2016-2-9 402136]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-10-30 28512]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\symelam.sys [2016-3-2 24192]
S2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2016-2-24 117248]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2016-3-1 29696]
S4 CDPSvc;Connected Device Platform Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-03-30 07:34:50 -------- d-----w- C:\ProgramData\Trend Micro
2016-03-30 07:33:31 307352 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2016-03-28 16:38:01 -------- d-----w- C:\ProgramData\b6aeaac3-42b3-0
2016-03-28 11:19:56 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2016-03-28 11:19:55 -------- d-----w- C:\Program Files\Dell Support Center
2016-03-28 10:33:08 -------- d-----w- C:\ProgramData\b6aeaac3-3061-0
2016-03-28 10:33:04 -------- d-----w- C:\ProgramData\aae46d6d
2016-03-28 10:32:26 -------- d-----w- C:\ProgramData\{05bf97a3-512c-1}
2016-03-28 10:32:26 -------- d-----w- C:\ProgramData\{016ec4f0-712c-0}
2016-03-28 10:22:50 -------- d-----w- C:\Program Files\iPod
2016-03-28 10:22:50 -------- d-----w- C:\Program Files (x86)\iTunes
2016-03-28 10:22:49 -------- d---a-w- C:\Program Files\iTunes
2016-03-28 10:13:59 700416 ----a-w- C:\Windows\System32\AppointmentApis.dll
2016-03-28 10:11:26 -------- d-----w- C:\Users\anyda\IAM_Databaseword
2016-03-04 16:14:45 -------- d---a-w- C:\Users\anyda\IAM_Database
2016-03-02 18:28:16 -------- d-----w- C:\Program Files\Common Files\AV
2016-03-02 18:22:02 577768 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\symnets.sys
2016-03-02 18:22:02 24192 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\symelam.sys
2016-03-02 18:22:01 928504 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\srtsp64.sys
2016-03-02 18:22:01 50936 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\srtspx64.sys
2016-03-02 18:22:01 295664 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\ironx64.sys
2016-03-02 18:22:01 173808 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\ccsetx64.sys
2016-03-02 18:22:01 1621232 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\symefasi64.sys
2016-03-02 18:21:39 -------- d-----w- C:\Windows\System32\drivers\NSx64\1606000.08E
2016-03-02 17:54:40 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2016-03-02 17:54:35 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2016-03-02 17:54:35 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2016-03-02 17:54:22 -------- d---a-w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2016-03-02 17:54:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64\0701000.01A
2016-03-02 17:54:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64
2016-03-02 16:03:33 -------- d-----w- C:\Users\anyda\AppData\Local\CrashDumps
2016-03-01 19:44:59 86528 ----a-w- C:\Windows\System32\AppCapture.dll
2016-03-01 19:44:59 83456 ----a-w- C:\Windows\SysWow64\InputLocaleManager.dll
2016-03-01 19:44:59 41984 ----a-w- C:\Windows\System32\TimeBrokerClient.dll
2016-03-01 19:44:59 414720 ----a-w- C:\Windows\System32\bcastdvr.exe
2016-03-01 19:44:59 37376 ----a-w- C:\Windows\System32\LaunchWinApp.exe
2016-03-01 19:44:59 31744 ----a-w- C:\Windows\SysWow64\TimeBrokerClient.dll
2016-03-01 19:44:59 29696 ----a-w- C:\Windows\SysWow64\LaunchWinApp.exe
2016-03-01 19:44:59 115712 ----a-w- C:\Windows\System32\srpapi.dll
2016-03-01 19:44:59 108544 ----a-w- C:\Windows\System32\InputLocaleManager.dll
2016-03-01 17:37:38 999424 ----a-w- C:\Windows\System32\hpgt3800.dll
2016-03-01 17:37:38 802816 ----a-w- C:\Windows\System32\hpxp3800.dll
2016-03-01 17:37:38 727040 ----a-w- C:\Windows\System32\hp3800co.dll
2016-03-01 17:27:01 -------- d-----w- C:\Users\anyda\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2016-03-08 07:12:26 829944 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-08 07:12:26 176632 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-01 05:31:29 848168 ----a-w- C:\Windows\System32\mfsvr.dll
2016-03-01 05:22:47 709688 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2016-02-25 15:31:13 111344 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2016-02-24 09:52:06 1997328 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-24 09:51:58 7474528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-24 09:48:32 713568 ----a-w- C:\Windows\System32\invagent.dll
2016-02-24 09:47:03 1173344 ----a-w- C:\Windows\System32\aeinv.dll
2016-02-24 09:40:06 513888 ----a-w- C:\Windows\System32\devinv.dll
2016-02-24 09:34:50 1613664 ----a-w- C:\Windows\System32\diagtrack.dll
2016-02-24 09:28:35 3449168 ----a-w- C:\Windows\System32\WSService.dll
2016-02-24 09:15:07 1557768 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-24 08:58:26 794888 ----a-w- C:\Windows\System32\mfds.dll
2016-02-24 08:51:24 1322248 ----a-w- C:\Windows\System32\ole32.dll
2016-02-24 08:50:49 808800 ----a-w- C:\Windows\System32\WWAHost.exe
2016-02-24 08:46:25 6607080 ----a-w- C:\Windows\System32\windows.storage.dll
2016-02-24 08:43:01 625000 ----a-w- C:\Windows\System32\ClipSVC.dll
2016-02-24 08:39:30 141560 ----a-w- C:\Windows\System32\AuthHost.exe
2016-02-24 08:39:01 358752 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-24 08:19:18 670928 ----a-w- C:\Windows\SysWow64\mfds.dll
2016-02-24 08:14:23 216416 ----a-w- C:\Windows\System32\AppxAllUserStore.dll
2016-02-24 08:11:46 957608 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-02-24 08:11:07 258280 ----a-w- C:\Windows\System32\sqmapi.dll
2016-02-24 08:11:03 652392 ----a-w- C:\Windows\System32\dxgi.dll
2016-02-24 08:11:03 394080 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2016-02-24 08:11:03 1997152 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-02-24 08:11:01 703840 ----a-w- C:\Windows\SysWow64\WWAHost.exe
2016-02-24 08:10:54 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys
2016-02-24 08:10:52 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe
2016-02-24 08:09:58 640472 ----a-w- C:\Windows\System32\wer.dll
2016-02-24 08:09:49 147808 ----a-w- C:\Windows\System32\wermgr.exe
2016-02-24 08:06:39 5242496 ----a-w- C:\Windows\SysWow64\windows.storage.dll
2016-02-24 07:59:11 294752 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-24 07:39:44 23552 ----a-w- C:\Windows\System32\ExtrasXmlParser.dll
2016-02-24 07:39:34 45568 ----a-w- C:\Windows\System32\UserDataTypeHelperUtil.dll
2016-02-24 07:38:35 187744 ----a-w- C:\Windows\SysWow64\AppxAllUserStore.dll
2016-02-24 07:38:12 111616 ----a-w- C:\Windows\System32\UserDataTimeUtil.dll
2016-02-24 07:37:58 45056 ----a-w- C:\Windows\System32\UserDataLanguageUtil.dll
2016-02-24 07:36:17 60416 ----a-w- C:\Windows\System32\PimIndexMaintenanceClient.dll
2016-02-24 07:35:26 220064 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2016-02-24 07:35:24 523752 ----a-w- C:\Windows\SysWow64\dxgi.dll
2016-02-24 07:35:18 45568 ----a-w- C:\Windows\System32\atmlib.dll
2016-02-24 07:35:08 540752 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2016-02-24 07:33:53 141664 ----a-w- C:\Windows\SysWow64\wermgr.exe
2016-02-24 07:33:49 538736 ----a-w- C:\Windows\SysWow64\wer.dll
2016-02-24 07:31:49 118272 ----a-w- C:\Windows\System32\fontsub.dll
2016-02-24 07:30:18 25600 ----a-w- C:\Windows\System32\wfapigp.dll
2016-02-24 07:28:12 70656 ----a-w- C:\Windows\System32\POSyncServices.dll
2016-02-24 07:23:20 68096 ----a-w- C:\Windows\System32\UserDataPlatformHelperUtil.dll
2016-02-24 07:23:20 112640 ----a-w- C:\Windows\System32\drivers\bthenum.sys
2016-02-24 07:23:09 91648 ----a-w- C:\Windows\System32\asycfilt.dll
2016-02-24 07:22:03 196608 ----a-w- C:\Windows\System32\fwpolicyiomgr.dll
2016-02-24 07:20:57 167936 ----a-w- C:\Windows\System32\dafBth.dll
2016-02-24 07:20:35 195072 ----a-w- C:\Windows\System32\VCardParser.dll
2016-02-24 07:20:00 87552 ----a-w- C:\Windows\System32\AppxSysprep.dll
2016-02-24 07:19:56 31232 ----a-w- C:\Windows\System32\seclogon.dll
2016-02-24 07:19:10 145408 ----a-w- C:\Windows\System32\dssvc.dll
2016-02-24 07:15:29 365568 ----a-w- C:\Windows\System32\atmfd.dll
2016-02-24 07:14:00 274944 ----a-w- C:\Windows\System32\ExSMime.dll
2016-02-24 07:13:57 121856 ----a-w- C:\Windows\System32\AppointmentActivation.dll
2016-02-24 07:12:54 243712 ----a-w- C:\Windows\System32\cemapi.dll
2016-02-24 07:12:03 221184 ----a-w- C:\Windows\System32\PhoneCallHistoryApis.dll
2016-02-24 07:10:05 93184 ----a-w- C:\Windows\System32\wpninprc.dll
2016-02-24 07:09:04 258560 ----a-w- C:\Windows\System32\UserDataAccountApis.dll
2016-02-24 07:09:00 161792 ----a-w- C:\Windows\System32\AppxSip.dll
2016-02-24 07:07:53 252928 ----a-w- C:\Windows\System32\PimIndexMaintenance.dll
2016-02-24 07:05:00 208896 ----a-w- C:\Windows\System32\storewuauth.dll
2016-02-24 07:03:16 88576 ----a-w- C:\Windows\SysWow64\olepro32.dll
2016-02-24 07:02:17 161280 ----a-w- C:\Windows\System32\CallHistoryClient.dll
2016-02-24 07:01:56 146432 ----a-w- C:\Windows\System32\AuthBroker.dll
2016-02-24 07:01:21 764928 ----a-w- C:\Windows\System32\Chakradiag.dll
2016-02-24 07:01:15 67584 ----a-w- C:\Windows\System32\profext.dll
2016-02-24 07:00:00 214528 ----a-w- C:\Windows\System32\Windows.Devices.Scanners.dll
2016-02-24 06:59:55 450560 ----a-w- C:\Windows\System32\Windows.Internal.Bluetooth.dll
2016-02-24 06:59:44 318976 ----a-w- C:\Windows\System32\domgmt.dll
2016-02-24 06:59:32 360448 ----a-w- C:\Windows\System32\vaultsvc.dll
2016-02-24 06:58:29 685568 ----a-w- C:\Windows\System32\scapi.dll
2016-02-24 06:55:57 790528 ----a-w- C:\Windows\System32\EmailApis.dll
2016-02-24 06:55:39 224256 ----a-w- C:\Windows\System32\PackageStateRoaming.dll
2016-02-24 06:55:08 18944 ----a-w- C:\Windows\SysWow64\ExtrasXmlParser.dll
2016-02-24 06:54:57 37888 ----a-w- C:\Windows\SysWow64\UserDataTypeHelperUtil.dll
2016-02-24 06:54:55 228352 ----a-w- C:\Windows\System32\wsqmcons.exe
2016-02-24 06:54:45 288768 ----a-w- C:\Windows\System32\vaultcli.dll
2016-02-24 06:54:09 526336 ----a-w- C:\Windows\System32\FirewallAPI.dll
2016-02-24 06:53:47 89088 ----a-w- C:\Windows\SysWow64\UserDataTimeUtil.dll
2016-02-24 06:53:35 37888 ----a-w- C:\Windows\SysWow64\UserDataLanguageUtil.dll
2016-02-24 06:52:12 48128 ----a-w- C:\Windows\SysWow64\PimIndexMaintenanceClient.dll
2016-02-24 06:52:11 451584 ----a-w- C:\Windows\System32\werui.dll
2016-02-24 06:51:21 37376 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-02-24 06:49:50 726528 ----a-w- C:\Windows\System32\ChatApis.dll
2016-02-24 06:47:58 93696 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-02-24 06:46:33 20480 ----a-w- C:\Windows\SysWow64\wfapigp.dll
2016-02-24 06:44:46 56320 ----a-w- C:\Windows\SysWow64\POSyncServices.dll
2016-02-24 06:44:18 1713664 ----a-w- C:\Windows\System32\SRHInproc.dll
2016-02-24 06:44:00 915456 ----a-w- C:\Windows\System32\configurationclient.dll
2016-02-24 06:43:59 286720 ----a-w- C:\Windows\System32\deviceaccess.dll
2016-02-24 06:43:12 957952 ----a-w- C:\Windows\System32\SRH.dll
2016-02-24 06:42:48 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys
2016-02-24 06:42:42 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
.
============= FINISH: 18:21:22.37 ===============
Following is the dds.txt file
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by BrianwfPC at 18:20:52 on 2016-03-31
Microsoft Windows 10 Home 10.0.10586.0.1252.44.1033.18.8136.6045 [GMT 1:00]
.
AV: Norton Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\nvvsvc.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugincontainer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe
C:\Program Files (x86)\Common Files\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\updater.exe
C:\Windows\system32\dashost.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\NS.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\anyda\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\5\plugin.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\2\plugin.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\8\plugin.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugins\10\plugin.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
C:\Program Files\Dell\Product Registration\PRSvc.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files\Dell\Dell Foundation Services\DFS.Common.Agent.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
svchost.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mStart Page = about:blank
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\coIEPlg.dll
uRun: [OneDrive] "C:\Users\anyda\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 82.163.142.7 95.211.158.134
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{24ca947f-42bd-467e-ba23-118924f63416} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{64639ddd-5488-419d-a779-9ee30c066e53} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{64639ddd-5488-419d-a779-9ee30c066e53} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{7b1993cb-cc1c-4e87-b609-f4c32ba45d75} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{7b1993cb-cc1c-4e87-b609-f4c32ba45d75} : DHCPNameServer = 82.163.142.7
TCP: Interfaces\{dc737cc9-6e84-45c2-bfc9-7f69b2dc1021} : NameServer = 82.163.142.7 95.211.158.134
TCP: Interfaces\{dc737cc9-6e84-45c2-bfc9-7f69b2dc1021} : DHCPNameServer = 82.163.142.7
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-mStart Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggbeAAIV1hERBgTdgFdTA0VRQUOIQsABRRHEwYUdw8JUVwXR1YFIk0FA1ADB0VXfVBdFElXTwhsNUtrBFgDQl10KVdcDk4=
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine64\22.6.0.142\coieplg.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.6.0.142\coieplg.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_MAXX6] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX6
x64-Run: [WavesSvc] "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2015-6-24 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-10-30 46432]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\Windows\System32\drivers\NSx64\1606000.08E\symefasi64.sys [2016-3-2 1621232]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security\NortonData\22.5.5.15\Definitions\BASHDefs\20160316.006\BHDrvx64.sys [2016-3-3 1766640]
R1 ccSet_NS;NS Settings Manager;C:\Windows\System32\drivers\NSx64\1606000.08E\ccsetx64.sys [2016-3-2 173808]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2016-2-9 91912]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security\NortonData\22.5.5.15\Definitions\IPSDefs\20160330.002\IDSviA64.sys [2016-3-31 767224]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\ironx64.sys [2016-3-2 295664]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\symnets.sys [2016-3-2 577768]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2015-6-8 323152]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 Dell Customer Connect;Dell Customer Connect;C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2015-9-22 137968]
R2 Dell Foundation Services;Dell Foundation Services;C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2016-1-15 119656]
R2 Dell Product Registration;Dell Product Registration;C:\Program Files\Dell\Product Registration\PRSvc.exe [2016-1-25 32104]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-1-5 2571352]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2016-1-5 201816]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-6-24 238320]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-8-27 237272]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-24 18856]
R2 NS;Norton Security;C:\Program Files (x86)\Norton Security\Engine\22.6.0.142\ns.exe [2016-3-2 289080]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2016-2-9 307456]
R2 Service Mgr GenerousDeal;Service Mgr GenerousDeal;C:\ProgramData\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\plugincontainer.exe [2016-2-23 1415912]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2016-3-14 31928]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 Update Mgr GenerousDeal;Update Mgr GenerousDeal;C:\Program Files (x86)\Common Files\c00fd789-4044-4a32-8a4f-7d731dbdc0d1\updater.exe [2016-2-23 1279720]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2015-6-8 604776]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2016-2-24 245760]
R3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2016-1-5 32464]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2016-1-5 24240]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2016-2-25 157520]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2016-2-9 886528]
R3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2016-2-9 402136]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-10-30 28512]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 SymELAM;Symantec ELAM Driver;C:\Windows\System32\drivers\NSx64\1606000.08E\symelam.sys [2016-3-2 24192]
S2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2016-2-24 117248]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2016-3-1 29696]
S4 CDPSvc;Connected Device Platform Service;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-03-30 07:34:50 -------- d-----w- C:\ProgramData\Trend Micro
2016-03-30 07:33:31 307352 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2016-03-28 16:38:01 -------- d-----w- C:\ProgramData\b6aeaac3-42b3-0
2016-03-28 11:19:56 -------- d-----w- C:\ProgramData\PC-Doctor for Windows
2016-03-28 11:19:55 -------- d-----w- C:\Program Files\Dell Support Center
2016-03-28 10:33:08 -------- d-----w- C:\ProgramData\b6aeaac3-3061-0
2016-03-28 10:33:04 -------- d-----w- C:\ProgramData\aae46d6d
2016-03-28 10:32:26 -------- d-----w- C:\ProgramData\{05bf97a3-512c-1}
2016-03-28 10:32:26 -------- d-----w- C:\ProgramData\{016ec4f0-712c-0}
2016-03-28 10:22:50 -------- d-----w- C:\Program Files\iPod
2016-03-28 10:22:50 -------- d-----w- C:\Program Files (x86)\iTunes
2016-03-28 10:22:49 -------- d---a-w- C:\Program Files\iTunes
2016-03-28 10:13:59 700416 ----a-w- C:\Windows\System32\AppointmentApis.dll
2016-03-28 10:11:26 -------- d-----w- C:\Users\anyda\IAM_Databaseword
2016-03-04 16:14:45 -------- d---a-w- C:\Users\anyda\IAM_Database
2016-03-02 18:28:16 -------- d-----w- C:\Program Files\Common Files\AV
2016-03-02 18:22:02 577768 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\symnets.sys
2016-03-02 18:22:02 24192 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\symelam.sys
2016-03-02 18:22:01 928504 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\srtsp64.sys
2016-03-02 18:22:01 50936 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\srtspx64.sys
2016-03-02 18:22:01 295664 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\ironx64.sys
2016-03-02 18:22:01 173808 ----a-r- C:\Windows\System32\drivers\NSx64\1606000.08E\ccsetx64.sys
2016-03-02 18:22:01 1621232 ----a-w- C:\Windows\System32\drivers\NSx64\1606000.08E\symefasi64.sys
2016-03-02 18:21:39 -------- d-----w- C:\Windows\System32\drivers\NSx64\1606000.08E
2016-03-02 17:54:40 33240 ----a-w- C:\Windows\System32\drivers\GEARAspiWDM.sys
2016-03-02 17:54:35 125872 ----a-w- C:\Windows\System32\GEARAspi64.dll
2016-03-02 17:54:35 106928 ----a-w- C:\Windows\SysWow64\GEARAspi.dll
2016-03-02 17:54:22 -------- d---a-w- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2016-03-02 17:54:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64\0701000.01A
2016-03-02 17:54:22 -------- d-----w- C:\Windows\System32\drivers\NBRTWizardx64
2016-03-02 16:03:33 -------- d-----w- C:\Users\anyda\AppData\Local\CrashDumps
2016-03-01 19:44:59 86528 ----a-w- C:\Windows\System32\AppCapture.dll
2016-03-01 19:44:59 83456 ----a-w- C:\Windows\SysWow64\InputLocaleManager.dll
2016-03-01 19:44:59 41984 ----a-w- C:\Windows\System32\TimeBrokerClient.dll
2016-03-01 19:44:59 414720 ----a-w- C:\Windows\System32\bcastdvr.exe
2016-03-01 19:44:59 37376 ----a-w- C:\Windows\System32\LaunchWinApp.exe
2016-03-01 19:44:59 31744 ----a-w- C:\Windows\SysWow64\TimeBrokerClient.dll
2016-03-01 19:44:59 29696 ----a-w- C:\Windows\SysWow64\LaunchWinApp.exe
2016-03-01 19:44:59 115712 ----a-w- C:\Windows\System32\srpapi.dll
2016-03-01 19:44:59 108544 ----a-w- C:\Windows\System32\InputLocaleManager.dll
2016-03-01 17:37:38 999424 ----a-w- C:\Windows\System32\hpgt3800.dll
2016-03-01 17:37:38 802816 ----a-w- C:\Windows\System32\hpxp3800.dll
2016-03-01 17:37:38 727040 ----a-w- C:\Windows\System32\hp3800co.dll
2016-03-01 17:27:01 -------- d-----w- C:\Users\anyda\AppData\Local\ElevatedDiagnostics
.
==================== Find3M ====================
.
2016-03-08 07:12:26 829944 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2016-03-08 07:12:26 176632 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2016-03-01 05:31:29 848168 ----a-w- C:\Windows\System32\mfsvr.dll
2016-03-01 05:22:47 709688 ----a-w- C:\Windows\SysWow64\mfsvr.dll
2016-02-25 15:31:13 111344 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2016-02-24 09:52:06 1997328 ----a-w- C:\Windows\System32\KernelBase.dll
2016-02-24 09:51:58 7474528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2016-02-24 09:48:32 713568 ----a-w- C:\Windows\System32\invagent.dll
2016-02-24 09:47:03 1173344 ----a-w- C:\Windows\System32\aeinv.dll
2016-02-24 09:40:06 513888 ----a-w- C:\Windows\System32\devinv.dll
2016-02-24 09:34:50 1613664 ----a-w- C:\Windows\System32\diagtrack.dll
2016-02-24 09:28:35 3449168 ----a-w- C:\Windows\System32\WSService.dll
2016-02-24 09:15:07 1557768 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2016-02-24 08:58:26 794888 ----a-w- C:\Windows\System32\mfds.dll
2016-02-24 08:51:24 1322248 ----a-w- C:\Windows\System32\ole32.dll
2016-02-24 08:50:49 808800 ----a-w- C:\Windows\System32\WWAHost.exe
2016-02-24 08:46:25 6607080 ----a-w- C:\Windows\System32\windows.storage.dll
2016-02-24 08:43:01 625000 ----a-w- C:\Windows\System32\ClipSVC.dll
2016-02-24 08:39:30 141560 ----a-w- C:\Windows\System32\AuthHost.exe
2016-02-24 08:39:01 358752 ----a-w- C:\Windows\System32\msv1_0.dll
2016-02-24 08:19:18 670928 ----a-w- C:\Windows\SysWow64\mfds.dll
2016-02-24 08:14:23 216416 ----a-w- C:\Windows\System32\AppxAllUserStore.dll
2016-02-24 08:11:46 957608 ----a-w- C:\Windows\SysWow64\ole32.dll
2016-02-24 08:11:07 258280 ----a-w- C:\Windows\System32\sqmapi.dll
2016-02-24 08:11:03 652392 ----a-w- C:\Windows\System32\dxgi.dll
2016-02-24 08:11:03 394080 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2016-02-24 08:11:03 1997152 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2016-02-24 08:11:01 703840 ----a-w- C:\Windows\SysWow64\WWAHost.exe
2016-02-24 08:10:54 576864 ----a-w- C:\Windows\System32\drivers\dxgmms2.sys
2016-02-24 08:10:52 630632 ----a-w- C:\Windows\System32\fontdrvhost.exe
2016-02-24 08:09:58 640472 ----a-w- C:\Windows\System32\wer.dll
2016-02-24 08:09:49 147808 ----a-w- C:\Windows\System32\wermgr.exe
2016-02-24 08:06:39 5242496 ----a-w- C:\Windows\SysWow64\windows.storage.dll
2016-02-24 07:59:11 294752 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2016-02-24 07:39:44 23552 ----a-w- C:\Windows\System32\ExtrasXmlParser.dll
2016-02-24 07:39:34 45568 ----a-w- C:\Windows\System32\UserDataTypeHelperUtil.dll
2016-02-24 07:38:35 187744 ----a-w- C:\Windows\SysWow64\AppxAllUserStore.dll
2016-02-24 07:38:12 111616 ----a-w- C:\Windows\System32\UserDataTimeUtil.dll
2016-02-24 07:37:58 45056 ----a-w- C:\Windows\System32\UserDataLanguageUtil.dll
2016-02-24 07:36:17 60416 ----a-w- C:\Windows\System32\PimIndexMaintenanceClient.dll
2016-02-24 07:35:26 220064 ----a-w- C:\Windows\SysWow64\sqmapi.dll
2016-02-24 07:35:24 523752 ----a-w- C:\Windows\SysWow64\dxgi.dll
2016-02-24 07:35:18 45568 ----a-w- C:\Windows\System32\atmlib.dll
2016-02-24 07:35:08 540752 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2016-02-24 07:33:53 141664 ----a-w- C:\Windows\SysWow64\wermgr.exe
2016-02-24 07:33:49 538736 ----a-w- C:\Windows\SysWow64\wer.dll
2016-02-24 07:31:49 118272 ----a-w- C:\Windows\System32\fontsub.dll
2016-02-24 07:30:18 25600 ----a-w- C:\Windows\System32\wfapigp.dll
2016-02-24 07:28:12 70656 ----a-w- C:\Windows\System32\POSyncServices.dll
2016-02-24 07:23:20 68096 ----a-w- C:\Windows\System32\UserDataPlatformHelperUtil.dll
2016-02-24 07:23:20 112640 ----a-w- C:\Windows\System32\drivers\bthenum.sys
2016-02-24 07:23:09 91648 ----a-w- C:\Windows\System32\asycfilt.dll
2016-02-24 07:22:03 196608 ----a-w- C:\Windows\System32\fwpolicyiomgr.dll
2016-02-24 07:20:57 167936 ----a-w- C:\Windows\System32\dafBth.dll
2016-02-24 07:20:35 195072 ----a-w- C:\Windows\System32\VCardParser.dll
2016-02-24 07:20:00 87552 ----a-w- C:\Windows\System32\AppxSysprep.dll
2016-02-24 07:19:56 31232 ----a-w- C:\Windows\System32\seclogon.dll
2016-02-24 07:19:10 145408 ----a-w- C:\Windows\System32\dssvc.dll
2016-02-24 07:15:29 365568 ----a-w- C:\Windows\System32\atmfd.dll
2016-02-24 07:14:00 274944 ----a-w- C:\Windows\System32\ExSMime.dll
2016-02-24 07:13:57 121856 ----a-w- C:\Windows\System32\AppointmentActivation.dll
2016-02-24 07:12:54 243712 ----a-w- C:\Windows\System32\cemapi.dll
2016-02-24 07:12:03 221184 ----a-w- C:\Windows\System32\PhoneCallHistoryApis.dll
2016-02-24 07:10:05 93184 ----a-w- C:\Windows\System32\wpninprc.dll
2016-02-24 07:09:04 258560 ----a-w- C:\Windows\System32\UserDataAccountApis.dll
2016-02-24 07:09:00 161792 ----a-w- C:\Windows\System32\AppxSip.dll
2016-02-24 07:07:53 252928 ----a-w- C:\Windows\System32\PimIndexMaintenance.dll
2016-02-24 07:05:00 208896 ----a-w- C:\Windows\System32\storewuauth.dll
2016-02-24 07:03:16 88576 ----a-w- C:\Windows\SysWow64\olepro32.dll
2016-02-24 07:02:17 161280 ----a-w- C:\Windows\System32\CallHistoryClient.dll
2016-02-24 07:01:56 146432 ----a-w- C:\Windows\System32\AuthBroker.dll
2016-02-24 07:01:21 764928 ----a-w- C:\Windows\System32\Chakradiag.dll
2016-02-24 07:01:15 67584 ----a-w- C:\Windows\System32\profext.dll
2016-02-24 07:00:00 214528 ----a-w- C:\Windows\System32\Windows.Devices.Scanners.dll
2016-02-24 06:59:55 450560 ----a-w- C:\Windows\System32\Windows.Internal.Bluetooth.dll
2016-02-24 06:59:44 318976 ----a-w- C:\Windows\System32\domgmt.dll
2016-02-24 06:59:32 360448 ----a-w- C:\Windows\System32\vaultsvc.dll
2016-02-24 06:58:29 685568 ----a-w- C:\Windows\System32\scapi.dll
2016-02-24 06:55:57 790528 ----a-w- C:\Windows\System32\EmailApis.dll
2016-02-24 06:55:39 224256 ----a-w- C:\Windows\System32\PackageStateRoaming.dll
2016-02-24 06:55:08 18944 ----a-w- C:\Windows\SysWow64\ExtrasXmlParser.dll
2016-02-24 06:54:57 37888 ----a-w- C:\Windows\SysWow64\UserDataTypeHelperUtil.dll
2016-02-24 06:54:55 228352 ----a-w- C:\Windows\System32\wsqmcons.exe
2016-02-24 06:54:45 288768 ----a-w- C:\Windows\System32\vaultcli.dll
2016-02-24 06:54:09 526336 ----a-w- C:\Windows\System32\FirewallAPI.dll
2016-02-24 06:53:47 89088 ----a-w- C:\Windows\SysWow64\UserDataTimeUtil.dll
2016-02-24 06:53:35 37888 ----a-w- C:\Windows\SysWow64\UserDataLanguageUtil.dll
2016-02-24 06:52:12 48128 ----a-w- C:\Windows\SysWow64\PimIndexMaintenanceClient.dll
2016-02-24 06:52:11 451584 ----a-w- C:\Windows\System32\werui.dll
2016-02-24 06:51:21 37376 ----a-w- C:\Windows\SysWow64\atmlib.dll
2016-02-24 06:49:50 726528 ----a-w- C:\Windows\System32\ChatApis.dll
2016-02-24 06:47:58 93696 ----a-w- C:\Windows\SysWow64\fontsub.dll
2016-02-24 06:46:33 20480 ----a-w- C:\Windows\SysWow64\wfapigp.dll
2016-02-24 06:44:46 56320 ----a-w- C:\Windows\SysWow64\POSyncServices.dll
2016-02-24 06:44:18 1713664 ----a-w- C:\Windows\System32\SRHInproc.dll
2016-02-24 06:44:00 915456 ----a-w- C:\Windows\System32\configurationclient.dll
2016-02-24 06:43:59 286720 ----a-w- C:\Windows\System32\deviceaccess.dll
2016-02-24 06:43:12 957952 ----a-w- C:\Windows\System32\SRH.dll
2016-02-24 06:42:48 954368 ----a-w- C:\Windows\System32\drivers\bthport.sys
2016-02-24 06:42:42 84992 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
.
============= FINISH: 18:21:22.37 ===============