Hi there,
Last night, I started having issues with Google Chrome. Main symptom of the problem is that, on first restart, I can connect to Facebook on the Google Chrome fine, but after a few minutes, the encoding of the page seems to be corrupted. It's only affecting Chrome, Edge and Firefox are fine. With it being a single browser only, I'm suspecting some form of malware is responsible for a redirect, I'm just not sure what, so I've come here to see whether you guys can find anything I couldn't. I am willing, as a last resort, to run a complete refresh of the device, and I have a Windows 10 Build 1511 ISO that can be used in such a circumstance, ready to go.
I ran Kaspersky and it found OpenCandy in an installer for CrystalDiskInfo, though that installer hasn't been executed since the last refresh I did so I don't believe that is the culprit for my woes, and the redirect still appears to be happening even after Kaspersky removed it from the system. Otherwise, Kaspersky has found no threats with Rootkit detection or a Full Scan of the system which I left it to do overnight.
Just to note, some of the errors you see in the logs and files relate to the computer having an issue with the motherboard hardware freezing/rebooting intermittently (which needs to be replaced), so apologies for that. It has been an intermittent issue with the machine for a number of years, to do with the power supply.
Thanks in advance for the assistance, I realise you folks are busy. :)
EDIT: One thing to note, I did try clearing my browser store and unlinking my account from Chome to try and diagnose the issue earlier on. I will be changing my passwords ASAP. The desktop has no further connection to the internet, and Kaspersky is scanning the drive I'm using to transfer files between the machine I believe to be clean, and the desktop.
___________________________________________
DDR.txt contents:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Craig at 6:42:45 on 2016-06-10
Microsoft Windows 10 Pro 10.0.10586.0.1252.44.2057.18.12271.9033 [GMT 1:00]
.
AV: Kaspersky Total Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Total Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\WINDOWS\system32\RAPID\SamsungRapidSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Craig\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
svchost.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\Craig\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Users\Craig\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Kaspersky Protection: {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll
TB: Kaspersky Protection Toolbar: {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll
uRun: [OneDrive] "C:\Users\Craig\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify Web Helper] "C:\Users\Craig\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [Spotify] "C:\Users\Craig\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
uRun: [f.lux] "C:\Users\Craig\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{f534325b-6291-4d2f-87fa-54cb1cbef049} : DHCPNameServer = 192.168.1.254
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Kaspersky Protection: {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
x64-TB: Kaspersky Protection Toolbar: {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SamsungRapidApp] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\c1um42x7.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);C:\WINDOWS\System32\drivers\cm_km.sys [2015-7-6 389816]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\WINDOWS\System32\drivers\klbackupdisk.sys [2015-6-6 53432]
R0 pwdrvio;pwdrvio;C:\WINDOWS\System32\pwdrvio.sys [2016-3-5 19152]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;C:\WINDOWS\System32\drivers\SamsungRapidDiskFltr.sys [2016-2-28 271968]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr;C:\WINDOWS\System32\drivers\SamsungRapidFSFltr.sys [2015-9-4 110688]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-11 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\WINDOWS\System32\drivers\klbackupflt.sys [2015-12-1 79752]
R1 klhk;Kaspersky Lab service driver;C:\WINDOWS\System32\drivers\klhk.sys [2016-3-28 237488]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\drivers\klim6.sys [2015-12-1 51288]
R1 klpd;Kaspersky Lab format recognizer driver;C:\WINDOWS\System32\drivers\klpd.sys [2015-12-7 45960]
R1 klwfp;klwfp;C:\WINDOWS\System32\drivers\klwfp.sys [2015-10-6 87944]
R1 Klwtp;KLwtp - WFP callout traffic inspector;C:\WINDOWS\System32\drivers\klwtp.sys [2015-12-3 112520]
R1 kneps;kneps;C:\WINDOWS\System32\drivers\kneps.sys [2015-12-3 194440]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AVP16.0.1;Kaspersky Anti-Virus Service 16.0.1;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [2015-12-22 236928]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-2-28 1165368]
R2 IntelHaxm;Intel HAXM Service;C:\WINDOWS\System32\drivers\IntelHaxm.sys [2016-5-21 96776]
R2 kldisk;kldisk;C:\WINDOWS\System32\drivers\kldisk.sys [2015-12-2 78200]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-2-28 1881144]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-5 188072]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2016-4-30 37184]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2016-4-30 130880]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;system32\RAPID\SamsungRapidSvc.exe --> system32\RAPID\SamsungRapidSvc.exe [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-6-8 424384]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 klflt;Kaspersky Lab Kernel DLL;C:\WINDOWS\System32\drivers\klflt.sys [2016-3-28 182664]
R3 klids;klids;C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [2016-3-28 178872]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\drivers\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\drivers\klmouflt.sys [2015-6-7 41656]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2016-2-28 56384]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-8-13 202952]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 klelam;klelam;C:\WINDOWS\System32\drivers\klelam.sys [2015-6-24 30328]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-28 143144]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-2-28 2522680]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-3-23 327808]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-4 117248]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-28 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 klvssbrigde64;klvssbrigde64;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-2-28 28216]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-2-28 3634232]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2015-11-12 460960]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 pwdspio;pwdspio;C:\WINDOWS\System32\pwdspio.sys [2016-3-5 12504]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 rzjstk;Razer Virtual Joystick Driver;C:\WINDOWS\System32\drivers\rzjstk.sys [2015-8-13 36568]
S3 rzkeypadendpt;Razer Keypad Endpoint;C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [2015-8-13 46280]
S3 rzvmouse;Razer Virtual Mouse;C:\WINDOWS\System32\drivers\rzvmouse.sys [2015-8-13 42712]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-12 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-11 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-12 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-12 26112]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-10-30 95744]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-06-08 21:15:30 983488 ----a-w- C:\WINDOWS\System32\NvFBC64.dll
2016-05-31 19:27:40 -------- d-----w- C:\Users\Craig\AppData\Local\Mozilla
2016-05-30 19:16:19 -------- d-----w- C:\Users\Craig\AndroidStudioProjects
2016-05-28 18:58:24 -------- d-----w- C:\Users\Craig\AppData\Roaming\Motorola
2016-05-28 18:58:12 -------- d-----w- C:\Program Files\Motorola Inc
2016-05-28 18:58:12 -------- d-----w- C:\Program Files\Common Files\Motorola Shared
2016-05-28 18:58:11 -------- d-----w- C:\Program Files (x86)\Motorola
2016-05-28 18:57:49 -------- d-----w- C:\Program Files (x86)\ClockworkMod
2016-05-21 12:51:06 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2016-05-21 12:51:03 113216 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2016-05-21 12:51:03 102976 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2016-05-21 10:12:17 -------- d-----w- C:\Users\Craig\.android
2016-05-21 10:11:55 -------- d-----w- C:\Program Files (x86)\Android
2016-05-21 09:14:25 96776 ----a-w- C:\WINDOWS\System32\drivers\IntelHaxm.sys
2016-05-19 18:02:29 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{810AB943-E061-43AC-8509-9380496C2815}\gapaengine.dll
2016-05-19 18:02:22 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA679C53-E7AC-41EC-9A55-8BF8213EF940}\mpengine.dll
2016-05-16 17:55:23 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
.
==================== Find3M ====================
.
2016-06-04 00:51:14 13553096 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
2016-06-03 03:59:19 6364216 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2016-06-03 03:59:19 2455608 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2016-06-03 03:59:17 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2016-06-03 03:59:17 69568 ----a-w- C:\WINDOWS\System32\nvshext.dll
2016-06-03 03:59:17 534072 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2016-06-03 03:59:17 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2016-06-03 03:59:17 1762752 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2016-06-03 03:59:17 1352760 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2016-06-03 03:59:09 6452948 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2016-06-03 03:28:41 111552 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo-1-1-0-11-1.exe
2016-05-02 05:39:01 1377800 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2016-05-02 05:39:01 1316184 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2016-05-02 05:38:42 1767944 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2016-05-02 05:38:42 1756608 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2016-05-02 05:38:42 112032 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2016-04-30 13:57:38 110144 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge-64.dll
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-28 19:22:57 237488 ----a-w- C:\WINDOWS\System32\drivers\klhk.sys
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 05:06:57 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
.
============= FINISH: 6:42:59.06 ===============
Last night, I started having issues with Google Chrome. Main symptom of the problem is that, on first restart, I can connect to Facebook on the Google Chrome fine, but after a few minutes, the encoding of the page seems to be corrupted. It's only affecting Chrome, Edge and Firefox are fine. With it being a single browser only, I'm suspecting some form of malware is responsible for a redirect, I'm just not sure what, so I've come here to see whether you guys can find anything I couldn't. I am willing, as a last resort, to run a complete refresh of the device, and I have a Windows 10 Build 1511 ISO that can be used in such a circumstance, ready to go.
I ran Kaspersky and it found OpenCandy in an installer for CrystalDiskInfo, though that installer hasn't been executed since the last refresh I did so I don't believe that is the culprit for my woes, and the redirect still appears to be happening even after Kaspersky removed it from the system. Otherwise, Kaspersky has found no threats with Rootkit detection or a Full Scan of the system which I left it to do overnight.
Just to note, some of the errors you see in the logs and files relate to the computer having an issue with the motherboard hardware freezing/rebooting intermittently (which needs to be replaced), so apologies for that. It has been an intermittent issue with the machine for a number of years, to do with the power supply.
Thanks in advance for the assistance, I realise you folks are busy. :)
EDIT: One thing to note, I did try clearing my browser store and unlinking my account from Chome to try and diagnose the issue earlier on. I will be changing my passwords ASAP. The desktop has no further connection to the internet, and Kaspersky is scanning the drive I'm using to transfer files between the machine I believe to be clean, and the desktop.
___________________________________________
DDR.txt contents:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by Craig at 6:42:45 on 2016-06-10
Microsoft Windows 10 Pro 10.0.10586.0.1252.44.2057.18.12271.9033 [GMT 1:00]
.
AV: Kaspersky Total Security *Enabled/Updated* {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky Total Security *Enabled/Updated* {3D579475-6DDE-A186-1569-44B9F9DE8725}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security *Enabled* {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\WINDOWS\system32\RAPID\SamsungRapidSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avpui.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperAgent.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Craig\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
svchost.exe
C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\Craig\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Users\Craig\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Kaspersky Protection: {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll
TB: Kaspersky Protection Toolbar: {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\IEExt\ie_plugin.dll
uRun: [OneDrive] "C:\Users\Craig\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Spotify Web Helper] "C:\Users\Craig\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [Spotify] "C:\Users\Craig\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
uRun: [f.lux] "C:\Users\Craig\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{f534325b-6291-4d2f-87fa-54cb1cbef049} : DHCPNameServer = 192.168.1.254
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Kaspersky Protection: {03993315-5CE9-4F00-8790-D14A94F1D91A} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
x64-TB: Kaspersky Protection Toolbar: {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\IEExt\ie_plugin.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SamsungRapidApp] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Craig\AppData\Roaming\Mozilla\Firefox\Profiles\c1um42x7.default\
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll
.
============= SERVICES / DRIVERS ===============
.
R0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);C:\WINDOWS\System32\drivers\cm_km.sys [2015-7-6 389816]
R0 klbackupdisk;Kaspersky Lab klbackupdisk;C:\WINDOWS\System32\drivers\klbackupdisk.sys [2015-6-6 53432]
R0 pwdrvio;pwdrvio;C:\WINDOWS\System32\pwdrvio.sys [2016-3-5 19152]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;C:\WINDOWS\System32\drivers\SamsungRapidDiskFltr.sys [2016-2-28 271968]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr;C:\WINDOWS\System32\drivers\SamsungRapidFSFltr.sys [2015-9-4 110688]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-11 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R1 klbackupflt;Kaspersky Lab klbackupflt;C:\WINDOWS\System32\drivers\klbackupflt.sys [2015-12-1 79752]
R1 klhk;Kaspersky Lab service driver;C:\WINDOWS\System32\drivers\klhk.sys [2016-3-28 237488]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\WINDOWS\System32\drivers\klim6.sys [2015-12-1 51288]
R1 klpd;Kaspersky Lab format recognizer driver;C:\WINDOWS\System32\drivers\klpd.sys [2015-12-7 45960]
R1 klwfp;klwfp;C:\WINDOWS\System32\drivers\klwfp.sys [2015-10-6 87944]
R1 Klwtp;KLwtp - WFP callout traffic inspector;C:\WINDOWS\System32\drivers\klwtp.sys [2015-12-3 112520]
R1 kneps;kneps;C:\WINDOWS\System32\drivers\kneps.sys [2015-12-3 194440]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 AVP16.0.1;Kaspersky Anti-Virus Service 16.0.1;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\avp.exe [2015-12-22 236928]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2016-2-28 1165368]
R2 IntelHaxm;Intel HAXM Service;C:\WINDOWS\System32\drivers\IntelHaxm.sys [2016-5-21 96776]
R2 kldisk;kldisk;C:\WINDOWS\System32\drivers\kldisk.sys [2015-12-2 78200]
R2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2016-2-28 1881144]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-11-5 188072]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2016-4-30 37184]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2016-4-30 130880]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;system32\RAPID\SamsungRapidSvc.exe --> system32\RAPID\SamsungRapidSvc.exe [?]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-6-8 424384]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 klflt;Kaspersky Lab Kernel DLL;C:\WINDOWS\System32\drivers\klflt.sys [2016-3-28 182664]
R3 klids;klids;C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [2016-3-28 178872]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:\WINDOWS\System32\drivers\klkbdflt.sys [2015-11-11 52608]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\WINDOWS\System32\drivers\klmouflt.sys [2015-6-7 41656]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2016-2-28 56384]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-8-13 202952]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 klelam;klelam;C:\WINDOWS\System32\drivers\klelam.sys [2015-6-24 30328]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-28 143144]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-2-28 2522680]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-3-23 327808]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-4 117248]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-2-28 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 klvssbrigde64;klvssbrigde64;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.1\x64\vssbridge64.exe [2015-12-22 152488]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-2-28 28216]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [2016-2-28 3634232]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2015-11-12 460960]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 pwdspio;pwdspio;C:\WINDOWS\System32\pwdspio.sys [2016-3-5 12504]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 rzjstk;Razer Virtual Joystick Driver;C:\WINDOWS\System32\drivers\rzjstk.sys [2015-8-13 36568]
S3 rzkeypadendpt;Razer Keypad Endpoint;C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [2015-8-13 46280]
S3 rzvmouse;Razer Virtual Mouse;C:\WINDOWS\System32\drivers\rzvmouse.sys [2015-8-13 42712]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-11 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-12 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-11 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-12 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-10-30 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-12 26112]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-10-30 95744]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-06-08 21:15:30 983488 ----a-w- C:\WINDOWS\System32\NvFBC64.dll
2016-05-31 19:27:40 -------- d-----w- C:\Users\Craig\AppData\Local\Mozilla
2016-05-30 19:16:19 -------- d-----w- C:\Users\Craig\AndroidStudioProjects
2016-05-28 18:58:24 -------- d-----w- C:\Users\Craig\AppData\Roaming\Motorola
2016-05-28 18:58:12 -------- d-----w- C:\Program Files\Motorola Inc
2016-05-28 18:58:12 -------- d-----w- C:\Program Files\Common Files\Motorola Shared
2016-05-28 18:58:11 -------- d-----w- C:\Program Files (x86)\Motorola
2016-05-28 18:57:49 -------- d-----w- C:\Program Files (x86)\ClockworkMod
2016-05-21 12:51:06 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2016-05-21 12:51:03 113216 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2016-05-21 12:51:03 102976 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2016-05-21 10:12:17 -------- d-----w- C:\Users\Craig\.android
2016-05-21 10:11:55 -------- d-----w- C:\Program Files (x86)\Android
2016-05-21 09:14:25 96776 ----a-w- C:\WINDOWS\System32\drivers\IntelHaxm.sys
2016-05-19 18:02:29 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{810AB943-E061-43AC-8509-9380496C2815}\gapaengine.dll
2016-05-19 18:02:22 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CA679C53-E7AC-41EC-9A55-8BF8213EF940}\mpengine.dll
2016-05-16 17:55:23 11695896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
.
==================== Find3M ====================
.
2016-06-04 00:51:14 13553096 ----a-w- C:\WINDOWS\System32\drivers\nvlddmkm.sys
2016-06-03 03:59:19 6364216 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2016-06-03 03:59:19 2455608 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2016-06-03 03:59:17 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2016-06-03 03:59:17 69568 ----a-w- C:\WINDOWS\System32\nvshext.dll
2016-06-03 03:59:17 534072 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2016-06-03 03:59:17 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2016-06-03 03:59:17 1762752 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2016-06-03 03:59:17 1352760 ----a-w- C:\WINDOWS\System32\nvvsvc.exe
2016-06-03 03:59:09 6452948 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2016-06-03 03:28:41 111552 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2016-05-04 02:23:30 129824 ----a-w- C:\WINDOWS\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2016-05-04 02:22:58 40224 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2016-05-04 02:22:42 130848 ----a-w- C:\WINDOWS\System32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2016-05-04 02:22:10 45344 ----a-w- C:\WINDOWS\System32\vulkaninfo-1-1-0-11-1.exe
2016-05-02 05:39:01 1377800 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2016-05-02 05:39:01 1316184 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2016-05-02 05:38:42 1767944 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2016-05-02 05:38:42 1756608 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2016-05-02 05:38:42 112032 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2016-04-30 13:57:38 110144 ----a-w- C:\WINDOWS\System32\WindowsAccessBridge-64.dll
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-28 19:22:57 237488 ----a-w- C:\WINDOWS\System32\drivers\klhk.sys
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 05:06:57 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
.
============= FINISH: 6:42:59.06 ===============