Today my laptop became infected with a load of malware, I have tried all the online programs to remove them, although the programs detect them they seem to be unable to remove them,
I appear to have Offers4U and Great Find, to say it is doing my head in is putting it mildly :angry: looks like Ad Choices is there as well
I have attached the two files as per your instructions, I hope I did that part right.
I hope someone can help as I do not really want to format and reload windows
Thanking you in advance
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16384
Run by Niki at 23:49:24 on 2015-08-05
Microsoft Windows 10 Home 10.0.10240.0.1252.44.2057.18.6034.3150 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\Hpservice.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Niki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Users\Niki\AppData\Local\Temp\ocr3A16.tmp\bin\rubyw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Niki\AppData\Local\Temp\ocr652A.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Niki\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\Niki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Private Internet Access] "C:\Program Files\pia_manager\pia_manager.exe" --startup
uRun: [FlashGet 3] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
IE: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{6c56b12a-c2a3-4c45-98ee-460bf74c5baa} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{DF6DF812-8E09-46B5-8A17-6908E0623FFA} : DHCPNameServer = 209.222.18.222 209.222.18.218
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-2-13 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-2-13 274808]
R0 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-7-10 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-2-13 1048856]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-2-13 447944]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-2-13 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-2-13 90968]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-2-13 150672]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-8-1 146600]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2015-8-5 127752]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-8-23 29600]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-2 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-2 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-2 165760]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-6-2 2222360]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2015-8-5 1026944]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-7-17 246472]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-2 364416]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2015-8-5 15920]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-5-3 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-7-17 42696]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S0 RapportHades64;RapportHades64;C:\WINDOWS\System32\drivers\RapportHades64.sys [2015-2-23 121432]
S0 RapportKE64;RapportKE64;C:\WINDOWS\System32\drivers\RapportKE64.sys [2015-2-23 376184]
S1 RapportCerberus_1412112;RapportCerberus_1412112;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [2015-7-12 917112]
S1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-6-2 485368]
S1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-6-2 480440]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 14904]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-5-3 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 EraserUtilDrv11411;EraserUtilDrv11411;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [2015-2-13 142640]
S3 EsgScanner;EsgScanner;C:\WINDOWS\System32\drivers\EsgScanner.sys [2015-8-5 22704]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 htcnprot;HTC NDIS Protocol Driver;C:\WINDOWS\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-5-3 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2015-2-23 266328]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-7-30 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-7-30 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-25 41272]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-7-10 78688]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-7-30 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-7-10 685056]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
.
=============== Created Last 30 ================
.
2015-08-05 21:55:03 16148 ----a-w- C:\WINDOWS\System32\NIKI_Niki_HistoryPrediction.bin
2015-08-05 21:37:15 -------- d-----w- C:\Program Files\HitmanPro
2015-08-05 21:36:09 -------- d-----w- C:\ProgramData\HitmanPro
2015-08-05 20:34:39 -------- d-----w- C:\Users\Niki\AppData\Roaming\Enigma Software Group
2015-08-05 20:34:32 -------- d-----w- C:\sh4ldr
2015-08-05 20:34:06 22704 ----a-w- C:\WINDOWS\System32\drivers\EsgScanner.sys
2015-08-05 20:34:00 -------- d-----w- C:\Program Files\Enigma Software Group
2015-08-05 16:17:06 -------- d-----w- C:\AdwCleaner
2015-08-05 16:15:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2015-08-01 16:29:30 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7527174-960A-4287-870B-9A644D1339B3}\mpengine.dll
2015-08-01 16:13:55 43112 ----a-w- C:\WINDOWS\avastSS.scr
2015-07-31 21:18:40 -------- d-s---w- C:\WINDOWS\SysWow64\Microsoft
2015-07-31 16:53:43 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-07-31 15:15:17 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashgetSetup
2015-07-31 15:15:17 -------- d-----w- C:\Users\Niki\AppData\Roaming\BITS
2015-07-31 15:15:14 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashGetBHO
2015-07-31 15:15:10 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashGet
2015-07-31 15:15:10 -------- d-----w- C:\Program Files (x86)\FlashGet Network
2015-07-31 14:10:39 -------- d-----w- C:\Users\Niki\AppData\Local\JDownloader v2.0
2015-07-30 22:21:28 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5B693F6D-218D-4431-9065-68E7D01AE471}\gapaengine.dll
2015-07-30 22:19:26 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-07-30 21:39:35 -------- d-----w- C:\Users\Niki\AppData\Local\MicrosoftEdge
2015-07-30 20:42:29 -------- d-----w- C:\Users\Niki\AppData\Local\NetworkTiles
2015-07-30 20:20:11 -------- d-sh--w- C:\Recovery
2015-07-30 20:20:03 -------- dc----w- C:\WINDOWS\Panther
2015-07-30 20:12:25 -------- d-----w- C:\Windows.old
2015-07-30 20:11:53 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2015-07-30 20:06:56 -------- d-----w- C:\Users\Niki\AppData\Local\Comms
2015-07-30 20:06:09 -------- d-----w- C:\Users\Niki\AppData\Local\TileDataLayer
2015-07-30 20:01:33 -------- d-----w- C:\inetpub
2015-07-30 20:00:38 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-07-30 20:00:38 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-07-30 20:00:38 102608 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 20:00:34 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-07-30 20:00:34 124112 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 20:00:34 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-07-30 19:52:06 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-07-30 19:48:33 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-07-30 19:32:21 -------- d--h--w- C:\Users\Niki\AppData
2015-07-30 19:32:21 -------- d-----w- C:\Users\Niki\AppData\Local\Temp
2015-07-30 19:32:21 -------- d-----w- C:\Users\Niki\AppData\Local\Microsoft
2015-07-30 19:27:53 -------- d-----w- C:\WINDOWS\SysWow64\sda
2015-07-30 19:27:16 6085632 ----a-w- C:\WINDOWS\System32\stlang64.dll
2015-07-30 19:27:16 426328 ----a-w- C:\WINDOWS\System32\EED64A.dll
2015-07-30 19:27:16 3308376 ----a-w- C:\WINDOWS\System32\EEP64A.dll
2015-07-30 19:27:16 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2015-07-30 19:27:16 1664000 ----a-w- C:\WINDOWS\sttray64.exe
2015-07-30 19:27:16 136024 ----a-w- C:\WINDOWS\System32\EEL64A.dll
2015-07-30 19:27:16 118104 ----a-w- C:\WINDOWS\System32\EEA64A.dll
2015-07-30 19:27:14 -------- d-----w- C:\WINDOWS\System32\SRSLabs
2015-07-30 19:27:00 -------- d-----w- C:\Program Files\IDT
2015-07-30 19:26:32 -------- d-----w- C:\Program Files\Synaptics
2015-07-26 12:47:08 -------- d-----w- C:\Users\Niki\AppData\Local\Diagnostics
2015-07-21 17:36:01 -------- d-----w- C:\Users\Niki\AppData\Local\CEF
2015-07-17 06:51:48 1804696 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
2015-07-17 06:51:46 764616 ----a-w- C:\WINDOWS\System32\SynCOM.dll
2015-07-17 06:51:46 614088 ----a-w- C:\WINDOWS\System32\drivers\SynTP.sys
2015-07-17 06:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys
2015-07-17 06:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
2015-07-17 06:51:46 42184 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys
2015-07-17 06:51:46 419528 ----a-w- C:\WINDOWS\SysWow64\SynCom.dll
2015-07-17 06:51:46 269000 ----a-w- C:\WINDOWS\System32\SynTPAPI.dll
2015-07-17 06:51:46 255688 ----a-w- C:\WINDOWS\System32\SynTPCo31.dll
2015-07-10 16:49:51 -------- d--h--w- C:\$Windows.~BT
2015-07-10 16:29:07 -------- d-----w- C:\WINDOWS\ShellNew
2015-07-10 16:29:07 -------- d-----w- C:\Program Files\Windows Journal
2015-07-10 16:26:36 -------- d-----w- C:\WINDOWS\OCR
2015-07-10 16:26:16 -------- d-----w- C:\WINDOWS\SKB
2015-07-10 13:19:33 -------- d-----w- C:\WINDOWS\en-US
2015-07-10 13:19:33 -------- d-----w- C:\WINDOWS\DigitalLocker
2015-07-10 12:22:52 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-M7P1NB6_Administrator_HistoryPrediction.bin
2015-07-10 12:22:45 -------- d-----w- C:\ProgramData\USOShared
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-07-10 12:21:38 -------- d-sh--we C:\ProgramData\Documents
2015-07-10 12:21:38 -------- d-sh--we C:\Documents and Settings
2015-07-10 12:20:42 -------- d-----w- C:\WINDOWS\ServiceProfiles
2015-07-10 12:20:38 -------- d-s---w- C:\WINDOWS\System32\Microsoft
2015-07-10 11:06:25 -------- d-----w- C:\WINDOWS\Setup
2015-07-10 11:06:01 792568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-07-10 11:06:01 178168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-07-10 11:03:58 -------- d-----w- C:\WINDOWS\System32\drivers
2015-07-10 11:02:54 -------- d-----w- C:\WINDOWS\INF
2015-07-10 11:00:42 567296 ----a-w- C:\WINDOWS\System32\msTextPrediction.dll
2015-07-10 10:59:59 9728 ----a-w- C:\WINDOWS\System32\RpcNs4.dll
2015-07-10 10:55:34 -------- d-----w- C:\WINDOWS\CbsTemp
.
==================== Find3M ====================
.
2015-08-05 19:49:30 113880 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-08-01 16:14:04 150672 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2015-08-01 16:14:03 90968 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2015-08-01 16:14:03 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2015-08-01 16:14:03 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2015-08-01 16:14:03 274808 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2015-08-01 16:14:02 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2015-08-01 16:13:36 1048856 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2015-07-30 20:01:26 55808 ----a-w- C:\WINDOWS\System32\admwprox.dll
2015-07-30 20:01:26 53248 ----a-w- C:\WINDOWS\System32\ahadmin.dll
2015-07-30 20:01:26 202240 ----a-w- C:\WINDOWS\System32\iisRtl.dll
2015-07-30 20:01:26 18432 ----a-w- C:\WINDOWS\System32\iisreset.exe
2015-07-30 20:01:26 15360 ----a-w- C:\WINDOWS\System32\wamregps.dll
2015-07-30 20:01:26 13312 ----a-w- C:\WINDOWS\System32\iisrstap.dll
2015-07-30 20:01:24 50688 ----a-w- C:\WINDOWS\SysWow64\admwprox.dll
2015-07-30 20:01:24 26112 ----a-w- C:\WINDOWS\SysWow64\ahadmin.dll
2015-07-30 20:01:24 168960 ----a-w- C:\WINDOWS\SysWow64\iisRtl.dll
2015-07-30 20:01:24 16896 ----a-w- C:\WINDOWS\SysWow64\iisreset.exe
2015-07-30 20:01:24 11264 ----a-w- C:\WINDOWS\SysWow64\wamregps.dll
2015-07-30 20:01:24 10240 ----a-w- C:\WINDOWS\SysWow64\iisrstap.dll
2015-07-10 16:29:02 800256 ----a-w- C:\WINDOWS\System32\mblctr.exe
2015-07-10 16:29:02 276992 ----a-w- C:\WINDOWS\System32\umrdp.dll
2015-07-10 16:29:02 26112 ----a-w- C:\WINDOWS\System32\drivers\rdpbus.sys
2015-07-10 16:29:02 2533888 ----a-w- C:\WINDOWS\SysWow64\InkAnalysis.dll
2015-07-10 16:29:01 48640 ----a-w- C:\WINDOWS\System32\RotMgr.dll
2015-07-10 16:29:01 48128 ----a-w- C:\WINDOWS\System32\hwrcomp.exe
2015-07-10 16:29:01 38752 ----a-w- C:\WINDOWS\System32\drivers\terminpt.sys
2015-07-10 16:29:01 1949696 ----a-w- C:\WINDOWS\System32\SensorsCpl.dll
2015-07-10 16:29:01 184832 ----a-w- C:\WINDOWS\System32\hwrreg.exe
2015-07-10 16:29:00 274224 ----a-w- C:\WINDOWS\SysWow64\rdpendp.dll
2015-07-10 16:29:00 1949696 ----a-w- C:\WINDOWS\SysWow64\SensorsCpl.dll
2015-07-10 16:26:15 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-07-10 16:26:14 6358016 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-07-10 16:26:14 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-07-10 16:26:14 4847104 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-07-10 16:26:14 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-07-10 16:25:21 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-GB\NdisImPlatform.sys.mui
2015-07-10 16:25:20 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
2015-07-10 16:25:20 7168 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2015-07-10 16:25:20 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2015-07-10 16:25:20 3072 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\en-GB\SensorsCx.dll.mui
2015-07-10 11:02:43 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2015-07-10 11:02:41 229888 ----a-w- C:\WINDOWS\System32\msclmd.dll
2015-07-10 11:00:41 394240 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-07-10 10:59:59 9728 ----a-w- C:\WINDOWS\System32\mtxex.dll
2015-07-10 09:07:55 141824 ----a-w- C:\WINDOWS\System32\poqexec.exe
2015-07-10 09:07:53 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2015-07-10 09:05:37 897024 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2015-07-10 09:05:37 618272 ----a-w- C:\WINDOWS\System32\sxs.dll
2015-07-10 09:05:37 36864 ----a-w- C:\WINDOWS\System32\sxstrace.exe
2015-07-10 09:05:37 254816 ----a-w- C:\WINDOWS\System32\wdscore.dll
2015-07-10 09:05:37 243040 ----a-w- C:\WINDOWS\System32\cmipnpinstall.dll
2015-07-10 09:05:37 202240 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2015-07-10 09:05:37 135520 ----a-w- C:\WINDOWS\System32\SSShim.dll
2015-07-10 09:05:33 207200 ----a-w- C:\WINDOWS\SysWow64\wdscore.dll
2015-07-10 09:05:33 199168 ----a-w- C:\WINDOWS\SysWow64\PkgMgr.exe
2015-07-10 09:05:33 111456 ----a-w- C:\WINDOWS\SysWow64\SSShim.dll
2015-07-10 09:05:30 191840 ----a-w- C:\WINDOWS\SysWow64\cmipnpinstall.dll
2015-07-05 10:08:23 300704 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-06-18 07:42:02 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2015-06-18 07:41:44 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2015-06-18 07:41:40 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2015-06-05 01:13:02 9898752 ----a-w- C:\WINDOWS\SysWow64\RsCRIcon.dll
2015-06-05 01:12:54 91904 ----a-w- C:\WINDOWS\System32\RtCRX64.dll
2015-06-05 01:12:54 310528 ----a-w- C:\WINDOWS\System32\drivers\RtsP2Stor.sys
2015-06-02 17:41:06 376184 ----a-w- C:\WINDOWS\System32\drivers\RapportKE64.sys
2015-06-02 17:41:06 121432 ----a-w- C:\WINDOWS\System32\drivers\RapportHades64.sys
2015-06-01 20:01:16 544552 ----a-w- C:\WINDOWS\System32\iglhsip64.dll
2015-06-01 20:01:16 11223896 ----a-w- C:\WINDOWS\SysWow64\igdumd32.dll
2015-06-01 20:01:14 231312 ----a-w- C:\WINDOWS\System32\iglhcp64.dll
2015-06-01 20:01:14 194880 ----a-w- C:\WINDOWS\SysWow64\iglhcp32.dll
2015-06-01 20:01:14 13059896 ----a-w- C:\WINDOWS\System32\igd10umd64.dll
2015-06-01 20:01:14 12814752 ----a-w- C:\WINDOWS\System32\igdumd64.dll
2015-06-01 20:01:14 11352688 ----a-w- C:\WINDOWS\SysWow64\igd10umd32.dll
2015-06-01 20:01:14 1067696 ----a-w- C:\WINDOWS\System32\igfxcmrt64.dll
2015-06-01 20:01:12 957472 ----a-w- C:\WINDOWS\SysWow64\igfxcmrt32.dll
2015-06-01 20:01:12 539312 ----a-w- C:\WINDOWS\SysWow64\iglhsip32.dll
2015-06-01 20:01:10 41288 ----a-w- C:\WINDOWS\System32\igfxexps.dll
2015-06-01 18:46:58 272928 ----a-w- C:\WINDOWS\SysWow64\igvpkrng600.bin
2015-06-01 18:46:58 272928 ----a-w- C:\WINDOWS\System32\igvpkrng600.bin
2015-06-01 18:45:24 963452 ----a-w- C:\WINDOWS\SysWow64\igcodeckrng600.bin
2015-06-01 18:45:24 963452 ----a-w- C:\WINDOWS\System32\igcodeckrng600.bin
2015-05-25 13:23:31 36864 ----a-w- C:\WINDOWS\System32\UtcResources.dll
.
============= FINISH: 23:53:47.54 ===============
I appear to have Offers4U and Great Find, to say it is doing my head in is putting it mildly :angry: looks like Ad Choices is there as well
I have attached the two files as per your instructions, I hope I did that part right.
I hope someone can help as I do not really want to format and reload windows
Thanking you in advance
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16384
Run by Niki at 23:49:24 on 2015-08-05
Microsoft Windows 10 Home 10.0.10240.0.1252.44.2057.18.6034.3150 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\Hpservice.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Niki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Users\Niki\AppData\Local\Temp\ocr3A16.tmp\bin\rubyw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\pia_manager\pia_manager.exe
C:\Users\Niki\AppData\Local\Temp\ocr652A.tmp\bin\rubyw.exe
C:\Program Files\pia_manager\pia_tray\pia_tray.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.yahoo.com/
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Niki\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\Niki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Private Internet Access] "C:\Program Files\pia_manager\pia_manager.exe" --startup
uRun: [FlashGet 3] "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" -minimize
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm
IE: Download all videos by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallflvurl.htm
IE: Download by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgeturl.htm
IE: Download current video by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetflvurl.htm
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{6c56b12a-c2a3-4c45-98ee-460bf74c5baa} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{DF6DF812-8E09-46B5-8A17-6908E0623FFA} : DHCPNameServer = 209.222.18.222 209.222.18.218
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.130\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-2-13 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-2-13 274808]
R0 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-7-10 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-2-13 1048856]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-2-13 447944]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-2-13 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-2-13 90968]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-2-13 150672]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-8-1 146600]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2015-8-5 127752]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-8-23 29600]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-11-2 2451456]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-11-2 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-11-2 165760]
R2 PassThru Service;Internet Pass-Through Service;C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912]
R2 RapportMgmtService;Rapport Management Service;C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2015-6-2 2222360]
R2 SpyHunter 4 Service;SpyHunter 4 Service;C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [2015-8-5 1026944]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-7-17 246472]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-11-2 364416]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 esgiguard;esgiguard;C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [2015-8-5 15920]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2012-6-19 342528]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-5-3 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-7-17 42696]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S0 RapportHades64;RapportHades64;C:\WINDOWS\System32\drivers\RapportHades64.sys [2015-2-23 121432]
S0 RapportKE64;RapportKE64;C:\WINDOWS\System32\drivers\RapportKE64.sys [2015-2-23 376184]
S1 RapportCerberus_1412112;RapportCerberus_1412112;C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [2015-7-12 917112]
S1 RapportEI64;RapportEI64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [2015-6-2 485368]
S1 RapportPG64;RapportPG64;C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [2015-6-2 480440]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-11-2 14904]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-5-3 1133880]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 EraserUtilDrv11411;EraserUtilDrv11411;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11411.sys [2015-2-13 142640]
S3 EsgScanner;EsgScanner;C:\WINDOWS\System32\drivers\EsgScanner.sys [2015-8-5 22704]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 htcnprot;HTC NDIS Protocol Driver;C:\WINDOWS\System32\drivers\htcnprot.sys [2013-10-17 36928]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-5-3 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 RapportIaso;RapportIaso;C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys [2015-2-23 266328]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-7-30 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-7-30 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-25 41272]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-7-10 78688]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-7-30 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-7-10 685056]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
.
=============== Created Last 30 ================
.
2015-08-05 21:55:03 16148 ----a-w- C:\WINDOWS\System32\NIKI_Niki_HistoryPrediction.bin
2015-08-05 21:37:15 -------- d-----w- C:\Program Files\HitmanPro
2015-08-05 21:36:09 -------- d-----w- C:\ProgramData\HitmanPro
2015-08-05 20:34:39 -------- d-----w- C:\Users\Niki\AppData\Roaming\Enigma Software Group
2015-08-05 20:34:32 -------- d-----w- C:\sh4ldr
2015-08-05 20:34:06 22704 ----a-w- C:\WINDOWS\System32\drivers\EsgScanner.sys
2015-08-05 20:34:00 -------- d-----w- C:\Program Files\Enigma Software Group
2015-08-05 16:17:06 -------- d-----w- C:\AdwCleaner
2015-08-05 16:15:15 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2015-08-01 16:29:30 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A7527174-960A-4287-870B-9A644D1339B3}\mpengine.dll
2015-08-01 16:13:55 43112 ----a-w- C:\WINDOWS\avastSS.scr
2015-07-31 21:18:40 -------- d-s---w- C:\WINDOWS\SysWow64\Microsoft
2015-07-31 16:53:43 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-07-31 15:15:17 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashgetSetup
2015-07-31 15:15:17 -------- d-----w- C:\Users\Niki\AppData\Roaming\BITS
2015-07-31 15:15:14 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashGetBHO
2015-07-31 15:15:10 -------- d-----w- C:\Users\Niki\AppData\Roaming\FlashGet
2015-07-31 15:15:10 -------- d-----w- C:\Program Files (x86)\FlashGet Network
2015-07-31 14:10:39 -------- d-----w- C:\Users\Niki\AppData\Local\JDownloader v2.0
2015-07-30 22:21:28 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5B693F6D-218D-4431-9065-68E7D01AE471}\gapaengine.dll
2015-07-30 22:19:26 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-07-30 21:39:35 -------- d-----w- C:\Users\Niki\AppData\Local\MicrosoftEdge
2015-07-30 20:42:29 -------- d-----w- C:\Users\Niki\AppData\Local\NetworkTiles
2015-07-30 20:20:11 -------- d-sh--w- C:\Recovery
2015-07-30 20:20:03 -------- dc----w- C:\WINDOWS\Panther
2015-07-30 20:12:25 -------- d-----w- C:\Windows.old
2015-07-30 20:11:53 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2015-07-30 20:06:56 -------- d-----w- C:\Users\Niki\AppData\Local\Comms
2015-07-30 20:06:09 -------- d-----w- C:\Users\Niki\AppData\Local\TileDataLayer
2015-07-30 20:01:33 -------- d-----w- C:\inetpub
2015-07-30 20:00:38 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-07-30 20:00:38 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-07-30 20:00:38 102608 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 20:00:34 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-07-30 20:00:34 124112 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-07-30 20:00:34 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-07-30 19:52:06 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-07-30 19:48:33 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-07-30 19:32:21 -------- d--h--w- C:\Users\Niki\AppData
2015-07-30 19:32:21 -------- d-----w- C:\Users\Niki\AppData\Local\Temp
2015-07-30 19:32:21 -------- d-----w- C:\Users\Niki\AppData\Local\Microsoft
2015-07-30 19:27:53 -------- d-----w- C:\WINDOWS\SysWow64\sda
2015-07-30 19:27:16 6085632 ----a-w- C:\WINDOWS\System32\stlang64.dll
2015-07-30 19:27:16 426328 ----a-w- C:\WINDOWS\System32\EED64A.dll
2015-07-30 19:27:16 3308376 ----a-w- C:\WINDOWS\System32\EEP64A.dll
2015-07-30 19:27:16 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2015-07-30 19:27:16 1664000 ----a-w- C:\WINDOWS\sttray64.exe
2015-07-30 19:27:16 136024 ----a-w- C:\WINDOWS\System32\EEL64A.dll
2015-07-30 19:27:16 118104 ----a-w- C:\WINDOWS\System32\EEA64A.dll
2015-07-30 19:27:14 -------- d-----w- C:\WINDOWS\System32\SRSLabs
2015-07-30 19:27:00 -------- d-----w- C:\Program Files\IDT
2015-07-30 19:26:32 -------- d-----w- C:\Program Files\Synaptics
2015-07-26 12:47:08 -------- d-----w- C:\Users\Niki\AppData\Local\Diagnostics
2015-07-21 17:36:01 -------- d-----w- C:\Users\Niki\AppData\Local\CEF
2015-07-17 06:51:48 1804696 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
2015-07-17 06:51:46 764616 ----a-w- C:\WINDOWS\System32\SynCOM.dll
2015-07-17 06:51:46 614088 ----a-w- C:\WINDOWS\System32\drivers\SynTP.sys
2015-07-17 06:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys
2015-07-17 06:51:46 42696 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
2015-07-17 06:51:46 42184 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys
2015-07-17 06:51:46 419528 ----a-w- C:\WINDOWS\SysWow64\SynCom.dll
2015-07-17 06:51:46 269000 ----a-w- C:\WINDOWS\System32\SynTPAPI.dll
2015-07-17 06:51:46 255688 ----a-w- C:\WINDOWS\System32\SynTPCo31.dll
2015-07-10 16:49:51 -------- d--h--w- C:\$Windows.~BT
2015-07-10 16:29:07 -------- d-----w- C:\WINDOWS\ShellNew
2015-07-10 16:29:07 -------- d-----w- C:\Program Files\Windows Journal
2015-07-10 16:26:36 -------- d-----w- C:\WINDOWS\OCR
2015-07-10 16:26:16 -------- d-----w- C:\WINDOWS\SKB
2015-07-10 13:19:33 -------- d-----w- C:\WINDOWS\en-US
2015-07-10 13:19:33 -------- d-----w- C:\WINDOWS\DigitalLocker
2015-07-10 12:22:52 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-M7P1NB6_Administrator_HistoryPrediction.bin
2015-07-10 12:22:45 -------- d-----w- C:\ProgramData\USOShared
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-07-10 12:21:43 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-07-10 12:21:38 -------- d-sh--we C:\ProgramData\Documents
2015-07-10 12:21:38 -------- d-sh--we C:\Documents and Settings
2015-07-10 12:20:42 -------- d-----w- C:\WINDOWS\ServiceProfiles
2015-07-10 12:20:38 -------- d-s---w- C:\WINDOWS\System32\Microsoft
2015-07-10 11:06:25 -------- d-----w- C:\WINDOWS\Setup
2015-07-10 11:06:01 792568 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-07-10 11:06:01 178168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-07-10 11:03:58 -------- d-----w- C:\WINDOWS\System32\drivers
2015-07-10 11:02:54 -------- d-----w- C:\WINDOWS\INF
2015-07-10 11:00:42 567296 ----a-w- C:\WINDOWS\System32\msTextPrediction.dll
2015-07-10 10:59:59 9728 ----a-w- C:\WINDOWS\System32\RpcNs4.dll
2015-07-10 10:55:34 -------- d-----w- C:\WINDOWS\CbsTemp
.
==================== Find3M ====================
.
2015-08-05 19:49:30 113880 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-08-01 16:14:04 150672 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2015-08-01 16:14:03 90968 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2015-08-01 16:14:03 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2015-08-01 16:14:03 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2015-08-01 16:14:03 274808 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2015-08-01 16:14:02 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2015-08-01 16:13:36 1048856 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2015-07-30 20:01:26 55808 ----a-w- C:\WINDOWS\System32\admwprox.dll
2015-07-30 20:01:26 53248 ----a-w- C:\WINDOWS\System32\ahadmin.dll
2015-07-30 20:01:26 202240 ----a-w- C:\WINDOWS\System32\iisRtl.dll
2015-07-30 20:01:26 18432 ----a-w- C:\WINDOWS\System32\iisreset.exe
2015-07-30 20:01:26 15360 ----a-w- C:\WINDOWS\System32\wamregps.dll
2015-07-30 20:01:26 13312 ----a-w- C:\WINDOWS\System32\iisrstap.dll
2015-07-30 20:01:24 50688 ----a-w- C:\WINDOWS\SysWow64\admwprox.dll
2015-07-30 20:01:24 26112 ----a-w- C:\WINDOWS\SysWow64\ahadmin.dll
2015-07-30 20:01:24 168960 ----a-w- C:\WINDOWS\SysWow64\iisRtl.dll
2015-07-30 20:01:24 16896 ----a-w- C:\WINDOWS\SysWow64\iisreset.exe
2015-07-30 20:01:24 11264 ----a-w- C:\WINDOWS\SysWow64\wamregps.dll
2015-07-30 20:01:24 10240 ----a-w- C:\WINDOWS\SysWow64\iisrstap.dll
2015-07-10 16:29:02 800256 ----a-w- C:\WINDOWS\System32\mblctr.exe
2015-07-10 16:29:02 276992 ----a-w- C:\WINDOWS\System32\umrdp.dll
2015-07-10 16:29:02 26112 ----a-w- C:\WINDOWS\System32\drivers\rdpbus.sys
2015-07-10 16:29:02 2533888 ----a-w- C:\WINDOWS\SysWow64\InkAnalysis.dll
2015-07-10 16:29:01 48640 ----a-w- C:\WINDOWS\System32\RotMgr.dll
2015-07-10 16:29:01 48128 ----a-w- C:\WINDOWS\System32\hwrcomp.exe
2015-07-10 16:29:01 38752 ----a-w- C:\WINDOWS\System32\drivers\terminpt.sys
2015-07-10 16:29:01 1949696 ----a-w- C:\WINDOWS\System32\SensorsCpl.dll
2015-07-10 16:29:01 184832 ----a-w- C:\WINDOWS\System32\hwrreg.exe
2015-07-10 16:29:00 274224 ----a-w- C:\WINDOWS\SysWow64\rdpendp.dll
2015-07-10 16:29:00 1949696 ----a-w- C:\WINDOWS\SysWow64\SensorsCpl.dll
2015-07-10 16:26:15 2629632 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2015-07-10 16:26:14 6358016 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2015-07-10 16:26:14 5739520 ----a-w- C:\WINDOWS\System32\prm0009.dll
2015-07-10 16:26:14 4847104 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2015-07-10 16:26:14 2629632 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2015-07-10 16:25:21 12288 ----a-w- C:\WINDOWS\SysWow64\drivers\en-GB\NdisImPlatform.sys.mui
2015-07-10 16:25:20 8704 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\fwpkclnt.sys.mui
2015-07-10 16:25:20 7168 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2015-07-10 16:25:20 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2015-07-10 16:25:20 3072 ----a-w- C:\WINDOWS\SysWow64\drivers\UMDF\en-GB\SensorsCx.dll.mui
2015-07-10 11:02:43 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2015-07-10 11:02:41 229888 ----a-w- C:\WINDOWS\System32\msclmd.dll
2015-07-10 11:00:41 394240 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-07-10 10:59:59 9728 ----a-w- C:\WINDOWS\System32\mtxex.dll
2015-07-10 09:07:55 141824 ----a-w- C:\WINDOWS\System32\poqexec.exe
2015-07-10 09:07:53 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2015-07-10 09:05:37 897024 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2015-07-10 09:05:37 618272 ----a-w- C:\WINDOWS\System32\sxs.dll
2015-07-10 09:05:37 36864 ----a-w- C:\WINDOWS\System32\sxstrace.exe
2015-07-10 09:05:37 254816 ----a-w- C:\WINDOWS\System32\wdscore.dll
2015-07-10 09:05:37 243040 ----a-w- C:\WINDOWS\System32\cmipnpinstall.dll
2015-07-10 09:05:37 202240 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2015-07-10 09:05:37 135520 ----a-w- C:\WINDOWS\System32\SSShim.dll
2015-07-10 09:05:33 207200 ----a-w- C:\WINDOWS\SysWow64\wdscore.dll
2015-07-10 09:05:33 199168 ----a-w- C:\WINDOWS\SysWow64\PkgMgr.exe
2015-07-10 09:05:33 111456 ----a-w- C:\WINDOWS\SysWow64\SSShim.dll
2015-07-10 09:05:30 191840 ----a-w- C:\WINDOWS\SysWow64\cmipnpinstall.dll
2015-07-05 10:08:23 300704 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-06-18 07:42:02 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2015-06-18 07:41:44 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2015-06-18 07:41:40 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2015-06-05 01:13:02 9898752 ----a-w- C:\WINDOWS\SysWow64\RsCRIcon.dll
2015-06-05 01:12:54 91904 ----a-w- C:\WINDOWS\System32\RtCRX64.dll
2015-06-05 01:12:54 310528 ----a-w- C:\WINDOWS\System32\drivers\RtsP2Stor.sys
2015-06-02 17:41:06 376184 ----a-w- C:\WINDOWS\System32\drivers\RapportKE64.sys
2015-06-02 17:41:06 121432 ----a-w- C:\WINDOWS\System32\drivers\RapportHades64.sys
2015-06-01 20:01:16 544552 ----a-w- C:\WINDOWS\System32\iglhsip64.dll
2015-06-01 20:01:16 11223896 ----a-w- C:\WINDOWS\SysWow64\igdumd32.dll
2015-06-01 20:01:14 231312 ----a-w- C:\WINDOWS\System32\iglhcp64.dll
2015-06-01 20:01:14 194880 ----a-w- C:\WINDOWS\SysWow64\iglhcp32.dll
2015-06-01 20:01:14 13059896 ----a-w- C:\WINDOWS\System32\igd10umd64.dll
2015-06-01 20:01:14 12814752 ----a-w- C:\WINDOWS\System32\igdumd64.dll
2015-06-01 20:01:14 11352688 ----a-w- C:\WINDOWS\SysWow64\igd10umd32.dll
2015-06-01 20:01:14 1067696 ----a-w- C:\WINDOWS\System32\igfxcmrt64.dll
2015-06-01 20:01:12 957472 ----a-w- C:\WINDOWS\SysWow64\igfxcmrt32.dll
2015-06-01 20:01:12 539312 ----a-w- C:\WINDOWS\SysWow64\iglhsip32.dll
2015-06-01 20:01:10 41288 ----a-w- C:\WINDOWS\System32\igfxexps.dll
2015-06-01 18:46:58 272928 ----a-w- C:\WINDOWS\SysWow64\igvpkrng600.bin
2015-06-01 18:46:58 272928 ----a-w- C:\WINDOWS\System32\igvpkrng600.bin
2015-06-01 18:45:24 963452 ----a-w- C:\WINDOWS\SysWow64\igcodeckrng600.bin
2015-06-01 18:45:24 963452 ----a-w- C:\WINDOWS\System32\igcodeckrng600.bin
2015-05-25 13:23:31 36864 ----a-w- C:\WINDOWS\System32\UtcResources.dll
.
============= FINISH: 23:53:47.54 ===============