I have folders and files appearing randomly in my Win10 x64 temp folder, but Malwarebytes and Window Defender detect nothing suspicious. DISMHOST.EXE is related to scheduling/maintenance, like Windows Defender schedules, however.
folder: 9BBB87E8-CFF4-44B2-89CB-05DB5D98EBF0/ <- GUID name changes
AppxProvider.dll
AssocProvider.dll
CbsProvider.dll
CompatProvider.dll
DismCore.dll
DismCorePS.dll
DismProv.dll
DmiProvider.dll
FfuProvider.dll
FolderProvider.dll
GenericProvider.dll
IBSProvider.dll
ImagingProvider.dll
DismHost.exe <- the culprit
folder: 9BBB87E8-CFF4-44B2-89CB-05DB5D98EBF0/en-US/
AppxProvider.dll.mui
AssocProvider.dll.mui
CbsProvider.dll.mui
CompatProvider.dll.mui
DismCore.dll.mui
DismProv.dll.mui
DmiProvider.dll.mui
FfuProvider.dll.mui
FolderProvider.dll.mui
GenericProvider.dll.mui
IBSProvider.dll.mui
ImagingProvider.dll.mui
IntlProvider.dll.mui
LogProvider.dll.mui
MsiProvider.dll.mui
OfflineSetupProvider.dll.mui
OSProvider.dll.mui
ProvProvider.dll.mui
SmiProvider.dll.mui
TransmogProvider.dll.mui
UnattendProvider.dll.mui
VhdProvider.dll.mui
WimProvider.dll.mui
The DLLs and EXE are signed by Microsoft. I doubt the files themselves are viral but something may be trying to block a Defender maintenance schedule. There is this article, but it's unresolved. I would like to know what is triggering these files and where they are emanating from, if anyone knows.
TY in advance.
Edited by hamluis, 06 February 2016 - 09:13 AM.
Moved from Win 10 Support to Am I Infected - Hamluis.