Morty-MSSE Posted December 27, 2016 Share Posted December 27, 2016 As indicated in my previous post all of my data has been corrupted and the data file has been renamed to a random name with the file extension *.A1E1. As requested, here is the results from the DDS scan: DDS (Ver_2012-11-20.01) - NTFS_AMD64Internet Explorer: 11.0.14393.0Run by sytro at 10:18:53 on 2016-12-27Microsoft Windows 10 Pro 10.0.14393.0.1252.1.1033.18.16372.12934 [GMT -8:00].AV: PC Matic Super Shield *Enabled/Updated* {A75D148F-9EA0-5C05-DCC3-E2888D63FFEC}AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: PC Matic Super Shield *Enabled/Updated* {1C3CF56B-B89A-538B-E673-D9FAF6E4B551}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}.============== Running Processes ===============.C:\WINDOWS\system32\svchost.exe -k DcomLaunchC:\WINDOWS\system32\svchost.exe -k RPCSSC:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\WINDOWS\system32\svchost.exe -k netsvcsC:\WINDOWS\System32\svchost.exe -k NetworkServiceC:\Windows\System32\WUDFHost.exeC:\Windows\System32\WUDFHost.exeC:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetworkC:\WINDOWS\system32\svchost.exe -k LocalServiceC:\Windows\System32\WUDFHost.exeC:\WINDOWS\system32\dashost.exeC:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exeC:\Program Files (x86)\Stardock\Start10\Start10Srv.exeC:\Program Files (x86)\Stardock\Start10\Start10_64.exeC:\Program Files\Logitech\SolarApp\L4301_Solar.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestrictedC:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestrictedC:\WINDOWS\System32\spoolsv.exeC:\WINDOWS\system32\svchost.exe -k apphostC:\WINDOWS\System32\svchost.exe -k utcsvcC:\WINDOWS\system32\ftvspksrv.exeC:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exeC:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exeC:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exeC:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exeC:\WINDOWS\System32\drivers\o2flash.exeC:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exec:\Program Files\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exeC:\WINDOWS\system32\svchost.exe -k iissvcsc:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exeC:\WINDOWS\system32\svchost.exe -k imgsvcC:\Program Files (x86)\TeamViewer\TeamViewer_Service.exeC:\WINDOWS\system32\DbxSvc.exeC:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exeC:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exeC:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exeC:\WINDOWS\system32\svchost.exe -k appmodelC:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exeC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exeC:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestrictedC:\WINDOWS\System32\vds.exeC:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exeC:\WINDOWS\system32\svchost.exe -k UnistackSvcGroupC:\WINDOWS\system32\sihost.exeC:\WINDOWS\system32\taskhostw.exeC:\Windows\System32\RuntimeBroker.exeC:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exeC:\Program Files (x86)\TeamViewer\TeamViewer.exeC:\WINDOWS\system32\SearchIndexer.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeC:\Program Files (x86)\TeamViewer\tv_w32.exeC:\Program Files (x86)\TeamViewer\tv_x64.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exeC:\WINDOWS\system32\AUDIODG.EXEC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exeC:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exeC:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\PUA.EXEC:\Program Files\Logitech\SetPointP\SetPoint.exeC:\Program Files\Windows Defender\MSASCuiL.exeC:\Users\sytro\AppData\Local\Microsoft\OneDrive\OneDrive.exeC:\Windows\System32\rundll32.exeC:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exeC:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exeC:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exeC:\Program Files (x86)\Skype\Phone\Skype.exeC:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exeC:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exeC:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exeC:\Windows\SysWoW64\MAFWDITray.exeC:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exeC:\Program Files (x86)\Dropbox\Client\Dropbox.exeC:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exeC:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exeC:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exeC:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exeC:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exeC:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exeC:\Program Files\Synaptics\SynTP\SynTPHelper.exeC:\Program Files (x86)\Stardock\ObjectDock\Dock64.exeC:\Users\sytro\AppData\Local\Pushbullet\bin\pushbullet_client.exeC:\Program Files (x86)\Stardock\ObjectDock\ObjectDockTray.exeC:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exeC:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exeC:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exeC:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exeC:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exeC:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exeC:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exeC:\WINDOWS\sysWOW64\wbem\wmiprvse.exeC:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exeC:\WINDOWS\system32\SettingSyncHost.exeC:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exeC:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exeC:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exeC:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exeC:\WINDOWS\system32\taskhostw.exeC:\WINDOWS\system32\dwm.exeC:\WINDOWS\System32\svchost.exe -k WerSvcGroupC:\WINDOWS\system32\wbem\wmiprvse.exeC:\Windows\System32\smartscreen.exeC:\WINDOWS\System32\cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://www.w7dk.org/uLocal Page = %11%\blank.htmBHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLBHO: Nuance PDF Conversion Toolbar Helper: {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dllBHO: PlusIEEventHelper Class: {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files (x86)\Nuance\Power PDF\bin\PlusIEContextMenu.dllBHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dllBHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLLBHO: PCMatic AdBlocker: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dllTB: Nuance PDF Toolbar: {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dlluRun: [OneDrive] "C:\Users\sytro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /backgrounduRun: [AudioBox VSL] C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startupuRun: [Amazon Music] "C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe"uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN27OBR0RM05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1uRun: [HP Officejet Pro 8620 (NET)] "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN479C406M:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1uRun: [Flvto YouTube Downloader] "C:\Users\sytro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimizeuRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirectuRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrunuRun: [Fences] "C:\program files (x86)\stardock\fences\Fences.exe" /startupuRun: [Pushbullet] "C:\Program Files (x86)\Pushbullet\pushbullet.exe" -show falsemRun: [M-Audio Taskbar Icon] C:\WINDOWS\System32\MAFWDITray.exemRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartupmRun: [ppbeuser] C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exemRun: [Nuance PDF Converter Professional 8-reminder] "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorunmRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exemRun: [PowerPDF Registry Controller] "C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe"mRun: [NuanPowerPdf1NPDFLM] "C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe"mRun: [Nuance Power PDF Advanced-reminder] "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Advanced\Ereg\Ereg.ini"mRun: [PowerPDFInboxMonitor] "C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe" /runmRun: [iSUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -schedulermRun: [RoxWatchTray] "C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatchTray15.exe"mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"mRun: [info Center] C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exemRun: [PC Matic] C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exeStartupFolder: C:\Users\sytro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SIDEBA~2.LNK -StartupFolder: C:\Users\sytro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~2.LNK - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\DAXBET~1.LNK - C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\NUANCE~1.LNK - C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SECURE~1.LNK - C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exeStartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SMARTS~1.LNK - C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exemPolicies-System: DSCAutomationHostEnabled = dword:2mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000IE: Open with Convert Assistant - C:\Program Files (x86)\Nuance\Power PDF\cnvres_eng.dll /100IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exeIE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dllIE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dllDPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxps://files.pcpitstop.com/cab/pcmatic.cabTCP: NameServer = 74.50.204.4 74.50.204.5TCP: Interfaces\{08e84e36-466d-440f-9ae9-390e70085e7a} : DHCPNameServer = 74.50.204.4 74.50.204.5TCP: Interfaces\{2160b02a-c110-4a02-93cc-c6725668bfb7} : DHCPNameServer = 4.2.2.2 4.2.2.1Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLHandler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dllHandler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dllNotify: MCPClient - C:\PROGRA~2\COMMON~1\Stardock\mcpstub.dllSSODL: WebCheck - <orphaned>SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\MCPCore.dllSEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLLLSA: Security Packages = ""CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dllx64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-BHO: Nuance PDF Conversion Toolbar Helper: {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient_x64.dllx64-BHO: PlusIEEventHelper Class: {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files (x86)\Nuance\Power PDF\bin\PlusIEContextMenu_x64.dllx64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dllx64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLLx64-TB: Nuance PDF Toolbar: {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient_x64.dllx64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exex64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startupx64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exex64-Run: [HDMICtrlMan] C:\Program Files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exex64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exex64-Run: [ThpSrv] C:\WINDOWS\System32\thpsrv /logonx64-Run: [Corel Update Helper] "c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe" /tx64-Run: [shadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStartx64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGamingx64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetchx64-mPolicies-System: DSCAutomationHostEnabled = dword:2x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0x64-mPolicies-System: PromptOnSecureDesktop = dword:0x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exex64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dllx64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dllx64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLLx64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dllx64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dllx64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dllx64-SSODL: WebCheck - <orphaned>x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dllx64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLLx64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstallx64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - Ux64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll.============= SERVICES / DRIVERS ===============.R0 EUBAKUP;EUBAKUP;C:\WINDOWS\System32\drivers\eubakup.sys [2016-9-11 60968]R0 EUBKMON;EUBKMON;C:\WINDOWS\System32\drivers\EUBKMON.sys [2016-9-11 48168]R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-8 48992]R0 O2MDGRDR;O2MDGRDR;C:\WINDOWS\System32\drivers\o2mdgx64.sys [2009-7-21 78976]R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2016-5-12 64984]R0 Sahdad64;HDD Filter Driver;C:\WINDOWS\System32\drivers\Sahdad64.sys [2016-5-12 37032]R0 Saibad64;Volume Filter Driver;C:\WINDOWS\System32\drivers\Saibad64.sys [2016-5-12 28840]R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\WINDOWS\System32\drivers\Thpevm.sys [2016-5-10 27480]R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-8-23 199008]R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-27 227328]R1 EUDSKACS;EUDSKACS;C:\WINDOWS\System32\drivers\eudskacs.sys [2016-9-11 18472]R1 EUFDDISK;EUFDDISK;C:\WINDOWS\System32\drivers\EuFdDisk.sys [2016-9-11 192552]R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]R1 SaibVdAd64;Virtual Disk Driver;C:\WINDOWS\System32\drivers\SaibVdAd64.sys [2016-5-12 36520]R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2016-8-23 46112]R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]R2 CDPUserSvc_b3c8b;CDPUserSvc_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2016-12-21 42096]R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2016-9-11 39616]R2 ftvspksrv;Virtual Serial Port Kit service;C:\WINDOWS\System32\ftvspksrv.exe [2016-10-12 473024]R2 GladFileMonSvc;GladFileMonSvc;C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [2012-4-24 29552]R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2016-3-29 21184]R2 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-1-30 405744]R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-28 459832]R2 OneSyncSvc_b3c8b;Sync Host_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]R2 PCPitstop Realtime;PCPitstop Realtime;C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [2016-12-21 745280]R2 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2016-12-21 198480]R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-4-30 337776]R2 regi;regi;C:\WINDOWS\System32\drivers\regi.sys [2007-4-16 14112]R2 RoxioBurnLauncher;Roxio Burn Launcher;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe [2016-8-5 953888]R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-8-9 754784]R2 Start10;Stardock Start10;C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [2015-2-3 219664]R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-5-10 10216688]R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-9-30 119648]R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]R3 FlexRadioSystemDAXService_Audio;@oem55.inf,%DeviceName% (WDM);FlexRadio Systems DAX Audio (WDM);C:\WINDOWS\System32\drivers\audiodax.sys [2016-7-21 68360]R3 FlexRadioSystemDAXService_IQ;@oem101.inf,%DeviceName% (WDM);FlexRadio Systems DAX IQ (WDM);C:\WINDOWS\System32\drivers\iqdax.sys [2016-7-21 68488]R3 FlexRadioSystemDAXService_MICAudio;@oem96.inf,%DeviceName% (WDM);FlexRadio Systems DAX MIC Audio (WDM);C:\WINDOWS\System32\drivers\micaudiodax.sys [2016-7-21 68360]R3 FlexRadioSystemDAXService_TX;@oem49.inf,%DeviceName% (WDM);FlexRadio Systems DAX TX (WDM);C:\WINDOWS\System32\drivers\txdax.sys [2016-7-21 68488]R3 ftvspenum;ftvspenum;C:\WINDOWS\System32\drivers\ftvspenum.sys [2015-12-3 83352]R3 ftvsport;FabulaTech Virtual Serial Port Driver;C:\WINDOWS\System32\drivers\ftvsport.sys [2016-10-12 65432]R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2016-7-16 121344]R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\WINDOWS\System32\drivers\LEqdUsb.sys [2015-6-17 87696]R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\WINDOWS\System32\drivers\LHidEqd.sys [2015-6-17 23184]R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]R3 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-28 462784]R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2016-7-14 46016]R3 O2SDGx64;O2SDGx64;C:\WINDOWS\System32\drivers\o2sdgx64.sys [2012-9-6 56576]R3 PGEffect;Pangu effect driver;C:\WINDOWS\System32\drivers\PGEffect.sys [2016-5-16 35008]R3 PimIndexMaintenanceSvc_b3c8b;Contact Data_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]R3 QIOMem;Generic IO & Memory Access;C:\WINDOWS\System32\drivers\QIOMem.sys [2016-5-10 22736]R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\WINDOWS\System32\drivers\rtl8192se.sys [2016-7-16 1222656]R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]R3 teamviewervpn;TeamViewer VPN Adapter;C:\WINDOWS\System32\drivers\teamviewervpn.sys [2016-5-10 35112]R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]R3 UnistoreSvc_b3c8b;User Data Storage_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]R3 UserDataSvc_b3c8b;User Data Access_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]R3 WirelessKeyboardFilter;Wireless Keyboard Filter Device Service;C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [2016-7-22 49896]R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2016-7-16 24576]R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-10 143144]S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]S2 RoxWatch15;Roxio Hard Drive Watcher 15;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatch15.exe [2016-8-26 350240]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-9-20 324224]S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2016-1-12 495816]S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2016-9-30 127328]S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2016-7-16 157024]S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2016-7-16 141152]S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-27 118272]S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-10 143144]S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 DeskScapes8;Stardock DeskScapes 8;C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe [2014-3-10 75376]S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-8-9 130688]S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]S3 Ham Radio Deluxe Remote Server;The Ham Radio Deluxe remote server;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDRemoteSvr.exe [2016-9-4 797696]S3 HDRExpress3Service;HDRExpress3Service;C:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [2014-10-23 32784]S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]S3 HRD RemoteSvr;HRD RemoteSvr;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDRemoteSvr.exe [2016-9-4 797696]S3 HRD Serial Port Server;HRD Serial Port Server;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDSerialPortSvr.exe [2011-9-24 503885]S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]S3 iaLPSS2i_GPIO2;Intel® Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]S3 Launch8;Stardock Launch;C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe [2015-8-24 274088]S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]S3 MAFWPROFIRE;Service for M-Audio ProFire;C:\WINDOWS\System32\drivers\MAudioProFire.sys [2013-6-3 288976]S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-11 64352]S3 MessagingService_b3c8b;MessagingService_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2016-7-16 179040]S3 Multiplicity;Multiplicity Service;C:\Program Files (x86)\EdgeRunner\Multiplicity\MultiSrv.exe [2015-8-21 209216]S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]S3 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2016-3-9 232192]S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 NPDFIFilterSrv;NPDFIFilterSrv;C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe [2016-6-15 218128]S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-28 462784]S3 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-28 1163712]S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-12-15 27584]S3 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2016-12-15 425408]S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]S3 ppbed;PowerPanel Business Edition Service;C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe [2016-5-11 184320]S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 RoxMediaDB15;RoxMediaDB15;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxMediaDB15.exe [2016-8-26 1105952]S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-9-30 2889896]S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-9-15 1312768]S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]S3 ShadowFX;Stardock ShadowFX;C:\Program Files (x86)\Stardock\ShadowFX\ShadowFXSrv.exe [2014-8-22 260232]S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-8-9 164992]S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-9-30 81760]S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2016-3-28 137216]S3 TeamFoundationSshService;Team Foundation Ssh Service;C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\Web Services\bin\TeamFoundationSshService.exe [2016-6-23 37096]S3 TFSJobAgent;Visual Studio Team Foundation Background Job Agent;C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\TFSJobAgent\TfsJobAgent.exe [2016-6-23 36528]S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]S3 vsoagent.MortyQosmio.Agent-MortyQosmio;VSO Agent (MortyQosmio.Agent-MortyQosmio);"F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe" "vsoagent.MortyQosmio.Agent-MortyQosmio" --> F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe [?]S3 VSStandardCollectorService140;Visual Studio Standard Collector Service;C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [2016-6-20 108776]S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2016-7-16 44496]S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-9-30 719360]S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]S3 WindowFX;Stardock WindowFX;C:\Program Files (x86)\Stardock\WindowFX\WindowFXSRV.exe [2014-6-12 181904]S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 WMSVC;Web Management Service;C:\WINDOWS\System32\inetsrv\WMSvc.exe [2016-7-16 12288]S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]S3 WpnUserService_b3c8b;Windows Push Notifications User Service_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-12-9 258560]S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-9-1 43520]S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2016-9-30 823136]S4 RsFx0312;RsFx0312 Driver;C:\WINDOWS\System32\drivers\RsFx0312.sys [2016-10-6 249536]S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2016-10-6 613056]S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2016-7-16 1227264].=============== File Associations ===============.FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [userChoice].=============== Created Last 30 ================.2016-12-27 17:29:31 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D30DD08-B287-4755-ACF8-F189C3A045F6}\mpengine.dll2016-12-24 22:59:45 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll2016-12-21 23:24:32 -------- d-----w- C:\ProgramData\PCPitstopDat2016-12-21 23:21:30 -------- d-----w- C:\ProgramData\PCPitstop2016-12-21 23:21:28 -------- d-----w- C:\Program Files (x86)\PCPitstop2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys2016-12-21 18:15:36 42096 ----a-w- C:\WINDOWS\System32\DbxSvc.exe2016-12-15 21:30:37 269600 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll2016-12-15 21:30:37 261920 ----a-w- C:\WINDOWS\System32\vulkan-1.dll2016-12-15 21:30:37 125216 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe2016-12-15 21:30:37 110880 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe2016-12-15 21:30:35 -------- d-----w- C:\Program Files (x86)\VulkanRT2016-12-15 17:16:55 -------- d-----w- C:\Users\sytro\AppData\Local\Chromium2016-12-15 17:16:20 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat2016-12-15 17:15:34 156096 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll2016-12-15 17:15:34 123840 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll2016-12-12 03:15:47 -------- d-----w- C:\Users\sytro\AppData\Local\FileZilla2016-12-09 19:45:15 -------- d-----w- C:\Users\sytro\AppData\Roaming\NVIDIA2016-12-09 16:29:59 381952 ----a-w- C:\WINDOWS\System32\cryptngc.dll2016-12-09 16:28:59 936448 ----a-w- C:\WINDOWS\System32\NMAA.dll2016-12-08 15:42:34 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{902E70DC-620D-4A4D-A44A-12F488F10879}\gapaengine.dll2016-12-07 22:00:58 -------- d-----w- C:\ProgramData\FlexRadio Systems.==================== Find3M ====================.2016-12-12 23:37:06 1853376 ----a-w- C:\WINDOWS\System32\nvspcap64.dll2016-12-12 23:37:05 1452480 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll2016-12-12 23:37:03 1755072 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll2016-12-12 23:37:02 1317312 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll2016-12-12 23:37:01 120256 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll2016-12-12 23:36:34 46016 ----a-w- C:\WINDOWS\System32\drivers\nvvad64v.sys2016-12-11 23:56:25 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe2016-12-11 23:56:25 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl2016-12-11 18:47:50 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat2016-12-11 18:47:44 6384576 ----a-w- C:\WINDOWS\System32\nvcpl.dll2016-12-11 18:47:44 2475968 ----a-w- C:\WINDOWS\System32\nvsvc64.dll2016-12-11 18:47:42 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll2016-12-11 18:47:42 71224 ----a-w- C:\WINDOWS\System32\nvshext.dll2016-12-11 18:47:42 548408 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll2016-12-11 18:47:42 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll2016-12-11 18:47:42 1764408 ----a-w- C:\WINDOWS\System32\nvsvcr.dll2016-12-09 15:54:34 180224 ----a-w- C:\WINDOWS\System32\enrollmentapi.dll2016-12-09 10:42:15 1637728 ----a-w- C:\WINDOWS\System32\appraiser.dll2016-12-09 10:42:14 137568 ----a-w- C:\WINDOWS\System32\acmigration.dll2016-12-09 10:34:34 894096 ----a-w- C:\WINDOWS\System32\winresume.exe2016-12-09 10:34:34 1051112 ----a-w- C:\WINDOWS\System32\winresume.efi2016-12-09 10:33:26 1354320 ----a-w- C:\WINDOWS\System32\winload.efi2016-12-09 10:33:26 1173496 ----a-w- C:\WINDOWS\System32\winload.exe2016-12-09 10:32:11 7816032 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe2016-12-09 10:30:39 377184 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys2016-12-09 10:29:23 2681200 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll2016-12-09 10:28:24 764392 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll2016-12-09 10:27:38 172528 ----a-w- C:\WINDOWS\System32\sspicli.dll2016-12-09 10:20:21 2677544 ----a-w- C:\WINDOWS\System32\d3d10warp.dll2016-12-09 10:20:20 2189664 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys2016-12-09 10:20:16 658784 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys2016-12-09 10:20:13 402272 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys2016-12-09 10:20:12 1738560 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll2016-12-09 10:19:35 1293152 ----a-w- C:\WINDOWS\System32\LicenseManager.dll2016-12-09 10:19:21 168424 ----a-w- C:\WINDOWS\System32\bcrypt.dll2016-12-09 10:18:47 624048 ----a-w- C:\WINDOWS\System32\drivers\cng.sys2016-12-09 10:18:21 2913144 ----a-w- C:\WINDOWS\System32\combase.dll2016-12-09 10:18:16 1100128 ----a-w- C:\WINDOWS\System32\hvix64.exe2016-12-09 10:18:15 1267512 ----a-w- C:\WINDOWS\System32\WinTypes.dll2016-12-09 10:18:14 811872 ----a-w- C:\WINDOWS\System32\hvloader.exe2016-12-09 10:18:12 947552 ----a-w- C:\WINDOWS\System32\hvloader.efi2016-12-09 10:18:09 989024 ----a-w- C:\WINDOWS\System32\hvax64.exe2016-12-09 10:15:26 8168000 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll2016-12-09 10:15:18 1988560 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll2016-12-09 10:14:50 1274712 ----a-w- C:\WINDOWS\System32\ole32.dll2016-12-09 10:14:33 241504 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll2016-12-09 10:11:15 2048496 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll2016-12-09 10:10:58 1461200 ----a-w- C:\WINDOWS\System32\user32.dll2016-12-09 10:10:40 1572768 ----a-w- C:\WINDOWS\System32\gdi32full.dll2016-12-09 10:09:27 455520 ----a-w- C:\WINDOWS\System32\securekernel.exe2016-12-09 10:01:59 2323728 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll2016-12-09 10:01:43 1503544 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll2016-12-09 10:01:08 861024 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll2016-12-09 10:00:58 106896 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll2016-12-09 09:59:25 846560 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll2016-12-09 09:59:24 2166752 ----a-w- C:\WINDOWS\SysWow64\combase.dll2016-12-09 09:57:01 1852720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll2016-12-09 09:57:00 6668040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll2016-12-09 09:56:15 959112 ----a-w- C:\WINDOWS\SysWow64\ole32.dll2016-12-09 09:52:21 1435896 ----a-w- C:\WINDOWS\SysWow64\user32.dll2016-12-09 09:52:21 1415752 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll2016-12-09 09:51:08 117240 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll2016-12-09 09:47:29 22563328 ----a-w- C:\WINDOWS\System32\edgehtml.dll2016-12-09 09:45:47 40448 ----a-w- C:\WINDOWS\System32\WordBreakers.dll2016-12-09 09:45:43 206848 ----a-w- C:\WINDOWS\System32\win32k.sys2016-12-09 09:45:13 82432 ----a-w- C:\WINDOWS\System32\VSD3DWARP12Debug.dll2016-12-09 09:42:29 227328 ----a-w- C:\WINDOWS\System32\cdd.dll2016-12-09 09:42:03 61952 ----a-w- C:\WINDOWS\System32\VSD3DWARPDebug.dll2016-12-09 09:41:22 380928 ----a-w- C:\WINDOWS\System32\wincorlib.dll2016-12-09 09:41:06 32768 ----a-w- C:\WINDOWS\SysWow64\WordBreakers.dll2016-12-09 09:40:38 147968 ----a-w- C:\WINDOWS\SysWow64\win32k.sys2016-12-09 09:40:07 64000 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARP12Debug.dll2016-12-09 09:38:39 324608 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.LockScreen.dll2016-12-09 09:37:29 261632 ----a-w- C:\WINDOWS\System32\indexeddbserver.dll2016-12-09 09:37:10 411136 ----a-w- C:\WINDOWS\System32\facecredentialprovider.dll2016-12-09 09:37:04 60928 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARPDebug.dll2016-12-09 09:37:01 49152 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll2016-12-09 09:36:56 425984 ----a-w- C:\WINDOWS\System32\aadcloudap.dll2016-12-09 09:36:32 410112 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll2016-12-09 09:36:09 3059200 ----a-w- C:\WINDOWS\System32\msi.dll2016-12-09 09:36:05 231936 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll2016-12-09 09:36:02 6285312 ----a-w- C:\WINDOWS\System32\Windows.Media.dll2016-12-09 09:34:52 822784 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll2016-12-09 09:34:31 288768 ----a-w- C:\WINDOWS\SysWow64\wincorlib.dll2016-12-09 09:33:42 3777536 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll2016-12-09 09:33:37 1589760 ----a-w- C:\WINDOWS\System32\msdtctm.dll2016-12-09 09:32:18 635904 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll2016-12-09 09:31:22 3689984 ----a-w- C:\WINDOWS\SysWow64\msi.dll2016-12-09 09:31:20 198656 ----a-w- C:\WINDOWS\SysWow64\indexeddbserver.dll2016-12-09 09:31:11 313856 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll2016-12-09 09:30:32 19413504 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll2016-12-09 09:30:31 4612608 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll2016-12-09 09:29:51 4749312 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll2016-12-09 09:28:55 1004544 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll2016-12-09 09:28:12 3306496 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll2016-12-09 09:27:55 5114368 ----a-w- C:\WINDOWS\System32\cdp.dll2016-12-09 09:27:36 981504 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll2016-12-09 09:26:32 8129536 ----a-w- C:\WINDOWS\System32\Chakra.dll2016-12-09 09:26:01 1692672 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll2016-12-09 09:25:28 376832 ----a-w- C:\WINDOWS\System32\CryptoWinRT.dll.============= FINISH: 10:20:38.37 =============== Here are the results of the Attach.txt file: .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 10 ProBoot Device: \Device\HarddiskVolume1Install Date: 2016-08-08 18:40:11System Uptime: 2016-12-27 09:35:12 (1 hours ago).Motherboard: TOSHIBA | | Qosmio X505Processor: Intel® Core i7 CPU Q 740 @ 1.73GHz | CPU 1 | 1734/133mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 465 GiB total, 281.685 GiB free.D: is FIXED (NTFS) - 932 GiB total, 684.588 GiB free.F: is FIXED (NTFS) - 931 GiB total, 928.208 GiB free.G: is CDROM ().==== Disabled Device Manager Items =============.Class GUID: {36fc9e60-c465-11cf-8056-444553540000}Description: Unknown USB Device (Device Descriptor Request Failed)Device ID: USB\VID_0000&PID_0002\8&B353290&0&4Manufacturer: (Standard USB Host Controller)Name: Unknown USB Device (Device Descriptor Request Failed)PNP Device ID: USB\VID_0000&PID_0002\8&B353290&0&4Service:.==== System Restore Points ===================.RP38: 2016-12-22 08:20:39 - Scheduled Checkpoint.==== Installed Programs ======================. Tools for .Net 3.58GadgetPackActive Directory Authentication Library for SQL ServerActive Directory Authentication Library for SQL Server (x86)Advanced Workshop: Modern Drum Producion in SONARAmateur Contact LogAmazon KindleAmazon MusicAnderton Content CollectionAnselApplication Insights Tools for Visual Studio Express 2015 for WebApplication Insights Tools for Visual Studio Express 2015 for Windows 10ARRL Antenna Book 23rd EditionARRL Field Day Contest LogAtheros Communications Inc.® AR81Family Gigabit/Fast Ethernet DriverAVS Audio Converter 8.1.1AVS Audio Editor 8.1.1AVS Audio Recorder version 4.0AVS Cover Editor 2.0.1.3AVS Disc Creator 5.2.5AVS Document Converter 3.0.2AVS DVD Copy 4.1.2.283AVS Image Converter 4.0.2AVS Media Player 4.3.1AVS Photo Editor 2.3.4AVS Registry Cleaner 3.0.3AVS Ringtone Maker version 1.6AVS Video Converter 9.2.1AVS Video Editor 7.2.1AVS Video Recorder 2.5AVS Video ReMaker 5.0.2Azure AD Authentication Connected ServiceAzureTools.Notifications.VwdExpressBehaviors SDK (Windows Phone) for Visual Studio 2013Behaviors SDK (Windows) for Visual Studio 2013Bing BarBluetooth Monitor 4Build Tools for Windows 10Build Tools for Windows 10 - ENUCakewalk Boutique FX SuiteCakewalk Classic Creative FX SuiteCakewalk Engineering FX SuiteCakewalk Studio Mixing FX SuiteCodedUITestUAPCommand CenterContentsCorel AfterShot 3 - ICA x64Corel AfterShot 3 - IPM Content x64Corel AfterShot 3 - IPM x64Corel AfterShot 3 x64Corel AfterShot 3(64-bit)Corel AfterShot HDRCorel AfterShot Pro 2 - ICA x64Corel AfterShot Pro 2 - IPM Content x64Corel AfterShot Pro 2 - IPM x64Corel AfterShot Pro 2 x64Corel AfterShot Pro 2(64-bit)Corel FastFlickCorel PaintShop Pro X7Corel PaintShop Pro X7Corel PaintShop Pro X8Corel Update ManagerCorel WinDVDCreator NXT 5 ContentCyberPower PowerPanel Business Edition 3.1.2Definition Update for Microsoft Office 2010 (KB3115475) 64-Bit EditionDimension Pro 1.5DropboxDropbox Update HelperEaseUS Todo Backup Home 9.2EdgeRunner MultiplicityEdgeRunner SpaceMongerEntity Framework 6.1.3 Tools for Visual Studio 2015 Update 1FileZilla Client 3.23.0.2FlexRadio Systems FlexVSPFlexRadio Systems SmartSDR Beta_v1.10.8GDR 4213 for SQL Server 2014 (KB3070446) (64-bit)Ham Radio DeluxeHDMI Control ManagerHDR Express 3Hotfix 4459 for SQL Server 2014 (KB3162659) (64-bit)Hotfix 4487 for SQL Server 2014 (KB3194722) (64-bit)HP Officejet Pro 8600 Basic Device SoftwareHP Officejet Pro 8600 HelpHP Officejet Pro 8600 Product Improvement StudyHP Officejet Pro 8620 Basic Device SoftwareHP Officejet Pro 8620 HelpHP UpdateI.R.I.S. OCRICAIDE Tools for Windows 10IDE Tools for Windows 10 - ENUIIS 10.0 ExpressIIS Express Application Compatibility Database for x64IIS Express Application Compatibility Database for x86Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0InterVideo WinDVD BD for TOSHIBAIPM_PSP_COMIPM_PSP_COM64IPM_VS_ProiZotope Music & Speech CleanerKits Configuration InstallerLibreOffice 5.1.2.2Logitech SetPoint 6.67Logitech Solar App 1.10M-Audio ProFire 6.1.1 (x64)Melodyne Runtime 4.1 (x64)Melodyne singletrackMicrosoft .NET Core 5.0 SDKMicrosoft .NET CoreRuntime For CoreConMicrosoft .NET CoreRuntime SDKMicrosoft .NET Framework 4 Multi-Targeting PackMicrosoft .NET Framework 4.5 Multi-Targeting PackMicrosoft .NET Framework 4.5.1 Multi-Targeting PackMicrosoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store AppsMicrosoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU)Microsoft .NET Framework 4.5.1 SDKMicrosoft .NET Framework 4.5.2 Multi-Targeting PackMicrosoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU)Microsoft .NET Framework 4.6 SDKMicrosoft .NET Framework 4.6 Targeting PackMicrosoft .NET Framework 4.6 Targeting Pack (ENU)Microsoft .NET Framework 4.6.1 Developer PackMicrosoft .NET Framework 4.6.1 SDKMicrosoft .NET Framework 4.6.1 Targeting PackMicrosoft .NET Framework 4.6.1 Targeting Pack (ENU)Microsoft .NET Native SDKMicrosoft .NET Native SDK Tools (Express)Microsoft .NET Version Manager (x64) 1.0.0-beta5Microsoft Access database engine 2010 (English)Microsoft Agents for Visual Studio 2015 PreviewMicrosoft Agents for Visual Studio 2015 Preview - ENUMicrosoft ASP.NET and Web Tools 2015.1 (Beta8) - Visual Studio Express 2015 for WebMicrosoft ASP.NET MVC 4 - Visual Studio Express 2015 for Web - ENUMicrosoft ASP.NET MVC 4 RuntimeMicrosoft ASP.NET Web Frameworks and Tools - Visual Studio Express 2015 for Web - ENUMicrosoft ASP.NET Web Pages 2 - Visual Studio Express 2015 for Web - ENUMicrosoft ASP.NET Web Pages 2 RuntimeMicrosoft Azure Mobile Services Connected ServiceMicrosoft Azure Mobile Services SDK V2.0Microsoft Azure Mobile Services Tools for Visual Studio - v1.4Microsoft Azure Shared Components for Visual Studio 2015 - v1.8Microsoft Azure Storage Connected ServiceMicrosoft Blend for Visual Studio 2015Microsoft Blend for Visual Studio 2015 - ENUMicrosoft Build Tools 14.0 (amd64)Microsoft Build Tools 14.0 (x86)Microsoft Build Tools Language Resources 14.0 (amd64)Microsoft Build Tools Language Resources 14.0 (x86)Microsoft Help Viewer 2.2Microsoft NuGet - Visual Studio Express 2015 for WebMicrosoft NuGet - Visual Studio Express 2015 for WindowsMicrosoft NuGet - Visual Studio Express 2015 for Windows DesktopMicrosoft ODBC Driver 11 for SQL ServerMicrosoft Office Access MUI (English) 2010Microsoft Office Access Runtime (English) 2007Microsoft Office Access Setup Metadata MUI (English) 2010Microsoft Office Excel MUI (English) 2010Microsoft Office Groove MUI (English) 2010Microsoft Office InfoPath MUI (English) 2010Microsoft Office Office 32-bit Components 2010Microsoft Office OneNote MUI (English) 2010Microsoft Office Outlook MUI (English) 2010Microsoft Office PowerPoint MUI (English) 2010Microsoft Office Professional Plus 2010Microsoft Office Project MUI (English) 2010Microsoft Office Project Professional 2010Microsoft Office Proof (English) 2010Microsoft Office Proof (French) 2010Microsoft Office Proof (Spanish) 2010Microsoft Office Proofing (English) 2010Microsoft Office Publisher MUI (English) 2010Microsoft Office Shared 32-bit MUI (English) 2010Microsoft Office Shared MUI (English) 2010Microsoft Office Shared Setup Metadata MUI (English) 2010Microsoft Office Visio 2010Microsoft Office Visio MUI (English) 2010Microsoft Office Word MUI (English) 2010Microsoft OneDriveMicrosoft Outlook Hotmail Connector 64-bitMicrosoft Portable Library Multi-Targeting Pack Language Pack - enuMicrosoft Project Professional 2010Microsoft SQL Server 2008 Setup Support FilesMicrosoft SQL Server 2012 Command Line UtilitiesMicrosoft SQL Server 2012 Native ClientMicrosoft SQL Server 2014 (64-bit)Microsoft SQL Server 2014 Express LocalDBMicrosoft SQL Server 2014 Management ObjectsMicrosoft SQL Server 2014 Management Objects (x64)Microsoft SQL Server 2014 RsFx DriverMicrosoft SQL Server 2014 Setup (English)Microsoft SQL Server 2014 T-SQL Language ServiceMicrosoft SQL Server 2014 Transact-SQL ScriptDomMicrosoft SQL Server 2016 LocalDBMicrosoft SQL Server 2016 Management ObjectsMicrosoft SQL Server 2016 Management Objects (x64)Microsoft SQL Server 2016 T-SQL Language ServiceMicrosoft SQL Server 2016 T-SQL ScriptDomMicrosoft SQL Server Compact 4.0 SP1 x64 ENUMicrosoft SQL Server Data Tools - enu (14.0.60519.0)Microsoft System CLR Types for SQL Server 2014Microsoft System CLR Types for SQL Server 2016Microsoft Team Foundation Server 2015 Update 3Microsoft Team Foundation Server 2015 Update 3 Language Pack - ENUMicrosoft Team Foundation Server 2015 Update 3 Standard - ENUMicrosoft Visio Premium 2010Microsoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2005 Redistributable (x64)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Link to comment Share on other sites More sharing options...
Morty-MSSE Posted December 27, 2016 Author Share Posted December 27, 2016 Here are the results from the FRST64_Recovery Scan: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016Ran by sytro (administrator) on MORTYQOSMIO (27-12-2016 10:55:52)Running from C:\Users\sytro\DesktopLoaded Profiles: sytro & PCPitstopSVC (Available Profiles: sytro & PCPitstopSVC & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)Internet Explorer Version 11 (Default browser: Edge)Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe(FabulaTech) C:\Windows\System32\ftvspksrv.exe() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe(O2Micro International) C:\Windows\System32\drivers\o2flash.exe(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe(Microsoft Corporation) C:\Windows\System32\vds.exe() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe(Corel Corporation) C:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\PUA.EXE(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe(Microsoft Corporation) C:\Windows\System32\rundll32.exe() C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe(FlexRadio Systems) C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe(PKWARE, Inc.) C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe(M-Audio, a brand of inMusic Brands, Inc.) C:\Windows\SysWOW64\MAFWDITray.exe(FlexRadio Systems) C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe(Pushbullet Inc) C:\Users\sytro\AppData\Local\Pushbullet\bin\pushbullet_client.exe(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\ObjectDockTray.exe(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe() C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\cmd.exe(Microsoft Corporation) C:\Windows\System32\smartscreen.exe(Farbar) C:\Users\sytro\Desktop\FRST64_RecoveryScanTool.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1882920 2009-11-12] (Synaptics Incorporated)HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3934168 2016-09-16] (Stardock Corporation)HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)HKLM\...\Run: [ThpSrv] => C:\WINDOWS\system32\thpsrv /logonHKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe [2012104 2015-11-27] (Corel Corporation)HKLM\...\Run: [shadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStartHKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetchHKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\Windows\SysWOW64\MAFWDITray.exe [315088 2013-06-03] (M-Audio, a brand of inMusic Brands, Inc.)HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)HKLM-x32\...\Run: [ppbeuser] => C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe [147456 2016-03-08] (Cyber Power Systems, Inc.)HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-24] (TOSHIBA CORPORATION.)HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [264416 2016-06-15] (Nuance Communications, Inc.)HKLM-x32\...\Run: [NuanPowerPdf1NPDFLM] => C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe [3456552 2016-06-15] (Nuance Communications, Inc.)HKLM-x32\...\Run: [Nuance Power PDF Advanced-reminder] => "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Advanced\Ereg\Ereg.ini"HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe [243120 2016-06-15] (Nuance Communications, Inc.)HKLM-x32\...\Run: [iSUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)HKLM-x32\...\Run: [] => [X]HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatchTray15.exe [303136 2016-08-26] (Corel Corporation)HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)HKLM-x32\...\Run: [info Center] => C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe [28976 2016-04-29] (PC Pitstop LLC)HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2144064 2016-12-19] (PC Pitstop)Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\Stardock\MCPStub.dll [2005-01-31] (Stardock)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [AudioBox VSL] => C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startupHKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Amazon Music] => C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-04-14] ()HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Flvto YouTube Downloader] => "C:\Users\sytro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimizeHKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Fences] => C:\program files (x86)\stardock\fences\Fences.exe [3934168 2016-09-16] (Stardock Corporation)HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\MCPCore.dll (Stardock)ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-04-24] (Gladinet, INC)ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-04-24] (Gladinet, INC)ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-04-24] (Gladinet, INC)ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-04-24] (Gladinet, INC)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Monitor.lnk [2016-05-16]ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA CORPORATION)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DAX Beta_v1.10.8.39.lnk [2016-12-22]ShortcutTarget: DAX Beta_v1.10.8.39.lnk -> C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe (FlexRadio Systems)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-05-11]ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SecureZIP Attachments Status.lnk [2016-05-20]ShortcutTarget: SecureZIP Attachments Status.lnk -> C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe (PKWARE, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartSDR CAT v1.10.8.39.lnk [2016-12-22]ShortcutTarget: SmartSDR CAT v1.10.8.39.lnk -> C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe (FlexRadio Systems)Startup: C:\Users\sytro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar808.lnk [2016-12-27]Startup: C:\Users\sytro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2016-05-14]ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 74.50.204.4 74.50.204.5Tcpip\..\Interfaces\{08e84e36-466d-440f-9ae9-390e70085e7a}: [DhcpNameServer] 74.50.204.4 74.50.204.5Tcpip\..\Interfaces\{2160b02a-c110-4a02-93cc-c6725668bfb7}: [DhcpNameServer] 4.2.2.2 4.2.2.1 Internet Explorer:==================HKU\S-1-5-21-3244274145-2722193653-490298892-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.w7dk.org/HKU\S-1-5-21-3244274145-2722193653-490298892-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.arrl.org/BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)BHO: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)BHO: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu_x64.dll [2016-06-03] (Zeon Corporation)BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)BHO-x32: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu.dll [2016-06-03] (Zeon Corporation)BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)BHO-x32: PCMatic AdBlocker -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll [2016-09-15] (PC Matic, LLC)Toolbar: HKLM - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)Toolbar: HKLM-x32 - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxps://files.pcpitstop.com/cab/pcmatic.cab Edge:======Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2016-10-25] FireFox:========FF HKLM-x32\...\Firefox\Extensions: [sweb2pdfextension.2@nuance.com] - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtnFF Extension: (Nuance PDF Create) - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtn [2016-06-28]FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExtFF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-11-15] [not signed]FF HKLM-x32\...\Firefox\Extensions: [noreply@pcpitstop.com] - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windowsFF Extension: (PC Matic) - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows [2016-12-21]FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) Chrome:=======CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [495816 2016-01-12] ()R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [46112 2016-08-23] ()S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc.)S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc.)R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)S3 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2014-03-10] (Stardock Software, Inc)R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)R2 ftvspksrv; C:\WINDOWS\system32\ftvspksrv.exe [473024 2016-10-12] (FabulaTech)R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2012-04-24] (Gladinet, INC)S3 Ham Radio Deluxe Remote Server; C:\Program Files (x86)\HRD SOFTWARE LLC\HAM RADIO DELUXE\HRDRemoteSvr.exe [797696 2016-09-04] (HRD Software, LLC) [File not signed]S3 HDRExpress3Service; C:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [32784 2014-10-23] ()S3 HRD RemoteSvr; C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDREMOTESVR.EXE [797696 2016-09-04] (HRD Software, LLC) [File not signed]S3 HRD Serial Port Server; C:\Program Files (x86)\HRD SOFTWARE LLC\HAM RADIO DELUXE\HRDSerialPortSvr.exe [503885 2011-09-24] (Simon Brown, HB9DRV) [File not signed]R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)S3 Launch8; C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe [274088 2015-08-24] (Stardock Software, Inc)R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2016-10-06] (Microsoft Corporation)S3 Multiplicity; C:\Program Files (x86)\EdgeRunner\Multiplicity\MultiSrv.exe [209216 2015-08-21] (Stardock Software, Inc)S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)S3 NPDFIFilterSrv; C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe [218128 2016-06-15] (Nuance Communications, Inc.)R3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)S3 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)S3 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [745280 2016-12-19] (PC Pitstop)R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198480 2016-09-15] (PC Pitstop LLC)S3 ppbed; C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe [184320 2016-03-08] (Cyber Power Systems, Inc.) [File not signed]R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe [953888 2016-08-05] ()S3 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxMediaDB15.exe [1105952 2016-08-26] (Corel Corporation)S2 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatch15.exe [350240 2016-08-26] (Corel Corporation)S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)S3 ShadowFX; C:\Program Files (x86)\Stardock\ShadowFX\ShadowFXSrv.exe [260232 2014-08-22] (Stardock Software, Inc)S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2016-10-06] (Microsoft Corporation)R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-21] (DEVGURU Co., LTD.)R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [File not signed]S3 TeamFoundationSshService; C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\Web Services\bin\TeamFoundationSshService.exe [37096 2016-06-23] (Microsoft Corporation)R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)S3 TFSJobAgent; C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [36528 2016-06-23] (Microsoft Corporation)S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation)S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2015-12-02] (Stardock Corporation) [File not signed]S3 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181904 2014-06-12] (Stardock Corporation)S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-08-08] (Microsoft Corporation)S3 vsoagent.MortyQosmio.Agent-MortyQosmio; "F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe" "vsoagent.MortyQosmio.Agent-MortyQosmio" [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-21] (Samsung Electronics Co., Ltd.)R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()R3 FlexRadioSystemDAXService_Audio; C:\WINDOWS\system32\DRIVERS\audiodax.sys [68360 2016-06-07] (FlexRadio Systems)R3 FlexRadioSystemDAXService_IQ; C:\WINDOWS\system32\DRIVERS\iqdax.sys [68488 2016-06-07] (FlexRadio Systems)R3 FlexRadioSystemDAXService_MICAudio; C:\WINDOWS\system32\DRIVERS\micaudiodax.sys [68360 2016-06-07] (FlexRadio Systems)R3 FlexRadioSystemDAXService_TX; C:\WINDOWS\system32\DRIVERS\txdax.sys [68488 2016-06-07] (FlexRadio Systems)R3 ftvspenum; C:\WINDOWS\System32\drivers\ftvspenum.sys [83352 2015-12-03] (FabulaTech)R3 ftvsport; C:\WINDOWS\system32\DRIVERS\ftvsport.sys [65432 2016-10-12] (FabulaTech)S3 MAFWPROFIRE; C:\WINDOWS\system32\DRIVERS\MAudioProFire.sys [288976 2013-06-03] (M-Audio, a brand of inMusic Brands, Inc.)S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2016-05-14] (CACE Technologies, Inc.)R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdi.inf_amd64_1f9a85f0fdd5a3ad\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)R3 O2SDGx64; C:\WINDOWS\System32\drivers\o2sdgx64.sys [56576 2012-09-06] (O2Micro )R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [64984 2015-12-15] (Corel Corporation)S4 RsFx0312; C:\WINDOWS\System32\DRIVERS\RsFx0312.sys [249536 2016-10-06] (Microsoft Corporation)R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [37032 2016-01-12] (Corel Corporation)R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [28840 2016-01-12] (Corel Corporation)R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [36520 2016-01-12] (Corel Corporation)R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-21] (Samsung Electronics Co., Ltd.)R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2016-05-10] (Toshiba Corporation)U5 tosporte; C:\Windows\System32\Drivers\tosporte.sys [54664 2009-06-17] (TOSHIBA Corporation)U5 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [50664 2009-06-19] (TOSHIBA Corporation)U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [81768 2009-07-28] (TOSHIBA Corporation)U5 TosRfSnd; C:\Windows\System32\Drivers\TosRfSnd.sys [63488 2010-04-26] (TOSHIBA Corporation) [File not signed]S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)S3 dbx; system32\DRIVERS\dbx.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-12-27 10:55 - 2016-12-27 10:56 - 00033456 _____ C:\Users\sytro\Desktop\FRST.txt2016-12-27 10:15 - 2016-12-26 17:09 - 00688992 ____R (Swearware) C:\Users\sytro\Desktop\dds.com2016-12-27 10:15 - 2016-12-26 08:43 - 02420736 _____ (Farbar) C:\Users\sytro\Desktop\FRST64_RecoveryScanTool.exe2016-12-21 18:09 - 2016-12-21 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox2016-12-21 15:52 - 2016-12-27 09:36 - 00000000 ____D C:\Users\PCPitstopSVC2016-12-21 15:52 - 2016-12-21 15:52 - 00000020 ___SH C:\Users\PCPitstopSVC\ntuser.ini2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\My Documents2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Videos2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Pictures2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Music2016-12-21 15:52 - 2016-08-08 17:37 - 00000000 ____D C:\Users\PCPitstopSVC\AppData\Local\Microsoft Help2016-12-21 15:24 - 2016-12-27 10:55 - 00000000 ____D C:\ProgramData\PCPitstopDat2016-12-21 15:21 - 2016-12-27 09:49 - 00000000 ____D C:\ProgramData\PCPitstop2016-12-21 15:21 - 2016-12-21 15:24 - 00000000 ____D C:\Program Files (x86)\PCPitstop2016-12-21 15:21 - 2016-12-21 15:21 - 00001313 _____ C:\Users\sytro\Desktop\PC Matic.lnk2016-12-21 15:21 - 2016-12-21 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop2016-12-21 15:19 - 2016-12-27 10:15 - 00000000 ____D C:\Users\sytro\Downloads\PCMatic2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys2016-12-21 10:15 - 2016-12-21 10:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe2016-12-17 12:17 - 2016-12-17 12:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v22016-12-15 13:36 - 2016-12-27 09:34 - 00003296 _____ C:\Users\sytro\Network_Meter_Data.js2016-12-15 13:30 - 2016-12-15 13:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT2016-12-15 13:30 - 2016-09-09 10:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll2016-12-15 13:30 - 2016-09-09 10:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll2016-12-15 13:30 - 2016-09-09 10:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe2016-12-15 13:30 - 2016-09-09 10:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe2016-12-15 13:27 - 2016-12-11 19:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll2016-12-15 13:27 - 2016-12-11 19:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll2016-12-15 13:27 - 2016-12-11 19:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll2016-12-15 13:27 - 2016-12-11 19:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll2016-12-15 13:27 - 2016-12-11 19:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll2016-12-15 13:27 - 2016-12-11 19:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll2016-12-15 13:27 - 2016-12-11 19:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll2016-12-15 13:27 - 2016-12-11 19:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll2016-12-15 13:27 - 2016-12-11 19:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll2016-12-15 13:27 - 2016-12-11 19:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll2016-12-15 13:27 - 2016-12-11 19:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll2016-12-15 13:27 - 2016-12-11 19:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll2016-12-15 13:27 - 2016-12-11 19:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll2016-12-15 13:27 - 2016-12-11 19:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll2016-12-15 13:27 - 2016-12-11 19:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll2016-12-15 13:27 - 2016-12-11 19:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll2016-12-15 13:27 - 2016-12-11 19:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll2016-12-15 13:27 - 2016-12-11 19:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll2016-12-15 13:27 - 2016-12-11 19:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll2016-12-15 13:27 - 2016-12-11 19:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll2016-12-15 09:16 - 2016-12-20 22:30 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup12016-12-15 09:16 - 2016-12-15 09:16 - 00004408 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}2016-12-15 09:16 - 2016-12-15 09:16 - 00000000 ____D C:\Users\sytro\AppData\Local\Chromium2016-12-15 09:16 - 2016-12-12 06:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat2016-12-15 09:15 - 2016-12-12 15:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll2016-12-15 09:15 - 2016-12-12 15:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll2016-12-15 08:05 - 2016-12-09 02:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll2016-12-15 08:05 - 2016-12-09 02:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll2016-12-15 08:05 - 2016-12-09 02:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi2016-12-15 08:05 - 2016-12-09 02:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe2016-12-15 08:05 - 2016-12-09 02:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi2016-12-15 08:05 - 2016-12-09 02:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe2016-12-15 08:05 - 2016-12-09 02:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe2016-12-15 08:05 - 2016-12-09 02:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys2016-12-15 08:05 - 2016-12-09 02:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll2016-12-15 08:05 - 2016-12-09 02:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll2016-12-15 08:05 - 2016-12-09 02:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll2016-12-15 08:05 - 2016-12-09 02:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll2016-12-15 08:05 - 2016-12-09 02:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys2016-12-15 08:05 - 2016-12-09 02:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll2016-12-15 08:05 - 2016-12-09 02:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys2016-12-15 08:05 - 2016-12-09 02:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys2016-12-15 08:05 - 2016-12-09 02:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll2016-12-15 08:05 - 2016-12-09 02:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll2016-12-15 08:05 - 2016-12-09 02:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll2016-12-15 08:05 - 2016-12-09 02:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll2016-12-15 08:05 - 2016-12-09 02:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe2016-12-15 08:05 - 2016-12-09 02:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe2016-12-15 08:05 - 2016-12-09 02:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi2016-12-15 08:05 - 2016-12-09 02:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe2016-12-15 08:05 - 2016-12-09 02:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys2016-12-15 08:05 - 2016-12-09 02:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll2016-12-15 08:05 - 2016-12-09 02:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll2016-12-15 08:05 - 2016-12-09 02:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll2016-12-15 08:05 - 2016-12-09 02:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll2016-12-15 08:05 - 2016-12-09 02:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll2016-12-15 08:05 - 2016-12-09 02:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll2016-12-15 08:05 - 2016-12-09 02:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll2016-12-15 08:05 - 2016-12-09 02:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe2016-12-15 08:05 - 2016-12-09 02:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll2016-12-15 08:05 - 2016-12-09 02:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll2016-12-15 08:05 - 2016-12-09 02:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll2016-12-15 08:05 - 2016-12-09 02:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll2016-12-15 08:05 - 2016-12-09 01:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll2016-12-15 08:05 - 2016-12-09 01:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll2016-12-15 08:05 - 2016-12-09 01:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll2016-12-15 08:05 - 2016-12-09 01:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll2016-12-15 08:05 - 2016-12-09 01:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll2016-12-15 08:05 - 2016-12-09 01:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll2016-12-15 08:05 - 2016-12-09 01:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll2016-12-15 08:05 - 2016-12-09 01:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll2016-12-15 08:05 - 2016-12-09 01:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll2016-12-15 08:05 - 2016-12-09 01:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys2016-12-15 08:05 - 2016-12-09 01:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll2016-12-15 08:05 - 2016-12-09 01:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll2016-12-15 08:05 - 2016-12-09 01:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll2016-12-15 08:05 - 2016-12-09 01:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll2016-12-15 08:05 - 2016-12-09 01:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll2016-12-15 08:05 - 2016-12-09 01:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll2016-12-15 08:05 - 2016-12-09 01:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys2016-12-15 08:05 - 2016-12-09 01:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll2016-12-15 08:05 - 2016-12-09 01:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll2016-12-15 08:05 - 2016-12-09 01:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll2016-12-15 08:05 - 2016-12-09 01:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll2016-12-15 08:05 - 2016-12-09 01:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll2016-12-15 08:05 - 2016-12-09 01:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll2016-12-15 08:05 - 2016-12-09 01:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll2016-12-15 08:05 - 2016-12-09 01:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll2016-12-15 08:05 - 2016-12-09 01:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll2016-12-15 08:05 - 2016-12-09 01:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll2016-12-15 08:05 - 2016-12-09 01:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll2016-12-15 08:05 - 2016-12-09 01:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll2016-12-15 08:05 - 2016-12-09 01:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll2016-12-15 08:05 - 2016-12-09 01:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll2016-12-15 08:05 - 2016-12-09 01:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll2016-12-15 08:05 - 2016-12-09 01:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll2016-12-15 08:05 - 2016-12-09 01:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll2016-12-15 08:05 - 2016-12-09 01:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll2016-12-15 08:05 - 2016-12-09 01:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll2016-12-15 08:05 - 2016-12-09 01:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll2016-12-15 08:05 - 2016-12-09 01:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll2016-12-15 08:05 - 2016-12-09 01:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll2016-12-15 08:05 - 2016-12-09 01:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll2016-12-15 08:05 - 2016-12-09 01:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll2016-12-15 08:05 - 2016-12-09 01:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll2016-12-15 08:05 - 2016-12-09 01:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll2016-12-15 08:05 - 2016-12-09 01:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll2016-12-15 08:05 - 2016-12-09 01:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll2016-12-15 08:05 - 2016-12-09 01:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll2016-12-15 08:05 - 2016-12-09 01:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll2016-12-15 08:05 - 2016-12-09 01:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll2016-12-15 08:05 - 2016-12-09 01:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll2016-12-15 08:05 - 2016-12-09 01:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll2016-12-15 08:05 - 2016-12-09 01:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll2016-12-15 08:05 - 2016-12-09 01:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll2016-12-15 08:05 - 2016-12-09 01:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll2016-12-15 08:05 - 2016-12-09 01:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll2016-12-15 08:05 - 2016-12-09 01:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll2016-12-15 08:05 - 2016-12-09 01:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll2016-12-15 08:05 - 2016-12-09 01:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys2016-12-15 08:05 - 2016-12-09 01:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys2016-12-15 08:05 - 2016-12-09 01:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll2016-12-15 08:05 - 2016-12-09 01:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll2016-12-15 08:05 - 2016-12-09 01:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll2016-12-15 08:05 - 2016-12-09 01:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll2016-12-15 08:05 - 2016-12-09 01:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll2016-12-15 08:05 - 2016-12-09 01:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe2016-12-15 08:05 - 2016-12-09 01:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll2016-12-15 08:05 - 2016-12-09 01:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll2016-12-15 08:05 - 2016-12-09 01:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll2016-12-15 08:05 - 2016-12-09 01:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll2016-12-15 08:05 - 2016-12-09 01:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll2016-12-15 08:05 - 2016-12-09 01:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll2016-12-15 08:05 - 2016-12-09 01:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll2016-12-15 08:05 - 2016-12-09 01:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll2016-12-15 08:05 - 2016-12-09 01:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll2016-12-15 08:05 - 2016-12-09 01:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll2016-12-15 08:05 - 2016-12-09 01:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll2016-12-15 08:05 - 2016-12-09 01:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys2016-12-15 08:05 - 2016-12-09 01:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll2016-12-15 08:05 - 2016-12-09 01:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll2016-12-15 08:05 - 2016-12-09 01:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll2016-12-15 08:05 - 2016-12-09 01:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll2016-12-15 08:05 - 2016-12-09 01:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll2016-12-15 08:05 - 2016-12-09 00:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll2016-12-14 19:47 - 2016-12-14 19:47 - 00066461 _____ C:\Users\sytro\Desktop\_README_10KWUL3O_.hta2016-12-14 19:14 - 2016-12-14 19:14 - 00066461 _____ C:\Users\sytro\_README_0MXA4I_.hta2016-12-14 19:01 - 2016-12-14 19:01 - 00066461 _____ C:\Users\sytro\Downloads\_README_4YDMC5P_.hta2016-12-14 18:49 - 2016-12-14 18:49 - 00066461 _____ C:\Users\sytro\Documents\_README_2KQU_.hta2016-12-11 19:15 - 2016-12-11 19:16 - 00000000 ____D C:\Users\sytro\AppData\Local\FileZilla2016-12-11 19:14 - 2016-12-11 19:15 - 06880664 _____ (Tim Kosse) C:\Users\sytro\Downloads\FileZilla_3.23.0.2_win64-setup.exe2016-12-09 11:45 - 2016-12-09 11:45 - 00000000 ____D C:\Users\sytro\AppData\Roaming\NVIDIA2016-12-09 08:30 - 2016-11-11 02:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll2016-12-09 08:30 - 2016-11-11 02:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll2016-12-09 08:30 - 2016-11-11 02:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll2016-12-09 08:30 - 2016-11-11 02:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll2016-12-09 08:30 - 2016-11-11 02:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll2016-12-09 08:30 - 2016-11-11 02:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll2016-12-09 08:30 - 2016-11-11 02:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys2016-12-09 08:30 - 2016-11-11 02:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys2016-12-09 08:30 - 2016-11-11 02:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll2016-12-09 08:30 - 2016-11-11 02:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll2016-12-09 08:30 - 2016-11-11 02:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll2016-12-09 08:30 - 2016-11-11 02:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe2016-12-09 08:30 - 2016-11-11 02:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll2016-12-09 08:30 - 2016-11-11 02:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll2016-12-09 08:30 - 2016-11-11 01:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll2016-12-09 08:30 - 2016-11-11 01:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll2016-12-09 08:30 - 2016-11-11 01:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll2016-12-09 08:30 - 2016-11-11 01:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll2016-12-09 08:30 - 2016-11-11 01:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll2016-12-09 08:30 - 2016-11-11 01:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe2016-12-09 08:30 - 2016-11-11 01:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll2016-12-09 08:30 - 2016-11-11 01:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll2016-12-09 08:30 - 2016-11-11 01:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys2016-12-09 08:30 - 2016-11-11 01:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll2016-12-09 08:30 - 2016-11-11 01:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll2016-12-09 08:30 - 2016-11-11 01:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe2016-12-09 08:30 - 2016-11-11 01:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll2016-12-09 08:30 - 2016-11-11 01:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll2016-12-09 08:30 - 2016-11-11 01:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll2016-12-09 08:30 - 2016-11-11 01:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll2016-12-09 08:30 - 2016-11-11 01:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll2016-12-09 08:30 - 2016-11-11 01:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll2016-12-09 08:30 - 2016-11-11 01:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll2016-12-09 08:30 - 2016-11-11 01:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll2016-12-09 08:30 - 2016-11-11 01:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe2016-12-09 08:30 - 2016-11-11 01:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe2016-12-09 08:30 - 2016-11-11 01:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll2016-12-09 08:30 - 2016-11-11 01:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll2016-12-09 08:30 - 2016-11-11 01:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll2016-12-09 08:30 - 2016-11-11 01:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll2016-12-09 08:30 - 2016-11-11 01:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll2016-12-09 08:30 - 2016-11-11 01:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll2016-12-09 08:30 - 2016-11-11 01:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe2016-12-09 08:30 - 2016-11-11 01:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll2016-12-09 08:30 - 2016-11-11 01:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll2016-12-09 08:30 - 2016-11-11 01:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll2016-12-09 08:30 - 2016-11-11 01:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll2016-12-09 08:30 - 2016-11-11 01:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll2016-12-09 08:30 - 2016-11-11 01:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll2016-12-09 08:30 - 2016-11-11 01:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll2016-12-09 08:30 - 2016-11-11 01:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys2016-12-09 08:30 - 2016-11-11 01:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll2016-12-09 08:30 - 2016-11-11 01:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll2016-12-09 08:30 - 2016-11-11 01:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll2016-12-09 08:30 - 2016-11-11 01:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll2016-12-09 08:30 - 2016-11-11 01:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll2016-12-09 08:30 - 2016-11-11 01:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll2016-12-09 08:30 - 2016-11-11 01:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll2016-12-09 08:30 - 2016-11-11 01:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll2016-12-09 08:30 - 2016-11-11 01:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll2016-12-09 08:30 - 2016-11-11 01:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll2016-12-09 08:30 - 2016-11-11 01:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll2016-12-09 08:30 - 2016-11-11 01:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll2016-12-09 08:30 - 2016-11-11 01:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll2016-12-09 08:30 - 2016-11-11 01:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll2016-12-09 08:30 - 2016-11-11 01:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll2016-12-09 08:30 - 2016-11-11 01:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll2016-12-09 08:30 - 2016-11-11 01:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll2016-12-09 08:30 - 2016-11-11 01:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll2016-12-09 08:30 - 2016-11-11 01:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll2016-12-09 08:30 - 2016-11-11 01:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll2016-12-09 08:30 - 2016-11-11 01:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll2016-12-09 08:30 - 2016-11-11 00:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll2016-12-09 08:30 - 2016-11-10 23:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll2016-12-09 08:30 - 2016-11-10 23:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll2016-12-09 08:30 - 2016-11-10 23:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll2016-12-09 08:30 - 2016-11-10 23:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll2016-12-09 08:30 - 2016-11-10 23:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll2016-12-09 08:30 - 2016-11-10 23:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll2016-12-09 08:30 - 2016-11-10 23:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll2016-12-09 08:30 - 2016-11-10 23:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll2016-12-09 08:30 - 2016-11-10 23:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll2016-12-09 08:30 - 2016-11-10 23:41 - 00157536 _____ (Microsoft Corporation) Link to comment Share on other sites More sharing options...
Juliet Posted December 30, 2016 Share Posted December 30, 2016 (edited) Hate to leave you hanging here but I need to ask a question.When trouble started, at one time did you receive an alert or some kind of note that your files had been encrypted?Any files that are encrypted with different versions of Ransomware, the newest variants, will be renamed (encrypted) with random characters and have a random 4 to 10+ digit extensions appended to the end of the encrypted data filename and leave files (ransom notes) named README.htaedit *12-30-2016OK, found your first post https://forums.pcpitstop.com/index.php?/topic/206275-data-file-renaming-and-corruption/I have been infected with a virus that corrupts any and every type of data file on my system by changing the data within the file and then changing the name of the files to a random character name with a file extension *.a1e1. (AeIgtRb^4#M.A1E1) located in your logs I did findC:\Users\sytro\Desktop\_README_10KWUL3O_.hta2016-12-14 19:14 - 2016-12-14 19:14 - 00066461 _____ C:\Users\sytro\_README_0MXA4I_.hta2016-12-14 19:01 - 2016-12-14 19:01 - 00066461 _____ C:\Users\sytro\Downloads\_README_4YDMC5P_.hta2016-12-14 18:49 - 2016-12-14 18:49 - 00066461 _____ C:\Users\sytro\Documents\_README_2KQU_.htaLooks like you've possibly been hit with Ransomware.If you would, please read over the 2 below linkshttps://www.bleepingcomputer.com/forums/t/629068/new-readmehta-ransomware-variant-cerber/https://answers.microsoft.com/en-us/protect/forum/protect_other-protect_scanning/i-need-help-to-decrypt-file-crypted-by-readmehta/13fa9d69-0c43-4e4f-b28c-ffa39851bd0b Edited December 30, 2016 by Juliet Link to comment Share on other sites More sharing options...
Morty-MSSE Posted December 31, 2016 Author Share Posted December 31, 2016 Thanks for the info. After reading through the links and associated links I believe what you have described is exactly what I have contracted. Only in this case it came from a misdirected email from my email provider. I had contacted them and they agreed that it sounded like a problem and they were going to look into it but to no avail. In the meantime all of the ransomware activity has come to a halt and I am having no more issues with it. I am however still cleaning my systems and have lost 1.5tb of data from the last 5 years. Oh well. Thanks again, this helps a lot. Link to comment Share on other sites More sharing options...
Juliet Posted January 1, 2017 Share Posted January 1, 2017 I am so sorry that all I could do was to deliver bad news. Wish you all the best for the new Year. Link to comment Share on other sites More sharing options...
Juliet Posted January 5, 2017 Share Posted January 5, 2017 Glad we could help. Since this issue appears resolved ... this Topic is closed. Link to comment Share on other sites More sharing options...
Recommended Posts