Hello
In an attempt to make my laptop faster on startup, I went into Norton's Performance section and reviewed all programs launching on startup. Something strange I noticed is "Windows Command Processor". It is mentioned 3 times in Norton's startup review. It is not mentioned when reviewing startup programs with Task Manager. On top of that, I cannot disable them as they re-enable themselves when I try to, while others can be disabled.
This "issue" is only present on my laptop and not on my PC, which uses the same anti virus and a lot of the same programs.
Full system scan with Norton and Malwarebytes did not bring up anything, so I'm not even sure if it's malware/spyware. Better to be safe than sorry though. I have no clue why it's mentioned 3 times and why it cannot be disabled. Apparently keyloggers work this way, although I am no expert on the subject so feel free to correct me.
Any input is very appreciated. OS is Windows 10, laptop is an Acer Aspire V3 -722G.
I ran the dds.scr.
Attach.txt should be included to this post, and the logs are posted below.
Although it is a legit copy of Windows 10 - upgraded from 8.1 - I do not have access to a Windows disc, however a factory reset is possible if it happens to be a serious threat and cannot be removed otherwise. I'd like to keep that as a last resort, however.
Thank you for your time and expertise and I await further instructions.
Logs:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412 BrowserJavaVersion: 11.40.2
Run by philippe at 14:56:42 on 2015-09-23
Microsoft Windows 10 Home 10.0.10240.0.1252.44.1043.18.8072.4770 [GMT 2:00]
.
AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\Ara.exe
C:\WINDOWS\system32\CompatTelRunner.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\philippe\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
C:\Users\philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\InstallAgent.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer13.msn.com
uDefault_Page_URL = hxxp://acer13.msn.com
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coieplg.dll
uRun: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
uRun: [GoogleChromeAutoLaunch_C808038095EFA9BE95E2C3158E13BB87] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Dropbox Update] "C:\Users\philippe\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [OneDrive] "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [f.lux] "C:\Users\philippe\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\philippe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\philippe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERZEN~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\STEELS~1.LNK - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 195.130.130.132 195.130.131.132
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58} : DHCPNameServer = 195.130.130.132 195.130.131.132
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58}\45D4F57457563747 : DHCPNameServer = 172.30.2.10
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58}\4756C656E65647D25444247343 : DHCPNameServer = 195.130.130.132 195.130.131.132
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coieplg.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coieplg.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\philippe\AppData\Roaming\Mozilla\Firefox\Profiles\e3w9td4s.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-2-1 652784]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2015-7-13 31560]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symefasi64.sys [2015-7-21 1620720]
R0 vsock;vSockets Driver;C:\WINDOWS\System32\drivers\vsock.sys [2014-9-26 73296]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-8-20 200528]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [2015-9-18 1650936]
R1 ccSet_NAT;Norton Anti-Theft Settings Manager;C:\WINDOWS\System32\drivers\NATx64\010A000.009\ccSetx64.sys [2014-9-20 150104]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\ccsetx64.sys [2015-7-21 173808]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150918.002\IDSviA64.sys [2015-9-19 767224]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\ironx64.sys [2015-7-21 297720]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symnets.sys [2015-7-21 576248]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-7-22 680112]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672]
R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-2-27 2615368]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-19 2753720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2015-5-4 37184]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2015-5-4 129600]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2015-3-9 599240]
R3 ccSet_NARA;NARA Settings Manager;C:\WINDOWS\System32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2013-10-14 168608]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-7-29 153936]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-3-4 30512]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\drivers\k57nd60a.sys [2014-7-24 458960]
R3 LMDriver;Launch Manager Wireless Driver;C:\WINDOWS\System32\drivers\LMDriver.sys [2013-1-10 21360]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-9-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-9-19 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-9-19 64216]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-8-20 37960]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-2-11 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-2-11 38032]
R3 RadioShim;Shim for HID-KMDF Interface layer;C:\WINDOWS\System32\drivers\RadioShim.sys [2013-1-10 15704]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-6-4 42696]
R3 sshid;SteelSeries HID Service;C:\WINDOWS\System32\drivers\sshid.sys [2014-8-13 38912]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symelam.sys [2015-7-21 24192]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2015-7-10 5632]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-5-1 470056]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-3-27 442368]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-8-2 934752]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\WINDOWS\System32\drivers\RtsPStor.sys [2015-6-3 374016]
S3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2014-12-30 39592]
S3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2014-12-30 177832]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-8-20 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-8-2 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-8-20 685568]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
SUnknown IoQos;IoQos; [x]
.
=============== File Associations ===============
.
FileExt: .js: Applications\Notepad.exe=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: dreamweaver.exe: Open="C:\Program Files\Adobe\Adobe Dreamweaver CC 2014.1\dreamweaver.exe", "%1"
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-09-23 12:51:48 16148 ----a-w- C:\WINDOWS\System32\PHILIPPEC-LAP_philippe_HistoryPrediction.bin
2015-09-19 18:00:33 -------- d-----w- C:\NPE
2015-09-19 15:58:35 113880 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-09-19 15:58:14 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2015-09-19 15:58:14 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2015-09-19 15:58:14 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2015-09-19 15:58:13 -------- d-----w- C:\ProgramData\Malwarebytes
2015-09-19 15:58:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 15:10:46 -------- d-----w- C:\Users\philippe\AppData\Local\FluxSoftware
2015-09-18 14:20:13 -------- d-----r- C:\Users\philippe\Creative Cloud Files
2015-09-18 13:40:57 609592 ----a-w- C:\WINDOWS\System32\ci.dll
.
==================== Find3M ====================
.
2015-09-23 12:51:47 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-13 04:23:47 2178560 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2015-08-13 04:22:26 2093056 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
2015-08-13 04:20:39 414208 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2015-08-13 04:17:58 1795072 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2015-08-13 03:53:21 311808 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2015-08-11 10:04:24 2462648 ----a-w- C:\WINDOWS\System32\mfcore.dll
2015-08-11 10:04:23 4532304 ----a-w- C:\WINDOWS\explorer.exe
2015-08-11 10:04:15 1087296 ----a-w- C:\WINDOWS\System32\mfplat.dll
2015-08-11 10:03:20 8021840 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2015-08-11 10:03:09 442208 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2015-08-11 10:02:57 554744 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2015-08-11 10:02:56 80720 ----a-w- C:\WINDOWS\System32\drivers\stornvme.sys
2015-08-11 10:02:49 292856 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2015-08-11 09:52:49 993104 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2015-08-11 09:50:47 1643872 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2015-08-11 09:40:22 4048808 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2015-08-11 09:40:12 918320 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-08-11 09:40:08 2151208 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2015-08-11 09:38:22 454000 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
2015-08-11 09:37:48 243800 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2015-08-11 09:26:03 845664 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2015-08-11 09:23:59 16706560 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-08-11 09:22:04 21875200 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2015-08-11 09:21:13 148992 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2015-08-11 09:21:04 52224 ----a-w- C:\WINDOWS\System32\tetheringclient.dll
2015-08-11 09:20:42 2224640 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-08-11 09:20:02 483328 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll
2015-08-11 09:19:45 235520 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Notifications.dll
2015-08-11 09:18:44 235008 ----a-w- C:\WINDOWS\System32\UserMgrProxy.dll
2015-08-11 09:16:32 2416640 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-08-11 09:14:02 404480 ----a-w- C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-11 09:13:42 413184 ----a-w- C:\WINDOWS\System32\diagtrack_win.dll
2015-08-11 09:11:40 2446336 ----a-w- C:\WINDOWS\System32\InputService.dll
2015-08-11 09:11:18 553472 ----a-w- C:\WINDOWS\System32\GamePanel.exe
2015-08-11 09:10:47 293376 ----a-w- C:\WINDOWS\System32\TextInputFramework.dll
2015-08-11 09:10:12 324096 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 09:10:06 778752 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2015-08-11 09:09:55 32768 ----a-w- C:\WINDOWS\System32\wuautoappupdate.dll
2015-08-11 09:08:04 893440 ----a-w- C:\WINDOWS\System32\MbaeApiPublic.dll
2015-08-11 09:08:04 563200 ----a-w- C:\WINDOWS\System32\MbaeApi.dll
2015-08-11 09:07:52 593920 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-08-11 09:07:47 1178112 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2015-08-11 09:07:44 115712 ----a-w- C:\WINDOWS\System32\MbaeParserTask.exe
2015-08-11 09:06:50 2662400 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2015-08-11 09:06:19 7523328 ----a-w- C:\WINDOWS\System32\Chakra.dll
2015-08-11 09:05:48 342016 ----a-w- C:\WINDOWS\System32\LocationGeofences.dll
2015-08-11 09:05:27 269312 ----a-w- C:\WINDOWS\System32\LocationFramework.dll
2015-08-11 09:05:23 78848 ----a-w- C:\WINDOWS\System32\LocationFrameworkInternalPS.dll
2015-08-11 09:05:20 137216 ----a-w- C:\WINDOWS\System32\LocationPermissions.dll
2015-08-11 09:05:10 996352 ----a-w- C:\WINDOWS\System32\RDXService.dll
2015-08-11 09:05:07 3527168 ----a-w- C:\WINDOWS\System32\tquery.dll
2015-08-11 09:03:09 2558976 ----a-w- C:\WINDOWS\System32\mssrch.dll
2015-08-11 09:02:53 186368 ----a-w- C:\WINDOWS\System32\cloudAP.dll
2015-08-11 09:02:15 621056 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2015-08-11 09:02:08 3588096 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-08-11 09:02:03 1890304 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2015-08-11 09:01:38 1334784 ----a-w- C:\WINDOWS\System32\UIAutomationCore.dll
2015-08-11 09:00:45 336384 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2015-08-11 09:00:06 274432 ----a-w- C:\WINDOWS\System32\syncutil.dll
2015-08-11 08:59:51 123392 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2015-08-11 08:59:33 42496 ----a-w- C:\WINDOWS\SysWow64\tetheringclient.dll
2015-08-11 08:59:29 1106432 ----a-w- C:\WINDOWS\System32\sysmain.dll
2015-08-11 08:59:27 642560 ----a-w- C:\WINDOWS\System32\rdbui.dll
2015-08-11 08:58:11 372224 ----a-w- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
2015-08-11 08:57:51 13024768 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-08-11 08:57:12 159744 ----a-w- C:\WINDOWS\SysWow64\UserMgrProxy.dll
2015-08-11 08:51:35 1916928 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-08-11 08:51:33 1823232 ----a-w- C:\WINDOWS\SysWow64\InputService.dll
2015-08-11 08:50:59 131584 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
2015-08-11 08:50:58 200704 ----a-w- C:\WINDOWS\SysWow64\TextInputFramework.dll
2015-08-11 08:50:47 420352 ----a-w- C:\WINDOWS\SysWow64\GamePanel.exe
2015-08-11 08:49:50 586752 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2015-08-11 08:49:30 247808 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 08:48:25 671232 ----a-w- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
2015-08-11 08:47:09 448512 ----a-w- C:\WINDOWS\SysWow64\MbaeApi.dll
2015-08-11 08:45:48 18805760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2015-08-11 08:45:09 1820672 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
2015-08-11 08:43:39 2748416 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2015-08-11 08:42:33 5454848 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2015-08-11 08:40:45 1593856 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2015-08-11 08:40:32 1964544 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2015-08-11 08:40:12 1112064 ----a-w- C:\WINDOWS\SysWow64\UIAutomationCore.dll
2015-08-11 08:39:28 280576 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2015-08-11 08:38:43 162304 ----a-w- C:\WINDOWS\SysWow64\ReInfo.dll
2015-08-08 15:38:46 794088 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-08-08 15:38:46 179688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 07:29:58 1822280 ----a-w- C:\WINDOWS\System32\ntdll.dll
2015-08-08 07:19:45 608936 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2015-08-08 07:01:18 1533496 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2015-08-08 06:48:13 539728 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2015-08-08 06:40:23 365056 ----a-w- C:\WINDOWS\System32\atmfd.dll
2015-08-08 06:24:15 2415104 ----a-w- C:\WINDOWS\System32\DWrite.dll
2015-08-08 06:24:06 1679360 ----a-w- C:\WINDOWS\System32\FntCache.dll
2015-08-08 06:15:14 303104 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2015-08-08 06:00:44 1985024 ----a-w- C:\WINDOWS\SysWow64\DWrite.dll
2015-08-06 03:17:40 200528 ----a-w- C:\WINDOWS\System32\drivers\wof.sys
2015-08-06 03:17:34 237392 ----a-w- C:\WINDOWS\System32\drivers\rdyboost.sys
2015-08-06 02:22:03 685568 ----a-w- C:\WINDOWS\System32\drivers\WdiWiFi.sys
2015-08-05 04:49:51 783112 ----a-w- C:\WINDOWS\System32\mfsvr.dll
.
============= FINISH: 14:59:26.77 ===============
In an attempt to make my laptop faster on startup, I went into Norton's Performance section and reviewed all programs launching on startup. Something strange I noticed is "Windows Command Processor". It is mentioned 3 times in Norton's startup review. It is not mentioned when reviewing startup programs with Task Manager. On top of that, I cannot disable them as they re-enable themselves when I try to, while others can be disabled.
This "issue" is only present on my laptop and not on my PC, which uses the same anti virus and a lot of the same programs.
Full system scan with Norton and Malwarebytes did not bring up anything, so I'm not even sure if it's malware/spyware. Better to be safe than sorry though. I have no clue why it's mentioned 3 times and why it cannot be disabled. Apparently keyloggers work this way, although I am no expert on the subject so feel free to correct me.
Any input is very appreciated. OS is Windows 10, laptop is an Acer Aspire V3 -722G.
I ran the dds.scr.
Attach.txt should be included to this post, and the logs are posted below.
Although it is a legit copy of Windows 10 - upgraded from 8.1 - I do not have access to a Windows disc, however a factory reset is possible if it happens to be a serious threat and cannot be removed otherwise. I'd like to keep that as a last resort, however.
Thank you for your time and expertise and I await further instructions.
Logs:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412 BrowserJavaVersion: 11.40.2
Run by philippe at 14:56:42 on 2015-09-23
Microsoft Windows 10 Home 10.0.10240.0.1252.44.1043.18.8072.4770 [GMT 2:00]
.
AV: Norton Internet Security *Enabled/Updated* {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security *Enabled* {6BFC5632-188D-B806-D13E-C607121B42A0}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files\MySQL\MySQL Server 5.6\bin\mysqld.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
svchost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
c:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\Ara.exe
C:\WINDOWS\system32\CompatTelRunner.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\NIS.exe
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Dolby PCEE4\pcee4.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Users\philippe\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
C:\Users\philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\conathst.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\nacl64.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\InstallAgent.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://acer13.msn.com
uDefault_Page_URL = hxxp://acer13.msn.com
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\coieplg.dll
uRun: [MySQL Notifier] C:\Program Files (x86)\MySQL\MySQL Notifier 1.1\MySqlNotifier.exe
uRun: [GoogleChromeAutoLaunch_C808038095EFA9BE95E2C3158E13BB87] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [Dropbox Update] "C:\Users\philippe\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [OneDrive] "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [f.lux] "C:\Users\philippe\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
uRunOnce: [Uninstall C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\philippe\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\philippe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\philippe\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\philippe\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERZEN~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\STEELS~1.LNK - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
TCP: NameServer = 195.130.130.132 195.130.131.132
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58} : DHCPNameServer = 195.130.130.132 195.130.131.132
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58}\45D4F57457563747 : DHCPNameServer = 172.30.2.10
TCP: Interfaces\{9f37bd29-efb0-458c-ae2b-73e77f48bb58}\4756C656E65647D25444247343 : DHCPNameServer = 195.130.130.132 195.130.131.132
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coieplg.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Skype Click to Call for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\22.5.2.15\coieplg.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\philippe\AppData\Roaming\Mozilla\Firefox\Profiles\e3w9td4s.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-2-1 652784]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2015-7-13 31560]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symefasi64.sys [2015-7-21 1620720]
R0 vsock;vSockets Driver;C:\WINDOWS\System32\drivers\vsock.sys [2014-9-26 73296]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-8-20 200528]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150904.001\BHDrvx64.sys [2015-9-18 1650936]
R1 ccSet_NAT;Norton Anti-Theft Settings Manager;C:\WINDOWS\System32\drivers\NATx64\010A000.009\ccSetx64.sys [2014-9-20 150104]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\ccsetx64.sys [2015-7-21 173808]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150918.002\IDSviA64.sys [2015-9-19 767224]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\ironx64.sys [2015-7-21 297720]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symnets.sys [2015-7-21 576248]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-7-22 680112]
R2 c2cautoupdatesvc;Skype Click to Call Updater;C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-5-1 1394816]
R2 c2cpnrsvc;Skype Click to Call PNR Service;C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-5-1 1772672]
R2 CCDMonitorService;CCDMonitorService;C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2013-2-27 2615368]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-19 2753720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2015-5-4 37184]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2015-5-4 129600]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2015-3-9 599240]
R3 ccSet_NARA;NARA Settings Manager;C:\WINDOWS\System32\drivers\NARAx64\0403000.00E\ccSetx64.sys [2013-10-14 168608]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2015-7-29 153936]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-3-4 30512]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\WINDOWS\System32\drivers\k57nd60a.sys [2014-7-24 458960]
R3 LMDriver;Launch Manager Wireless Driver;C:\WINDOWS\System32\drivers\LMDriver.sys [2013-1-10 21360]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-9-19 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2015-9-19 113880]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-9-19 64216]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-8-20 37960]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2015-2-11 19600]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-2-11 38032]
R3 RadioShim;Shim for HID-KMDF Interface layer;C:\WINDOWS\System32\drivers\RadioShim.sys [2013-1-10 15704]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-6-4 42696]
R3 sshid;SteelSeries HID Service;C:\WINDOWS\System32\drivers\sshid.sys [2014-8-13 38912]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\1605020.00F\symelam.sys [2015-7-21 24192]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 c2wts;Claims to Windows Token Service;C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [2015-7-10 5632]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DeviceFastLaneService;Device Fast-lane Service;C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [2013-5-1 470056]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-3-27 442368]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-8-2 934752]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\WINDOWS\System32\drivers\RtsPStor.sys [2015-6-3 374016]
S3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2014-12-30 39592]
S3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2014-12-30 177832]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-8-20 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-8-2 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-8-20 685568]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
SUnknown IoQos;IoQos; [x]
.
=============== File Associations ===============
.
FileExt: .js: Applications\Notepad.exe=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: dreamweaver.exe: Open="C:\Program Files\Adobe\Adobe Dreamweaver CC 2014.1\dreamweaver.exe", "%1"
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2015-09-23 12:51:48 16148 ----a-w- C:\WINDOWS\System32\PHILIPPEC-LAP_philippe_HistoryPrediction.bin
2015-09-19 18:00:33 -------- d-----w- C:\NPE
2015-09-19 15:58:35 113880 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-09-19 15:58:14 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2015-09-19 15:58:14 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2015-09-19 15:58:14 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2015-09-19 15:58:13 -------- d-----w- C:\ProgramData\Malwarebytes
2015-09-19 15:58:13 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-18 15:10:46 -------- d-----w- C:\Users\philippe\AppData\Local\FluxSoftware
2015-09-18 14:20:13 -------- d-----r- C:\Users\philippe\Creative Cloud Files
2015-09-18 13:40:57 609592 ----a-w- C:\WINDOWS\System32\ci.dll
.
==================== Find3M ====================
.
2015-09-23 12:51:47 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-13 04:23:47 2178560 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2015-08-13 04:22:26 2093056 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
2015-08-13 04:20:39 414208 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2015-08-13 04:17:58 1795072 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2015-08-13 03:53:21 311808 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2015-08-11 10:04:24 2462648 ----a-w- C:\WINDOWS\System32\mfcore.dll
2015-08-11 10:04:23 4532304 ----a-w- C:\WINDOWS\explorer.exe
2015-08-11 10:04:15 1087296 ----a-w- C:\WINDOWS\System32\mfplat.dll
2015-08-11 10:03:20 8021840 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2015-08-11 10:03:09 442208 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2015-08-11 10:02:57 554744 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2015-08-11 10:02:56 80720 ----a-w- C:\WINDOWS\System32\drivers\stornvme.sys
2015-08-11 10:02:49 292856 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2015-08-11 09:52:49 993104 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2015-08-11 09:50:47 1643872 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2015-08-11 09:40:22 4048808 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2015-08-11 09:40:12 918320 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-08-11 09:40:08 2151208 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2015-08-11 09:38:22 454000 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
2015-08-11 09:37:48 243800 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2015-08-11 09:26:03 845664 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2015-08-11 09:23:59 16706560 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-08-11 09:22:04 21875200 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2015-08-11 09:21:13 148992 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2015-08-11 09:21:04 52224 ----a-w- C:\WINDOWS\System32\tetheringclient.dll
2015-08-11 09:20:42 2224640 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-08-11 09:20:02 483328 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll
2015-08-11 09:19:45 235520 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Notifications.dll
2015-08-11 09:18:44 235008 ----a-w- C:\WINDOWS\System32\UserMgrProxy.dll
2015-08-11 09:16:32 2416640 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-08-11 09:14:02 404480 ----a-w- C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-08-11 09:13:42 413184 ----a-w- C:\WINDOWS\System32\diagtrack_win.dll
2015-08-11 09:11:40 2446336 ----a-w- C:\WINDOWS\System32\InputService.dll
2015-08-11 09:11:18 553472 ----a-w- C:\WINDOWS\System32\GamePanel.exe
2015-08-11 09:10:47 293376 ----a-w- C:\WINDOWS\System32\TextInputFramework.dll
2015-08-11 09:10:12 324096 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 09:10:06 778752 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.Store.dll
2015-08-11 09:09:55 32768 ----a-w- C:\WINDOWS\System32\wuautoappupdate.dll
2015-08-11 09:08:04 893440 ----a-w- C:\WINDOWS\System32\MbaeApiPublic.dll
2015-08-11 09:08:04 563200 ----a-w- C:\WINDOWS\System32\MbaeApi.dll
2015-08-11 09:07:52 593920 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-08-11 09:07:47 1178112 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2015-08-11 09:07:44 115712 ----a-w- C:\WINDOWS\System32\MbaeParserTask.exe
2015-08-11 09:06:50 2662400 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2015-08-11 09:06:19 7523328 ----a-w- C:\WINDOWS\System32\Chakra.dll
2015-08-11 09:05:48 342016 ----a-w- C:\WINDOWS\System32\LocationGeofences.dll
2015-08-11 09:05:27 269312 ----a-w- C:\WINDOWS\System32\LocationFramework.dll
2015-08-11 09:05:23 78848 ----a-w- C:\WINDOWS\System32\LocationFrameworkInternalPS.dll
2015-08-11 09:05:20 137216 ----a-w- C:\WINDOWS\System32\LocationPermissions.dll
2015-08-11 09:05:10 996352 ----a-w- C:\WINDOWS\System32\RDXService.dll
2015-08-11 09:05:07 3527168 ----a-w- C:\WINDOWS\System32\tquery.dll
2015-08-11 09:03:09 2558976 ----a-w- C:\WINDOWS\System32\mssrch.dll
2015-08-11 09:02:53 186368 ----a-w- C:\WINDOWS\System32\cloudAP.dll
2015-08-11 09:02:15 621056 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2015-08-11 09:02:08 3588096 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-08-11 09:02:03 1890304 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2015-08-11 09:01:38 1334784 ----a-w- C:\WINDOWS\System32\UIAutomationCore.dll
2015-08-11 09:00:45 336384 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2015-08-11 09:00:06 274432 ----a-w- C:\WINDOWS\System32\syncutil.dll
2015-08-11 08:59:51 123392 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2015-08-11 08:59:33 42496 ----a-w- C:\WINDOWS\SysWow64\tetheringclient.dll
2015-08-11 08:59:29 1106432 ----a-w- C:\WINDOWS\System32\sysmain.dll
2015-08-11 08:59:27 642560 ----a-w- C:\WINDOWS\System32\rdbui.dll
2015-08-11 08:58:11 372224 ----a-w- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
2015-08-11 08:57:51 13024768 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-08-11 08:57:12 159744 ----a-w- C:\WINDOWS\SysWow64\UserMgrProxy.dll
2015-08-11 08:51:35 1916928 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-08-11 08:51:33 1823232 ----a-w- C:\WINDOWS\SysWow64\InputService.dll
2015-08-11 08:50:59 131584 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Core.TextInput.dll
2015-08-11 08:50:58 200704 ----a-w- C:\WINDOWS\SysWow64\TextInputFramework.dll
2015-08-11 08:50:47 420352 ----a-w- C:\WINDOWS\SysWow64\GamePanel.exe
2015-08-11 08:49:50 586752 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
2015-08-11 08:49:30 247808 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 08:48:25 671232 ----a-w- C:\WINDOWS\SysWow64\MbaeApiPublic.dll
2015-08-11 08:47:09 448512 ----a-w- C:\WINDOWS\SysWow64\MbaeApi.dll
2015-08-11 08:45:48 18805760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2015-08-11 08:45:09 1820672 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
2015-08-11 08:43:39 2748416 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2015-08-11 08:42:33 5454848 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2015-08-11 08:40:45 1593856 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2015-08-11 08:40:32 1964544 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2015-08-11 08:40:12 1112064 ----a-w- C:\WINDOWS\SysWow64\UIAutomationCore.dll
2015-08-11 08:39:28 280576 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2015-08-11 08:38:43 162304 ----a-w- C:\WINDOWS\SysWow64\ReInfo.dll
2015-08-08 15:38:46 794088 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-08-08 15:38:46 179688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 07:29:58 1822280 ----a-w- C:\WINDOWS\System32\ntdll.dll
2015-08-08 07:19:45 608936 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2015-08-08 07:01:18 1533496 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2015-08-08 06:48:13 539728 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2015-08-08 06:40:23 365056 ----a-w- C:\WINDOWS\System32\atmfd.dll
2015-08-08 06:24:15 2415104 ----a-w- C:\WINDOWS\System32\DWrite.dll
2015-08-08 06:24:06 1679360 ----a-w- C:\WINDOWS\System32\FntCache.dll
2015-08-08 06:15:14 303104 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll
2015-08-08 06:00:44 1985024 ----a-w- C:\WINDOWS\SysWow64\DWrite.dll
2015-08-06 03:17:40 200528 ----a-w- C:\WINDOWS\System32\drivers\wof.sys
2015-08-06 03:17:34 237392 ----a-w- C:\WINDOWS\System32\drivers\rdyboost.sys
2015-08-06 02:22:03 685568 ----a-w- C:\WINDOWS\System32\drivers\WdiWiFi.sys
2015-08-05 04:49:51 783112 ----a-w- C:\WINDOWS\System32\mfsvr.dll
.
============= FINISH: 14:59:26.77 ===============