I did the Windows Upgrade and as I was playing around with the new OS found my java was out dated and I think I installed a bad file instead of the real one. Can you please take a look and see what kinds of malware/junk programs I have DL'ed? I know for sure Chromium is one of them
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.545 BrowserJavaVersion: 11.101.2
Run by Vicki at 14:27:25 on 2016-09-03
Microsoft Windows 10 Pro 10.0.10586.0.1252.1.1033.18.8130.5560 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Windows\system32\mfevtps.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\Vicki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vicki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ByteFence\ByteFence.exe
C:\Users\Vicki\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
c:\PROGRA~1\mcafee\vul\mcvulctr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
uSearch Bar = Preserve
mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
BHO: McAfee SafeKey Vault: {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll
TB: McAfee SafeKey: {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
uRun: [Spotify Web Helper] "C:\Users\Vicki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Dropbox Update] "C:\Users\Vicki\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [OneDrive] "C:\Users\Vicki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Chromium] "c:\users\vicki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Vicki\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Vicki\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1daff43e-db8f-4fce-bae5-55801f2b8a01} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: McAfee SafeKey Vault: {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll
x64-TB: McAfee SafeKey: {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_DTS] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.1 mssplus.mcafee.com
Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\84hxwpfw.default-1437948450356\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
FF - prefs.js: keyword.URL - true
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
============= SERVICES / DRIVERS ===============
.
R?2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-30 1593632]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2015-2-17 846080]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2015-2-17 245096]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\WINDOWS\System32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2015-7-19 162392]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-8-1 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2016-7-27 936728]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2014-3-30 240584]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-30 169432]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2016-8-25 163592]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2015-7-19 863448]
R2 McBootDelayStartSvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [2016-2-23 1696712]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McPvDrv;McPvDrv Driver;C:\WINDOWS\System32\drivers\McPvDrv.sys [2016-2-29 76064]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-7-19 380896]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-7-19 131144]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-30 16939296]
R2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-2-29 902112]
R2 rtop;rtop;C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2016-8-15 254280]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-7-31 410768]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-6-18 5702416]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2015-2-17 79248]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-7-26 25816]
R3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2015-2-17 419624]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2015-2-17 351144]
R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2015-7-19 234192]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2015-2-17 496368]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2015-11-20 539496]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-8-25 46240]
R3 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2015-7-19 275368]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-3-30 39200]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2016-7-27 83096]
S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-7-16 145528]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-26 1133880]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 Andbus;LGE Android Platform Composite USB Device;C:\WINDOWS\System32\drivers\lgandbus64.sys [2016-5-30 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\WINDOWS\System32\drivers\lganddiag64.sys [2016-5-30 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\WINDOWS\System32\drivers\lgandgps64.sys [2016-5-30 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\WINDOWS\System32\drivers\lgandmodem64.sys [2016-5-30 34304]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-7-16 433784]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-7-16 413304]
S3 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-7-16 831096]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-4-27 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2015-7-19 207208]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-7-26 63704]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-7-19 327944]
S3 mfencrk;McAfee Inc. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2015-11-20 109480]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-10-30 108032]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-8-1 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-8-1 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-8-1 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-8-1 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-4-27 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-8-1 26112]
S4 AppApcVerifier;AppVerifier APC; [x]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-09-03 18:13:57 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9A38C67C-417F-4173-BF69-FE859EBF9C9C}\mpengine.dll
2016-09-02 01:45:56 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-09-02 01:45:55 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D26A00B-0810-4679-B9B2-A57EA6E286DD}\gapaengine.dll
2016-08-31 01:43:15 -------- d-----w- C:\Program Files (x86)\Trend Micro
2016-08-31 01:31:57 316168 ----a-w- C:\WINDOWS\System32\drivers\tmcomm.sys
2016-08-25 00:07:58 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B357B22-C4B2-4DCC-B398-BD172AEFFBD6}\gapaengine.dll
2016-08-15 22:22:25 377344 ----a-w- C:\WINDOWS\RegBootClean.exe
2016-08-15 22:17:21 -------- d-----w- C:\WINDOWS\Trend Micro
2016-08-15 22:17:21 -------- d-----w- C:\ProgramData\Trend Micro
2016-08-15 14:51:15 -------- d-----w- C:\ProgramData\AppApcVerifier
2016-08-15 14:31:12 -------- d-----w- C:\ProgramData\ByteFence
2016-08-15 14:21:33 -------- d-----w- C:\Users\Vicki\AppData\Roaming\{E638D083-C36A-BDF5-A85C-9A27748E6719}
2016-08-15 14:21:08 -------- d-----w- C:\Users\Vicki\AppData\Local\{E665D039-C2CD-BC81-AF55-99698B3D65F1}
2016-08-15 14:21:07 -------- d-----w- C:\Program Files\ByteFence
2016-08-15 14:21:05 -------- d-----w- C:\Users\Vicki\AppData\Roaming\efo
2016-08-15 14:16:33 -------- d-----w- C:\Users\Vicki\AppData\Local\MicrosoftEdge
2016-08-10 06:13:22 -------- d-----w- C:\WINDOWS\PCHEALTH
2016-08-10 05:06:57 970752 ----a-w- C:\WINDOWS\System32\kerberos.dll
2016-08-10 05:06:57 359936 ----a-w- C:\WINDOWS\System32\SensorsApi.dll
2016-08-10 05:06:57 286208 ----a-w- C:\WINDOWS\SysWow64\SensorsApi.dll
2016-08-10 05:06:56 91136 ----a-w- C:\WINDOWS\System32\bthserv.dll
2016-08-10 05:06:56 58408 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
2016-08-10 05:06:56 422744 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys
2016-08-10 05:06:56 339968 ----a-w- C:\WINDOWS\System32\SensorService.dll
.
==================== Find3M ====================
.
2016-08-15 14:22:55 97856 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2016-08-03 11:14:47 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-08-03 11:14:47 50368 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-08-03 11:14:47 1505984 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-08-03 10:36:39 7469408 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-08-03 10:36:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-08-03 10:36:30 37744 ----a-w- C:\WINDOWS\System32\wldp.dll
2016-08-03 10:23:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-08-03 10:23:42 693600 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-08-03 10:22:53 465248 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2016-08-03 10:22:39 331616 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-08-03 10:22:10 808288 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2016-08-03 10:22:08 1322760 ----a-w- C:\WINDOWS\System32\ole32.dll
2016-08-03 10:21:07 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-08-03 10:21:01 566112 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-08-03 10:20:08 1540224 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2016-08-03 10:20:04 692136 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2016-08-03 10:19:37 604928 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-08-03 10:19:36 161632 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2016-08-03 10:13:17 1988448 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-08-03 10:13:11 576864 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-08-03 10:13:10 393056 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-08-03 09:51:14 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2016-08-03 09:51:00 123392 ----a-w- C:\WINDOWS\System32\tdlrecover.exe
2016-08-03 09:46:24 22384128 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-08-03 09:44:39 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
2016-08-03 09:44:23 44544 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2016-08-03 09:44:03 189952 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2016-08-03 09:43:07 16985088 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-08-03 09:41:27 64000 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryClient.dll
2016-08-03 09:41:25 59904 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll
2016-08-03 09:40:54 58880 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
2016-08-03 09:40:48 47616 ----a-w- C:\WINDOWS\System32\TpmTasks.dll
2016-08-03 09:40:16 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
2016-08-03 09:39:55 218624 ----a-w- C:\WINDOWS\System32\cdd.dll
2016-08-03 09:39:43 104448 ----a-w- C:\WINDOWS\System32\BluetoothApis.dll
2016-08-03 09:38:23 379392 ----a-w- C:\WINDOWS\System32\usocore.dll
2016-08-03 09:38:22 412160 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2016-08-03 09:37:22 110080 ----a-w- C:\WINDOWS\System32\IdCtrls.dll
2016-08-03 09:36:49 211456 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2016-08-03 09:36:28 198144 ----a-w- C:\WINDOWS\System32\winsrv.dll
2016-08-03 09:35:56 200192 ----a-w- C:\WINDOWS\System32\WUDFPlatform.dll
2016-08-03 09:35:15 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-08-03 09:33:37 285184 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
2016-08-03 09:31:54 247296 ----a-w- C:\WINDOWS\System32\wevtutil.exe
2016-08-03 09:31:38 506880 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
2016-08-03 09:30:28 515072 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll
2016-08-03 09:29:36 2127360 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2016-08-03 09:29:15 1500160 ----a-w- C:\WINDOWS\System32\RecoveryDrive.exe
2016-08-03 09:29:09 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-08-03 09:28:40 529920 ----a-w- C:\WINDOWS\System32\LogonController.dll
2016-08-03 09:28:22 1213440 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2016-08-03 09:27:58 1717760 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2016-08-03 09:27:45 7536640 ----a-w- C:\WINDOWS\System32\mstscax.dll
2016-08-03 09:27:29 381952 ----a-w- C:\WINDOWS\System32\wuuhext.dll
2016-08-03 09:18:57 6974464 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2016-08-03 09:18:20 1388032 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2016-08-03 09:18:16 2067968 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-08-03 09:17:10 2175488 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-08-03 09:16:43 2635776 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2016-08-03 09:16:30 3589120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-08-03 09:16:25 5123072 ----a-w- C:\WINDOWS\System32\dbgeng.dll
2016-08-03 09:15:20 7833088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-08-03 09:14:04 1997824 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2016-08-03 09:14:02 4895232 ----a-w- C:\WINDOWS\System32\jscript9.dll
2016-08-03 09:13:59 3025920 ----a-w- C:\WINDOWS\System32\wininet.dll
2016-08-03 09:12:25 2746368 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll
2016-08-03 09:11:25 4171264 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2016-08-03 05:52:28 34088 ----a-w- C:\WINDOWS\SysWow64\wldp.dll
2016-08-03 05:34:16 501592 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-08-03 05:34:13 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-08-03 05:33:08 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
2016-08-03 05:31:51 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2016-08-03 05:31:38 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-08-03 05:30:12 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-08-03 05:30:07 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-08-03 04:57:44 91648 ----a-w- C:\WINDOWS\SysWow64\tdlrecover.exe
2016-08-03 04:48:25 51712 ----a-w- C:\WINDOWS\SysWow64\wshbth.dll
2016-08-03 04:47:48 13018112 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-08-03 04:44:46 48128 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
2016-08-03 04:44:45 48640 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
2016-08-03 04:42:54 80896 ----a-w- C:\WINDOWS\SysWow64\BluetoothApis.dll
2016-08-03 04:40:45 92160 ----a-w- C:\WINDOWS\SysWow64\IdCtrls.dll
2016-08-03 04:37:22 219136 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
2016-08-03 04:35:37 178688 ----a-w- C:\WINDOWS\SysWow64\wevtutil.exe
2016-08-03 04:34:23 400896 ----a-w- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
2016-08-03 04:34:10 792064 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2016-08-03 04:33:52 2050048 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2016-08-03 04:33:35 18677760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-08-03 04:32:44 434688 ----a-w- C:\WINDOWS\SysWow64\LogonController.dll
2016-08-03 04:32:09 1467392 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2016-08-03 04:31:05 6743040 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
2016-08-03 04:28:30 3663360 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2016-08-03 04:25:36 5323776 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2016-08-03 04:25:23 4078080 ----a-w- C:\WINDOWS\SysWow64\dbgeng.dll
2016-08-03 04:23:48 1799680 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
2016-08-03 04:23:47 5660672 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-08-03 04:22:18 2501120 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2016-08-03 04:21:34 1708032 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2016-08-03 04:19:22 2180096 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
.
============= FINISH: 14:27:37.24 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.545 BrowserJavaVersion: 11.101.2
Run by Vicki at 14:27:25 on 2016-09-03
Microsoft Windows 10 Pro 10.0.10586.0.1252.1.1033.18.8130.5560 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Windows\system32\mfevtps.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Trend Micro\DRScanner\DRScanner.exe
C:\Program Files\McAfee\MAT\McPvTray.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\Vicki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Vicki\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ByteFence\ByteFence.exe
C:\Users\Vicki\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
c:\PROGRA~1\mcafee\vul\mcvulctr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
uSearch Bar = Preserve
mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
BHO: McAfee SafeKey Vault: {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\CoIEPlg.dll
TB: McAfee SafeKey: {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
uRun: [Spotify Web Helper] "C:\Users\Vicki\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [Dropbox Update] "C:\Users\Vicki\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [OneDrive] "C:\Users\Vicki\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Chromium] "c:\users\vicki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Vicki\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Vicki\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\lpuninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1daff43e-db8f-4fce-bae5-55801f2b8a01} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: McAfee SafeKey Vault: {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.11.42\CoIEPlg.dll
x64-TB: McAfee SafeKey: {61D700C1-7D8D-43c5-9C13-4FF85157CFE6} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg_DTS] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /DTSU2P
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {9DB059B3-DD36-4a55-846C-59BE42A1202A} - C:\Program Files (x86)\SafeKey\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-DPF: {AA570693-00E2-4907-B6F1-60A1199B030C} - hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.1 mssplus.mcafee.com
Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vicki\AppData\Roaming\Mozilla\Firefox\Profiles\84hxwpfw.default-1437948450356\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_omxmedia_16_33¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0Bzz0CyCyE0AtA0Bzz0C0FtN0D0Tzu0StCyCzzzztN1L2XzutAtFtByEtFyCtFyBtN1L1Czu1BtAtN1L1G1B1V1N2Y1L1Qzu2SyEzz0EtAyBzz0D0FtGyD0CyD0CtG0EtAyEyBtGtD0Azy0CtGyE0DtCyCyCzyzztCtC0ByBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0ByEtDtC0A0EyEtG0DtC0AtDtGyEyEtB0CtG0A0Ezz0EtGzzyD0F0EyEyC0B0AyEyDtAzz2QtN0A0LzutB%26cr%3D1214590957%26a%3Dwbf_omxmedia_16_33%26os_ver%3D10.0%26os%3DWindows%2B10%2BPro
FF - prefs.js: keyword.URL - true
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
.
============= SERVICES / DRIVERS ===============
.
R?2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-30 1593632]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2015-2-17 846080]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2015-2-17 245096]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\WINDOWS\System32\drivers\NSTx64\7DE070B0.02A\ccSetx64.sys [2015-7-19 162392]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-8-1 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [2016-7-27 936728]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 DTSAudioSvc;DTSAudioSvc;C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2014-3-30 240584]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-30 169432]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2016-8-25 163592]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2015-7-19 863448]
R2 McBootDelayStartSvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [2016-2-23 1696712]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2015-7-19 453520]
R2 McPvDrv;McPvDrv Driver;C:\WINDOWS\System32\drivers\McPvDrv.sys [2016-2-29 76064]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-7-19 380896]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.11.42\NST.exe [2015-7-19 131144]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-30 16939296]
R2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-2-29 902112]
R2 rtop;rtop;C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2016-8-15 254280]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2016-7-31 410768]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 TeamViewer;TeamViewer 10;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-6-18 5702416]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2015-2-17 79248]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-7-26 25816]
R3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2015-2-17 419624]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2015-2-17 351144]
R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2015-7-19 234192]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2015-2-17 496368]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2015-11-20 539496]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2016-8-25 46240]
R3 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2015-7-19 275368]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-3-30 39200]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-30 589824]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2016-7-27 83096]
S2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2015-7-16 145528]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-26 1133880]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 Andbus;LGE Android Platform Composite USB Device;C:\WINDOWS\System32\drivers\lgandbus64.sys [2016-5-30 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\WINDOWS\System32\drivers\lganddiag64.sys [2016-5-30 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\WINDOWS\System32\drivers\lgandgps64.sys [2016-5-30 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\WINDOWS\System32\drivers\lgandmodem64.sys [2016-5-30 34304]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2015-7-16 433784]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2015-7-16 413304]
S3 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2015-7-16 831096]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-4-27 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2015-7-19 207208]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-7-26 63704]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-7-19 327944]
S3 mfencrk;McAfee Inc. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2015-11-20 109480]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-10-30 108032]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-8-1 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-8-1 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-8-1 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-8-1 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-4-27 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-8-1 26112]
S4 AppApcVerifier;AppVerifier APC; [x]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-09-03 18:13:57 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9A38C67C-417F-4173-BF69-FE859EBF9C9C}\mpengine.dll
2016-09-02 01:45:56 11847048 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-09-02 01:45:55 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7D26A00B-0810-4679-B9B2-A57EA6E286DD}\gapaengine.dll
2016-08-31 01:43:15 -------- d-----w- C:\Program Files (x86)\Trend Micro
2016-08-31 01:31:57 316168 ----a-w- C:\WINDOWS\System32\drivers\tmcomm.sys
2016-08-25 00:07:58 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4B357B22-C4B2-4DCC-B398-BD172AEFFBD6}\gapaengine.dll
2016-08-15 22:22:25 377344 ----a-w- C:\WINDOWS\RegBootClean.exe
2016-08-15 22:17:21 -------- d-----w- C:\WINDOWS\Trend Micro
2016-08-15 22:17:21 -------- d-----w- C:\ProgramData\Trend Micro
2016-08-15 14:51:15 -------- d-----w- C:\ProgramData\AppApcVerifier
2016-08-15 14:31:12 -------- d-----w- C:\ProgramData\ByteFence
2016-08-15 14:21:33 -------- d-----w- C:\Users\Vicki\AppData\Roaming\{E638D083-C36A-BDF5-A85C-9A27748E6719}
2016-08-15 14:21:08 -------- d-----w- C:\Users\Vicki\AppData\Local\{E665D039-C2CD-BC81-AF55-99698B3D65F1}
2016-08-15 14:21:07 -------- d-----w- C:\Program Files\ByteFence
2016-08-15 14:21:05 -------- d-----w- C:\Users\Vicki\AppData\Roaming\efo
2016-08-15 14:16:33 -------- d-----w- C:\Users\Vicki\AppData\Local\MicrosoftEdge
2016-08-10 06:13:22 -------- d-----w- C:\WINDOWS\PCHEALTH
2016-08-10 05:06:57 970752 ----a-w- C:\WINDOWS\System32\kerberos.dll
2016-08-10 05:06:57 359936 ----a-w- C:\WINDOWS\System32\SensorsApi.dll
2016-08-10 05:06:57 286208 ----a-w- C:\WINDOWS\SysWow64\SensorsApi.dll
2016-08-10 05:06:56 91136 ----a-w- C:\WINDOWS\System32\bthserv.dll
2016-08-10 05:06:56 58408 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
2016-08-10 05:06:56 422744 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys
2016-08-10 05:06:56 339968 ----a-w- C:\WINDOWS\System32\SensorService.dll
.
==================== Find3M ====================
.
2016-08-15 14:22:55 97856 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2016-08-03 11:14:47 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-08-03 11:14:47 50368 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-08-03 11:14:47 1505984 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-08-03 10:36:39 7469408 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-08-03 10:36:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-08-03 10:36:30 37744 ----a-w- C:\WINDOWS\System32\wldp.dll
2016-08-03 10:23:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-08-03 10:23:42 693600 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-08-03 10:22:53 465248 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2016-08-03 10:22:39 331616 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-08-03 10:22:10 808288 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2016-08-03 10:22:08 1322760 ----a-w- C:\WINDOWS\System32\ole32.dll
2016-08-03 10:21:07 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-08-03 10:21:01 566112 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-08-03 10:20:08 1540224 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2016-08-03 10:20:04 692136 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2016-08-03 10:19:37 604928 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-08-03 10:19:36 161632 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2016-08-03 10:13:17 1988448 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-08-03 10:13:11 576864 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-08-03 10:13:10 393056 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-08-03 09:51:14 84480 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2016-08-03 09:51:00 123392 ----a-w- C:\WINDOWS\System32\tdlrecover.exe
2016-08-03 09:46:24 22384128 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-08-03 09:44:39 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
2016-08-03 09:44:23 44544 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2016-08-03 09:44:03 189952 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2016-08-03 09:43:07 16985088 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2016-08-03 09:41:27 64000 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryClient.dll
2016-08-03 09:41:25 59904 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll
2016-08-03 09:40:54 58880 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
2016-08-03 09:40:48 47616 ----a-w- C:\WINDOWS\System32\TpmTasks.dll
2016-08-03 09:40:16 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
2016-08-03 09:39:55 218624 ----a-w- C:\WINDOWS\System32\cdd.dll
2016-08-03 09:39:43 104448 ----a-w- C:\WINDOWS\System32\BluetoothApis.dll
2016-08-03 09:38:23 379392 ----a-w- C:\WINDOWS\System32\usocore.dll
2016-08-03 09:38:22 412160 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2016-08-03 09:37:22 110080 ----a-w- C:\WINDOWS\System32\IdCtrls.dll
2016-08-03 09:36:49 211456 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2016-08-03 09:36:28 198144 ----a-w- C:\WINDOWS\System32\winsrv.dll
2016-08-03 09:35:56 200192 ----a-w- C:\WINDOWS\System32\WUDFPlatform.dll
2016-08-03 09:35:15 764928 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-08-03 09:33:37 285184 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
2016-08-03 09:31:54 247296 ----a-w- C:\WINDOWS\System32\wevtutil.exe
2016-08-03 09:31:38 506880 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
2016-08-03 09:30:28 515072 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll
2016-08-03 09:29:36 2127360 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2016-08-03 09:29:15 1500160 ----a-w- C:\WINDOWS\System32\RecoveryDrive.exe
2016-08-03 09:29:09 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-08-03 09:28:40 529920 ----a-w- C:\WINDOWS\System32\LogonController.dll
2016-08-03 09:28:22 1213440 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2016-08-03 09:27:58 1717760 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2016-08-03 09:27:45 7536640 ----a-w- C:\WINDOWS\System32\mstscax.dll
2016-08-03 09:27:29 381952 ----a-w- C:\WINDOWS\System32\wuuhext.dll
2016-08-03 09:18:57 6974464 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2016-08-03 09:18:20 1388032 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2016-08-03 09:18:16 2067968 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-08-03 09:17:10 2175488 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-08-03 09:16:43 2635776 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2016-08-03 09:16:30 3589120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-08-03 09:16:25 5123072 ----a-w- C:\WINDOWS\System32\dbgeng.dll
2016-08-03 09:15:20 7833088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-08-03 09:14:04 1997824 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2016-08-03 09:14:02 4895232 ----a-w- C:\WINDOWS\System32\jscript9.dll
2016-08-03 09:13:59 3025920 ----a-w- C:\WINDOWS\System32\wininet.dll
2016-08-03 09:12:25 2746368 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll
2016-08-03 09:11:25 4171264 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2016-08-03 05:52:28 34088 ----a-w- C:\WINDOWS\SysWow64\wldp.dll
2016-08-03 05:34:16 501592 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-08-03 05:34:13 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-08-03 05:33:08 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
2016-08-03 05:31:51 957608 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2016-08-03 05:31:38 703840 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2016-08-03 05:30:12 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-08-03 05:30:07 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-08-03 04:57:44 91648 ----a-w- C:\WINDOWS\SysWow64\tdlrecover.exe
2016-08-03 04:48:25 51712 ----a-w- C:\WINDOWS\SysWow64\wshbth.dll
2016-08-03 04:47:48 13018112 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-08-03 04:44:46 48128 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryBroker.dll
2016-08-03 04:44:45 48640 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryClient.dll
2016-08-03 04:42:54 80896 ----a-w- C:\WINDOWS\SysWow64\BluetoothApis.dll
2016-08-03 04:40:45 92160 ----a-w- C:\WINDOWS\SysWow64\IdCtrls.dll
2016-08-03 04:37:22 219136 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
2016-08-03 04:35:37 178688 ----a-w- C:\WINDOWS\SysWow64\wevtutil.exe
2016-08-03 04:34:23 400896 ----a-w- C:\WINDOWS\SysWow64\OneDriveSettingSyncProvider.dll
2016-08-03 04:34:10 792064 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2016-08-03 04:33:52 2050048 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2016-08-03 04:33:35 18677760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-08-03 04:32:44 434688 ----a-w- C:\WINDOWS\SysWow64\LogonController.dll
2016-08-03 04:32:09 1467392 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2016-08-03 04:31:05 6743040 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll
2016-08-03 04:28:30 3663360 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2016-08-03 04:25:36 5323776 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2016-08-03 04:25:23 4078080 ----a-w- C:\WINDOWS\SysWow64\dbgeng.dll
2016-08-03 04:23:48 1799680 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Logon.dll
2016-08-03 04:23:47 5660672 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-08-03 04:22:18 2501120 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2016-08-03 04:21:34 1708032 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2016-08-03 04:19:22 2180096 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepository.dll
.
============= FINISH: 14:27:37.24 ===============