Hi
I had a few strange messages popping up about "computer being blocked" and not to do anything or hard disk would be wiped clean...
I could not close the pages but used Tastmanager to close the program (Internet Explorer11)
I tried to run Eset Online twice. It found TWO infections but each time before it completed it went all black and stopped.
The system is becoming very slow.
This is my son's computer and I am just visiting. I have only 4 days to sort this out or he will be without a computer for school. Help!!!...
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.589
Run by Camilo at 23:15:49 on 2016-09-16
Microsoft Windows 10 Home 10.0.10586.0.1252.44.2070.18.8124.5322 [GMT 2:00]
.
AV: Panda Free Antivirus *Enabled/Updated* {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Panda Free Antivirus *Enabled/Updated* {1196AB8C-A129-C27F-3AFF-0B72481FF423}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\WLANExt.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe
C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\POP Peeper\POPPeeper.exe
C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.co.uk/
uDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Users\Katerina\Desktop\Games\Arc\plugins\ArcPluginIE.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Windows\SysWOW64\F12\F12App.dll
uRun: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min
uRun: [OneDrive] "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
mRun: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
StartupFolder: C:\Users\Camilo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\WINDOWS\System32\RunDll32.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SafeModeBlockNonAdmins = dword:1
mPolicies-System: MaxGPOScriptWait = dword:600
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b}\2656C6B696E6E233369346 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b}\D454F4D2430353633473 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{aa158d2f-abf8-4ed5-8512-b7426d1615d1} : NameServer = 217.171.135.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SafeModeBlockNonAdmins = dword:1
x64-mPolicies-System: MaxGPOScriptWait = dword:600
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\bb1ygktw.default-1455198740855\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-6 632168]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-9-15 218624]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2015-10-5 100624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-11 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 NNSALPC;NNSALPC;C:\WINDOWS\System32\drivers\nnsalpc.sys [2015-7-17 103824]
R1 NNSHTTP;NNSHTTP;C:\WINDOWS\System32\drivers\nnshttp.sys [2015-7-17 211352]
R1 NNSHTTPS;NNSHTTPS;C:\WINDOWS\System32\drivers\nnshttps.sys [2015-7-17 120216]
R1 NNSIDS;NNSIDS;C:\WINDOWS\System32\drivers\nnsids.sys [2015-7-17 120208]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\WINDOWS\System32\drivers\NNSNAHSL.sys [2015-6-19 58616]
R1 NNSPICC;NNSPICC;C:\WINDOWS\System32\drivers\nnspicc.sys [2015-7-17 112536]
R1 NNSPIHSW;NNSPIHSW;C:\WINDOWS\System32\drivers\nnspihsw.sys [2015-9-1 89472]
R1 NNSPOP3;NNSPOP3;C:\WINDOWS\System32\drivers\nnspop3.sys [2015-7-17 133528]
R1 NNSPROT;NNSPROT;C:\WINDOWS\System32\drivers\nnsprot.sys [2015-7-17 309648]
R1 NNSPRV;NNSPRV;C:\WINDOWS\System32\drivers\nnsprv.sys [2015-7-17 179608]
R1 NNSSMTP;NNSSMTP;C:\WINDOWS\System32\drivers\nnssmtp.sys [2015-7-17 122776]
R1 NNSSTRM;NNSSTRM;C:\WINDOWS\System32\drivers\nnsstrm.sys [2015-7-17 267160]
R1 NNSTLSC;NNSTLSC;C:\WINDOWS\System32\drivers\nnstlsc.sys [2015-7-17 115600]
R1 PSINKNC;PSINKNC;C:\WINDOWS\System32\drivers\PSINKNC.sys [2016-5-10 207256]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2015-10-6 98208]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [2014-11-12 98816]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-26 29728]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-9-3 606224]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-8 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-12-19 373160]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-10-18 142072]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-12 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-6 19438920]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2016-2-22 73176]
R2 PSINAflt;PSINAflt;C:\WINDOWS\System32\drivers\PSINAflt.sys [2016-5-10 173464]
R2 PSINFile;PSINFile;C:\WINDOWS\System32\drivers\PSINFile.sys [2016-5-10 130968]
R2 PSINProc;PSINProc;C:\WINDOWS\System32\drivers\PSINProc.sys [2016-5-10 133528]
R2 PSINProt;PSINProt;C:\WINDOWS\System32\drivers\PSINProt.sys [2016-5-10 143768]
R2 PSINReg;PSINReg;C:\WINDOWS\System32\drivers\PSINReg.sys [2016-5-10 117144]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-10-22 38136]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2016-6-3 389896]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-10-6 291032]
R2 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-5-17 268920]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-5-11 245760]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\System32\drivers\clwvd.sys [2014-11-12 41704]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-8-20 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-6 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-6 38048]
R3 PSKMAD;PSKMAD;C:\WINDOWS\System32\drivers\PSKMAD.sys [2016-2-7 61712]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2015-10-30 624424]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2015-10-6 874712]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-8-28 4629744]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-10-6 42696]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-5-11 694784]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2015-6-23 30384]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-8-20 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-7-25 324224]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 ArcService;Arc Service;C:\Users\Katerina\Desktop\Games\Arc\ArcService.exe [2016-8-18 88024]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-2-13 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-4-25 129152]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2014-9-19 38264]
S3 IntcDAud;Áudio Intel(R) para Ecrãs;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-10-5 454416]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-8-20 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-8-20 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-10-30 108032]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-9-15 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-4-25 221824]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-2 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-9-15 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdm_usb;wdm_usb;C:\WINDOWS\System32\drivers\usb2ser.sys [2016-7-15 151184]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-9-15 364456]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 wmbclass;USB Mobile Broadband Adapter Driver;C:\WINDOWS\System32\drivers\wmbclass.sys [2015-10-30 303104]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-5-11 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-5-11 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
SUnknown IoQos;IoQos; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-09-16 20:33:38 -------- d-----w- C:\WINDOWS\pss
2016-09-16 17:57:55 -------- d-----w- C:\NVIDIA
2016-09-16 16:17:53 -------- d-----w- C:\Users\Camilo\AppData\Local\ESET
2016-09-15 12:59:59 3065344 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2016-09-15 12:58:59 70656 ----a-w- C:\WINDOWS\SysWow64\AppCapture.dll
2016-09-15 12:57:59 2444288 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll
2016-09-15 12:56:57 9920512 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2016-09-15 12:55:59 738816 ----a-w- C:\WINDOWS\SysWow64\appwiz.cpl
2016-09-15 12:54:59 2632192 ----a-w- C:\WINDOWS\SysWow64\rdpcore.dll
2016-09-15 12:53:59 775168 ----a-w- C:\WINDOWS\System32\Display.dll
2016-09-08 11:27:20 -------- d-----w- C:\Users\Camilo\AppData\Local\ElevatedDiagnostics
2016-09-08 09:22:26 -------- d-----w- C:\Program Files (x86)\Common Files\ScanSoft Shared
2016-09-08 09:21:41 -------- d-----w- C:\Program Files (x86)\ScanSoft
2016-09-08 09:19:22 -------- d-----w- C:\ProgramData\Brother
2016-08-31 21:49:24 -------- d-----w- C:\ProgramData\KingsIsle Entertainment
.
==================== Find3M ====================
.
2016-09-16 20:57:31 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-15 12:16:21 635904 ----a-w- C:\WINDOWS\SysWow64\mqsnap.dll
2016-09-15 12:16:21 14848 ----a-w- C:\WINDOWS\SysWow64\mqcertui.dll
2016-09-15 12:16:20 18944 ----a-w- C:\WINDOWS\System32\mqcertui.dll
2016-09-07 06:04:35 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2016-09-07 05:37:36 572272 ----a-w- C:\WINDOWS\SysWow64\taskschd.dll
2016-09-07 05:37:36 129888 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2016-09-07 05:36:37 405856 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS
2016-09-07 05:36:10 528736 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2016-09-07 05:35:27 1613664 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2016-09-07 05:35:19 523616 ----a-w- C:\WINDOWS\System32\wimserv.exe
2016-09-07 05:35:16 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-09-07 05:34:14 3449168 ----a-w- C:\WINDOWS\System32\WSService.dll
2016-09-07 05:34:05 2587696 ----a-w- C:\WINDOWS\System32\msxml6.dll
2016-09-07 05:33:45 1297760 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-09-07 05:33:16 2026736 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2016-09-07 05:33:08 986976 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-09-07 05:27:40 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-09-07 05:27:05 538632 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
2016-09-07 05:25:09 1270064 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2016-09-07 05:25:03 1447776 ----a-w- C:\WINDOWS\System32\webservices.dll
2016-09-07 05:25:01 2607336 ----a-w- C:\WINDOWS\System32\combase.dll
2016-09-07 05:25:00 1322248 ----a-w- C:\WINDOWS\System32\ole32.dll
2016-09-07 05:23:59 1750440 ----a-w- C:\WINDOWS\System32\WpcMon.exe
2016-09-07 05:23:53 374008 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2016-09-07 05:23:49 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2016-09-07 05:23:48 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-09-07 05:23:47 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-09-07 05:23:32 6605544 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-09-07 05:23:30 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-09-07 05:23:30 1603224 ----a-w- C:\WINDOWS\System32\propsys.dll
2016-09-07 05:23:26 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-09-07 05:23:23 1040792 ----a-w- C:\WINDOWS\System32\twinapi.appcore.dll
2016-09-07 05:23:01 692136 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2016-09-07 05:23:01 6536248 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2016-09-07 05:23:00 1540216 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2016-09-07 05:22:53 742192 ----a-w- C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
2016-09-07 05:22:37 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2016-09-07 05:22:37 1085728 ----a-w- C:\WINDOWS\SysWow64\webservices.dll
2016-09-07 05:22:36 625000 ----a-w- C:\WINDOWS\System32\ClipSVC.dll
2016-09-07 05:22:34 1128096 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2016-09-07 05:22:32 1824264 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2016-09-07 05:22:29 431296 ----a-w- C:\WINDOWS\System32\bcryptprimitives.dll
2016-09-07 05:22:28 604920 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-09-07 05:22:27 638816 ----a-w- C:\WINDOWS\System32\drivers\ClipSp.sys
2016-09-07 05:22:26 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-09-07 05:22:07 359256 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2016-09-07 05:21:16 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-09-07 05:21:01 5240952 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-09-07 05:21:00 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-09-07 05:20:57 836752 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2016-09-07 05:20:57 1355336 ----a-w- C:\WINDOWS\SysWow64\propsys.dll
2016-09-07 05:20:56 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-09-07 05:19:34 360480 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2016-09-07 05:19:06 294752 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2016-09-07 05:16:22 2144512 ----a-w- C:\WINDOWS\System32\d3d9.dll
2016-09-07 05:16:15 2773088 ----a-w- C:\WINDOWS\System32\d3d11.dll
2016-09-07 05:16:06 2548936 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2016-09-07 05:16:02 1988448 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-09-07 05:15:31 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-09-07 05:15:29 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-09-07 05:15:19 1415200 ----a-w- C:\WINDOWS\System32\msctf.dll
2016-09-07 05:15:16 911640 ----a-w- C:\WINDOWS\System32\dcomp.dll
2016-09-07 05:14:49 216416 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2016-09-07 05:14:27 430944 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2016-09-07 05:13:29 1865584 ----a-w- C:\WINDOWS\SysWow64\d3d9.dll
2016-09-07 05:13:16 2186856 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2016-09-07 05:12:50 2195632 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2016-09-07 05:12:18 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-09-07 05:12:10 28851224 ----a-w- C:\WINDOWS\System32\WindowsCodecsRaw.dll
2016-09-07 05:12:05 871776 ----a-w- C:\WINDOWS\System32\drvstore.dll
2016-09-07 05:12:04 1174008 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2016-09-07 05:11:50 57912 ----a-w- C:\WINDOWS\System32\lsass.exe
2016-09-07 05:11:46 305296 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2016-09-07 05:11:41 2187408 ----a-w- C:\WINDOWS\System32\hevcdecoder.dll
2016-09-07 05:11:37 388888 ----a-w- C:\WINDOWS\System32\wmpps.dll
2016-09-07 05:11:24 503600 ----a-w- C:\WINDOWS\System32\DMRServer.dll
2016-09-07 05:08:20 28083144 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecsRaw.dll
2016-09-07 05:08:05 116216 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll
2016-09-07 05:07:55 253080 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2016-09-07 05:07:49 1951848 ----a-w- C:\WINDOWS\SysWow64\hevcdecoder.dll
2016-09-07 04:53:53 1033216 ----a-w- C:\WINDOWS\System32\termsrv.dll
2016-09-07 04:52:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2016-09-07 04:52:06 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2016-09-07 04:51:54 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-09-07 04:49:43 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-09-07 04:48:54 22379520 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-09-07 04:48:42 957952 ----a-w- C:\WINDOWS\System32\IKEEXT.DLL
2016-09-07 04:47:50 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2016-09-07 04:47:31 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2016-09-07 04:46:53 88576 ----a-w- C:\WINDOWS\SysWow64\olepro32.dll
2016-09-07 04:46:51 68608 ----a-w- C:\WINDOWS\System32\fdProxy.dll
2016-09-07 04:46:50 119296 ----a-w- C:\WINDOWS\System32\UserDataTimeUtil.dll
2016-09-07 04:46:35 61952 ----a-w- C:\WINDOWS\System32\vss_ps.dll
2016-09-07 04:46:33 31232 ----a-w- C:\WINDOWS\System32\odbcconf.dll
2016-09-07 04:46:01 123392 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2016-09-07 04:45:59 86528 ----a-w- C:\WINDOWS\System32\spcompat.dll
2016-09-07 04:45:08 37376 ----a-w- C:\WINDOWS\System32\cmintegrator.dll
2016-09-07 04:44:40 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2016-09-07 04:44:35 95232 ----a-w- C:\WINDOWS\System32\SecureTimeAggregator.dll
.
============= FINISH: 23:17:31.65 ===============
No, I don't have any support disks should disaster happen!
I had a few strange messages popping up about "computer being blocked" and not to do anything or hard disk would be wiped clean...
I could not close the pages but used Tastmanager to close the program (Internet Explorer11)
I tried to run Eset Online twice. It found TWO infections but each time before it completed it went all black and stopped.
The system is becoming very slow.
This is my son's computer and I am just visiting. I have only 4 days to sort this out or he will be without a computer for school. Help!!!...
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.589
Run by Camilo at 23:15:49 on 2016-09-16
Microsoft Windows 10 Home 10.0.10586.0.1252.44.2070.18.8124.5322 [GMT 2:00]
.
AV: Panda Free Antivirus *Enabled/Updated* {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Panda Free Antivirus *Enabled/Updated* {1196AB8C-A129-C27F-3AFF-0B72481FF423}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall *Disabled* {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\WLANExt.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Hewlett-Packard\SimplePass\opbhobroker.exe
C:\Program Files\Hewlett-Packard\SimplePass\opbhobrokerdsktop.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\POP Peeper\POPPeeper.exe
C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.co.uk/
uDefault_Page_URL = hxxp://www.bing.com?pc=HPDTDFJS
BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Users\Katerina\Desktop\Games\Arc\plugins\ArcPluginIE.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Windows\SysWOW64\F12\F12App.dll
uRun: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min
uRun: [OneDrive] "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [PaperPort PTD] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
mRun: [IndexSearch] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
StartupFolder: C:\Users\Camilo\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\WINDOWS\System32\RunDll32.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SafeModeBlockNonAdmins = dword:1
mPolicies-System: MaxGPOScriptWait = dword:600
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b}\2656C6B696E6E233369346 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{4c788607-6f52-493c-afa5-5568015d1f4b}\D454F4D2430353633473 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{aa158d2f-abf8-4ed5-8512-b7426d1615d1} : NameServer = 217.171.135.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SafeModeBlockNonAdmins = dword:1
x64-mPolicies-System: MaxGPOScriptWait = dword:600
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\bb1ygktw.default-1455198740855\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-6 632168]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-9-15 218624]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2015-10-5 100624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-11 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 NNSALPC;NNSALPC;C:\WINDOWS\System32\drivers\nnsalpc.sys [2015-7-17 103824]
R1 NNSHTTP;NNSHTTP;C:\WINDOWS\System32\drivers\nnshttp.sys [2015-7-17 211352]
R1 NNSHTTPS;NNSHTTPS;C:\WINDOWS\System32\drivers\nnshttps.sys [2015-7-17 120216]
R1 NNSIDS;NNSIDS;C:\WINDOWS\System32\drivers\nnsids.sys [2015-7-17 120208]
R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;C:\WINDOWS\System32\drivers\NNSNAHSL.sys [2015-6-19 58616]
R1 NNSPICC;NNSPICC;C:\WINDOWS\System32\drivers\nnspicc.sys [2015-7-17 112536]
R1 NNSPIHSW;NNSPIHSW;C:\WINDOWS\System32\drivers\nnspihsw.sys [2015-9-1 89472]
R1 NNSPOP3;NNSPOP3;C:\WINDOWS\System32\drivers\nnspop3.sys [2015-7-17 133528]
R1 NNSPROT;NNSPROT;C:\WINDOWS\System32\drivers\nnsprot.sys [2015-7-17 309648]
R1 NNSPRV;NNSPRV;C:\WINDOWS\System32\drivers\nnsprv.sys [2015-7-17 179608]
R1 NNSSMTP;NNSSMTP;C:\WINDOWS\System32\drivers\nnssmtp.sys [2015-7-17 122776]
R1 NNSSTRM;NNSSTRM;C:\WINDOWS\System32\drivers\nnsstrm.sys [2015-7-17 267160]
R1 NNSTLSC;NNSTLSC;C:\WINDOWS\System32\drivers\nnstlsc.sys [2015-7-17 115600]
R1 PSINKNC;PSINKNC;C:\WINDOWS\System32\drivers\PSINKNC.sys [2016-5-10 207256]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2015-10-6 98208]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [2014-11-12 98816]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-26 29728]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2015-9-3 606224]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-11-8 15720]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-12-19 373160]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2015-10-18 142072]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-11-12 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2015-10-6 19438920]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2016-2-22 73176]
R2 PSINAflt;PSINAflt;C:\WINDOWS\System32\drivers\PSINAflt.sys [2016-5-10 173464]
R2 PSINFile;PSINFile;C:\WINDOWS\System32\drivers\PSINFile.sys [2016-5-10 130968]
R2 PSINProc;PSINProc;C:\WINDOWS\System32\drivers\PSINProc.sys [2016-5-10 133528]
R2 PSINProt;PSINProt;C:\WINDOWS\System32\drivers\PSINProt.sys [2016-5-10 143768]
R2 PSINReg;PSINReg;C:\WINDOWS\System32\drivers\PSINReg.sys [2016-5-10 117144]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2015-10-22 38136]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2016-6-3 389896]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-10-6 291032]
R2 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-5-17 268920]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-5-11 245760]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\System32\drivers\clwvd.sys [2014-11-12 41704]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-8-20 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-10-6 19272]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-6 38048]
R3 PSKMAD;PSKMAD;C:\WINDOWS\System32\drivers\PSKMAD.sys [2016-2-7 61712]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2015-10-30 624424]
R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2015-10-6 874712]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-8-28 4629744]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-10-6 42696]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-5-11 694784]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2015-6-23 30384]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-8-20 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-7-25 324224]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 ArcService;Arc Service;C:\Users\Katerina\Desktop\Games\Arc\ArcService.exe [2016-8-18 88024]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-2-13 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-4-25 129152]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2014-9-19 38264]
S3 IntcDAud;Áudio Intel(R) para Ecrãs;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-10-5 454416]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-8-20 192216]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-8-20 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-10-30 108032]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-9-15 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-4-25 221824]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-2 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-9-15 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdm_usb;wdm_usb;C:\WINDOWS\System32\drivers\usb2ser.sys [2016-7-15 151184]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-9-15 364456]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 wmbclass;USB Mobile Broadband Adapter Driver;C:\WINDOWS\System32\drivers\wmbclass.sys [2015-10-30 303104]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-5-11 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-5-11 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
SUnknown IoQos;IoQos; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-09-16 20:33:38 -------- d-----w- C:\WINDOWS\pss
2016-09-16 17:57:55 -------- d-----w- C:\NVIDIA
2016-09-16 16:17:53 -------- d-----w- C:\Users\Camilo\AppData\Local\ESET
2016-09-15 12:59:59 3065344 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2016-09-15 12:58:59 70656 ----a-w- C:\WINDOWS\SysWow64\AppCapture.dll
2016-09-15 12:57:59 2444288 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll
2016-09-15 12:56:57 9920512 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2016-09-15 12:55:59 738816 ----a-w- C:\WINDOWS\SysWow64\appwiz.cpl
2016-09-15 12:54:59 2632192 ----a-w- C:\WINDOWS\SysWow64\rdpcore.dll
2016-09-15 12:53:59 775168 ----a-w- C:\WINDOWS\System32\Display.dll
2016-09-08 11:27:20 -------- d-----w- C:\Users\Camilo\AppData\Local\ElevatedDiagnostics
2016-09-08 09:22:26 -------- d-----w- C:\Program Files (x86)\Common Files\ScanSoft Shared
2016-09-08 09:21:41 -------- d-----w- C:\Program Files (x86)\ScanSoft
2016-09-08 09:19:22 -------- d-----w- C:\ProgramData\Brother
2016-08-31 21:49:24 -------- d-----w- C:\ProgramData\KingsIsle Entertainment
.
==================== Find3M ====================
.
2016-09-16 20:57:31 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-09-15 12:16:21 635904 ----a-w- C:\WINDOWS\SysWow64\mqsnap.dll
2016-09-15 12:16:21 14848 ----a-w- C:\WINDOWS\SysWow64\mqcertui.dll
2016-09-15 12:16:20 18944 ----a-w- C:\WINDOWS\System32\mqcertui.dll
2016-09-07 06:04:35 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2016-09-07 05:37:36 572272 ----a-w- C:\WINDOWS\SysWow64\taskschd.dll
2016-09-07 05:37:36 129888 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2016-09-07 05:36:37 405856 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS
2016-09-07 05:36:10 528736 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2016-09-07 05:35:27 1613664 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2016-09-07 05:35:19 523616 ----a-w- C:\WINDOWS\System32\wimserv.exe
2016-09-07 05:35:16 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-09-07 05:34:14 3449168 ----a-w- C:\WINDOWS\System32\WSService.dll
2016-09-07 05:34:05 2587696 ----a-w- C:\WINDOWS\System32\msxml6.dll
2016-09-07 05:33:45 1297760 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-09-07 05:33:16 2026736 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2016-09-07 05:33:08 986976 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-09-07 05:27:40 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-09-07 05:27:05 538632 ----a-w- C:\WINDOWS\System32\WWanAPI.dll
2016-09-07 05:25:09 1270064 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2016-09-07 05:25:03 1447776 ----a-w- C:\WINDOWS\System32\webservices.dll
2016-09-07 05:25:01 2607336 ----a-w- C:\WINDOWS\System32\combase.dll
2016-09-07 05:25:00 1322248 ----a-w- C:\WINDOWS\System32\ole32.dll
2016-09-07 05:23:59 1750440 ----a-w- C:\WINDOWS\System32\WpcMon.exe
2016-09-07 05:23:53 374008 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2016-09-07 05:23:49 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2016-09-07 05:23:48 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-09-07 05:23:47 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-09-07 05:23:32 6605544 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-09-07 05:23:30 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-09-07 05:23:30 1603224 ----a-w- C:\WINDOWS\System32\propsys.dll
2016-09-07 05:23:26 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-09-07 05:23:23 1040792 ----a-w- C:\WINDOWS\System32\twinapi.appcore.dll
2016-09-07 05:23:01 692136 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2016-09-07 05:23:01 6536248 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2016-09-07 05:23:00 1540216 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2016-09-07 05:22:53 742192 ----a-w- C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
2016-09-07 05:22:37 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2016-09-07 05:22:37 1085728 ----a-w- C:\WINDOWS\SysWow64\webservices.dll
2016-09-07 05:22:36 625000 ----a-w- C:\WINDOWS\System32\ClipSVC.dll
2016-09-07 05:22:34 1128096 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2016-09-07 05:22:32 1824264 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2016-09-07 05:22:29 431296 ----a-w- C:\WINDOWS\System32\bcryptprimitives.dll
2016-09-07 05:22:28 604920 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-09-07 05:22:27 638816 ----a-w- C:\WINDOWS\System32\drivers\ClipSp.sys
2016-09-07 05:22:26 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-09-07 05:22:07 359256 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2016-09-07 05:21:16 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-09-07 05:21:01 5240952 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-09-07 05:21:00 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-09-07 05:20:57 836752 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2016-09-07 05:20:57 1355336 ----a-w- C:\WINDOWS\SysWow64\propsys.dll
2016-09-07 05:20:56 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-09-07 05:19:34 360480 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2016-09-07 05:19:06 294752 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2016-09-07 05:16:22 2144512 ----a-w- C:\WINDOWS\System32\d3d9.dll
2016-09-07 05:16:15 2773088 ----a-w- C:\WINDOWS\System32\d3d11.dll
2016-09-07 05:16:06 2548936 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2016-09-07 05:16:02 1988448 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-09-07 05:15:31 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-09-07 05:15:29 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-09-07 05:15:19 1415200 ----a-w- C:\WINDOWS\System32\msctf.dll
2016-09-07 05:15:16 911640 ----a-w- C:\WINDOWS\System32\dcomp.dll
2016-09-07 05:14:49 216416 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2016-09-07 05:14:27 430944 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2016-09-07 05:13:29 1865584 ----a-w- C:\WINDOWS\SysWow64\d3d9.dll
2016-09-07 05:13:16 2186856 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2016-09-07 05:12:50 2195632 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2016-09-07 05:12:18 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-09-07 05:12:10 28851224 ----a-w- C:\WINDOWS\System32\WindowsCodecsRaw.dll
2016-09-07 05:12:05 871776 ----a-w- C:\WINDOWS\System32\drvstore.dll
2016-09-07 05:12:04 1174008 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2016-09-07 05:11:50 57912 ----a-w- C:\WINDOWS\System32\lsass.exe
2016-09-07 05:11:46 305296 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2016-09-07 05:11:41 2187408 ----a-w- C:\WINDOWS\System32\hevcdecoder.dll
2016-09-07 05:11:37 388888 ----a-w- C:\WINDOWS\System32\wmpps.dll
2016-09-07 05:11:24 503600 ----a-w- C:\WINDOWS\System32\DMRServer.dll
2016-09-07 05:08:20 28083144 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecsRaw.dll
2016-09-07 05:08:05 116216 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll
2016-09-07 05:07:55 253080 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2016-09-07 05:07:49 1951848 ----a-w- C:\WINDOWS\SysWow64\hevcdecoder.dll
2016-09-07 04:53:53 1033216 ----a-w- C:\WINDOWS\System32\termsrv.dll
2016-09-07 04:52:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2016-09-07 04:52:06 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2016-09-07 04:51:54 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-09-07 04:49:43 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-09-07 04:48:54 22379520 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-09-07 04:48:42 957952 ----a-w- C:\WINDOWS\System32\IKEEXT.DLL
2016-09-07 04:47:50 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2016-09-07 04:47:31 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2016-09-07 04:46:53 88576 ----a-w- C:\WINDOWS\SysWow64\olepro32.dll
2016-09-07 04:46:51 68608 ----a-w- C:\WINDOWS\System32\fdProxy.dll
2016-09-07 04:46:50 119296 ----a-w- C:\WINDOWS\System32\UserDataTimeUtil.dll
2016-09-07 04:46:35 61952 ----a-w- C:\WINDOWS\System32\vss_ps.dll
2016-09-07 04:46:33 31232 ----a-w- C:\WINDOWS\System32\odbcconf.dll
2016-09-07 04:46:01 123392 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2016-09-07 04:45:59 86528 ----a-w- C:\WINDOWS\System32\spcompat.dll
2016-09-07 04:45:08 37376 ----a-w- C:\WINDOWS\System32\cmintegrator.dll
2016-09-07 04:44:40 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2016-09-07 04:44:35 95232 ----a-w- C:\WINDOWS\System32\SecureTimeAggregator.dll
.
============= FINISH: 23:17:31.65 ===============
No, I don't have any support disks should disaster happen!