Hi - thanks for your patience. I have copied and attached the requested files.
It appears that I am sending emails to people possibly companies I don't know and who are not in my address book - I only know it's happened when I get Undelivered mail return to sender notifications.
It started when I began to get unsolicited inappropriate emails - which I block and delete in the junk mail folder - but they keep changing their address so have to keep blocking the new ones.
I am using Microsoft Outlook with Windows 7 Home Premium.
Thank you for your help.:rofl::rofl:
Sue
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18538
Run by Sue at 9:26:55 on 2017-02-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3982.937 [GMT 2:00]
.
AV: McAfee VirusScan *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
C:\ProgramData\ASCValidator\ASCValidatorService.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Advance-System-Care\adsc.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
C:\Program Files (x86)\Cell C\UIExec.exe
C:\Program Files (x86)\Cell C\CancelAutoPlay.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
C:\Program Files (x86)\Cell C\AssistantServices.exe
C:\Program Files (x86)\Cell C\UnifiedUi.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Cell C\CMUpdater.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel Security\True Key\Application\native_proxy.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files\Intel Security\True Key\Application\truekey.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\STCServ\STCServ.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Intel Security\True Key\Application\truekey.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = about:blank
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: McAfee WebAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
uRun: [GoogleChromeAutoLaunch_39FF5F0A3A3753311386D9B0AA8115FE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
mRun: [UIExec] "C:\Program Files (x86)\Cell C\UIExec.exe"
mRun: [CancelAutoPlay] "C:\Program Files (x86)\Cell C\CancelAutoPlay.exe" run
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~4.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~3.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - <orphaned>
IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0AC753E3-B644-4073-A34B-09D81A6CA9D1} : NameServer = 41.48.23.61 41.48.23.29
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE}\84F6D656 : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = about:blank
x64-BHO: McAfee WebAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GwxControlPanelMonitor] "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
x64-Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
x64-Run: [IntelConnectCenter] C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - <orphaned>
x64-IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: PFW - <no file>
x64-SSODL: WebCheck - <orphaned>
Hosts: 0.0.0.1 mssplus.mcafee.com
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sue\AppData\Roaming\Mozilla\Firefox\Profiles\bx9jbngc.default-1456469919201\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-4-30 677360]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-4-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-1-24 20464]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2016-8-2 884792]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2016-9-9 252984]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-1-24 21584]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;C:\Windows\System32\drivers\uim_devim.sys [2015-8-21 25904]
R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 ASCValidator;ASC Validator;C:\ProgramData\ASCValidator\ASCValidatorService.exe [2016-12-9 29696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
R2 LyonessBrowserUpdater;LyonessBrowserUpdater;C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe [2015-3-23 180736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2017-1-26 188352]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2016-10-19 998992]
R2 McBootDelayStartSvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe [2016-5-31 1910000]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2016-10-19 384016]
R2 ModuleCoreService;McAfee Module Core Service;C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2016-10-19 1454216]
R2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-10-19 1045336]
R2 Samsung Link Service;Samsung Link Service;C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2016-9-1 623848]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-1-17 754784]
R2 STCServ;Intel(R) Common Connectivity Framework;C:\Program Files\Intel\STCServ\STCServ.exe [2015-3-16 8095456]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-1-26 995800]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-11-2 16248]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Cell C\AssistantServices.exe [2015-8-13 277248]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2016-9-9 88120]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\Windows\System32\drivers\HSPADataCardusbmdm.sys [2014-1-29 123392]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\Windows\System32\drivers\HSPADataCardusbnmea.sys [2014-1-29 123392]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\Windows\System32\drivers\HSPADataCardusbser.sys [2014-1-29 123392]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-1-24 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-1-24 786416]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-1-24 169432]
R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2016-8-2 477752]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2016-8-2 364088]
R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2016-10-19 242704]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2016-9-9 512056]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2016-8-1 519456]
R3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2016-9-9 110136]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-1-26 46240]
R3 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2016-10-19 331280]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-24 769168]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2012-3-15 102912]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2012-3-15 220672]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-1-24 21584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-11-29 125112]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-9-5 131712]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-1-16 1039376]
S3 ggflt;SOMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2015-6-9 16088]
S3 ggsomc;SOMC USB Flash Driver;C:\Windows\System32\drivers\ggsomc.sys [2015-6-9 30424]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2016-10-19 216704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-12-14 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-2-5 449496]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2015-8-13 11776]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [2016-12-14 329480]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2016-8-1 100136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-8-24 19456]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-6-9 155520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-9-5 165504]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-1-26 86864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-8-24 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2016-8-24 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-31 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2017-01-12 10:14:59 -------- d-----w- C:\Program Files (x86)\Advanced Password Manager IE Addon
2017-01-12 09:48:16 -------- d-----w- C:\Users\Sue\AppData\Roaming\AdvancedPasswordManager.com
.
==================== Find3M ====================
.
2017-01-31 13:26:38 5642 --sha-w- C:\ProgramData\KGyGaAvL.sys
2017-01-11 08:15:18 802904 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-01-11 08:15:18 144472 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-01-05 18:55:50 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-01-05 18:55:50 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-01-05 17:43:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2017-01-05 17:42:59 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
2017-01-05 17:32:02 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-01-05 17:25:29 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-01-05 17:24:54 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-01-05 17:24:53 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-01-05 17:24:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-01-05 17:23:20 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-01-05 17:19:03 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-11-29 20:34:16 28352 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 20:27:48 30400 ----a-w- C:\Windows\System32\aspnet_counters.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2016-11-21 18:12:11 109568 ----a-w- C:\Windows\System32\hlink.dll
2016-11-20 16:19:47 84992 ----a-w- C:\Windows\SysWow64\hlink.dll
2016-11-20 14:07:52 467392 ----a-w- C:\Windows\System32\drivers\cng.sys
2016-11-17 16:41:49 370920 ----a-w- C:\Windows\System32\clfs.sys
2016-11-12 19:48:25 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-11-12 19:48:08 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-11-12 19:28:01 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-11-12 19:26:46 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-11-12 19:26:27 417792 ----a-w- C:\Windows\System32\html.iec
2016-11-12 19:25:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-11-12 19:25:41 576000 ----a-w- C:\Windows\System32\vbscript.dll
2016-11-12 19:08:26 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-11-12 19:08:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-11-12 19:07:47 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-11-12 18:56:20 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-11-12 18:53:10 6049280 ----a-w- C:\Windows\System32\jscript9.dll
2016-11-12 18:47:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-11-12 18:41:49 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-11-12 18:30:22 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-11-12 18:29:26 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-11-12 18:29:13 498688 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-11-12 18:29:05 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-11-12 18:27:51 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-11-12 18:14:53 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-11-12 18:14:16 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-11-12 18:08:54 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-11-12 18:08:32 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-11-12 17:57:35 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-11-12 17:37:20 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-11-12 17:36:39 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-11-12 17:36:13 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-11-12 17:35:33 2920960 ----a-w- C:\Windows\System32\wininet.dll
2016-11-12 17:05:59 2444800 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-11-10 16:32:41 1009152 ----a-w- C:\Windows\System32\user32.dll
2016-11-10 16:19:40 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2016-11-09 16:41:27 114408 ----a-w- C:\Windows\System32\consent.exe
2016-11-09 16:33:43 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-11-09 16:33:34 504320 ----a-w- C:\Windows\System32\msihnd.dll
2016-11-09 16:33:34 3244032 ----a-w- C:\Windows\System32\msi.dll
2016-11-09 16:33:34 25088 ----a-w- C:\Windows\System32\msimsg.dll
2016-11-09 16:33:26 70144 ----a-w- C:\Windows\System32\appinfo.dll
2016-11-09 16:33:26 1941504 ----a-w- C:\Windows\System32\authui.dll
2016-11-09 16:17:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2016-11-09 16:17:31 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2016-11-09 16:17:31 25088 ----a-w- C:\Windows\SysWow64\msimsg.dll
2016-11-09 16:17:31 2365440 ----a-w- C:\Windows\SysWow64\msi.dll
2016-11-09 16:17:18 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
2016-11-09 16:02:19 128512 ----a-w- C:\Windows\System32\msiexec.exe
2016-11-09 15:55:06 73216 ----a-w- C:\Windows\SysWow64\msiexec.exe
2016-11-06 16:33:24 404992 ----a-w- C:\Windows\System32\gdi32.dll
2016-11-06 16:16:46 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-11-06 16:01:47 3219456 ----a-w- C:\Windows\System32\win32k.sys
2015-12-22 06:52:37 12964920 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 9:28:11.57 ===============
It appears that I am sending emails to people possibly companies I don't know and who are not in my address book - I only know it's happened when I get Undelivered mail return to sender notifications.
It started when I began to get unsolicited inappropriate emails - which I block and delete in the junk mail folder - but they keep changing their address so have to keep blocking the new ones.
I am using Microsoft Outlook with Windows 7 Home Premium.
Thank you for your help.:rofl::rofl:
Sue
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18538
Run by Sue at 9:26:55 on 2017-02-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3982.937 [GMT 2:00]
.
AV: McAfee VirusScan *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
C:\ProgramData\ASCValidator\ASCValidatorService.exe
C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Advance-System-Care\adsc.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k HPZ12
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
C:\Program Files (x86)\Cell C\UIExec.exe
C:\Program Files (x86)\Cell C\CancelAutoPlay.exe
C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\ConnectCenter\bin\CCFManager.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files\TrueKey\McTkSchedulerService.exe
C:\Program Files (x86)\Cell C\AssistantServices.exe
C:\Program Files (x86)\Cell C\UnifiedUi.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Cell C\CMUpdater.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel Security\True Key\Application\native_proxy.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files\Intel Security\True Key\Application\truekey.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Intel\STCServ\STCServ.exe
C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Intel Security\True Key\Application\truekey.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\UI0Detect.exe
C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = about:blank
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: McAfee WebAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
uRun: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
uRun: [GoogleChromeAutoLaunch_39FF5F0A3A3753311386D9B0AA8115FE] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
mRun: [QuickFinder Scheduler] "c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\QFSCHD150.EXE"
mRun: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
mRun: [ISUSPM Startup] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
mRun: [UIExec] "C:\Program Files (x86)\Cell C\UIExec.exe"
mRun: [CancelAutoPlay] "C:\Program Files (x86)\Cell C\CancelAutoPlay.exe" run
dRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~4.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~3.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~2.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe
uPolicies-Explorer: NoViewOnDrive = dword:0
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: DisableLocalMachineRun = dword:0
uPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
uPolicies-Explorer: DisableCurrentUserRun = dword:0
uPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoFile = dword:0
uPolicies-Explorer: HideClock = dword:0
uPolicies-Explorer: NoDevMgrUpdate = dword:0
uPolicies-Explorer: NoDFSTab = dword:0
uPolicies-Explorer: NoWindowsUpdate = dword:0
uPolicies-Explorer: NoEncryptOnMove = dword:0
uPolicies-Explorer: NoRunasInstallPrompt = dword:0
uPolicies-Explorer: NoResolveTrack = dword:0
uPolicies-Explorer: NoStartMenuSubFolders = dword:0
uPolicies-System: NoDispAppearancePage = dword:0
uPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
mPolicies-Explorer: NoViewOnDrive = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: DisableLocalMachineRun = dword:0
mPolicies-Explorer: DisableLocalMachineRunOnce = dword:0
mPolicies-Explorer: DisableCurrentUserRun = dword:0
mPolicies-Explorer: DisableCurrentUserRunOnce = dword:0
mPolicies-Explorer: NoDriveTypeAutoRun = dword:0
mPolicies-Explorer: NoFile = dword:0
mPolicies-Explorer: HideClock = dword:0
mPolicies-Explorer: NoDevMgrUpdate = dword:0
mPolicies-Explorer: NoDFSTab = dword:0
mPolicies-Explorer: NoWindowsUpdate = dword:0
mPolicies-Explorer: NoEncryptOnMove = dword:0
mPolicies-Explorer: NoRunasInstallPrompt = dword:0
mPolicies-Explorer: NoResolveTrack = dword:0
mPolicies-Explorer: NoStartMenuSubFolders = dword:0
mPolicies-System: NoDispAppearancePage = dword:0
mPolicies-System: NoDispSettingsPage = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\Program Files (x86)\Corel\WordPerfect Office X5\Programs\WPLauncher.hta
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - <orphaned>
IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{0AC753E3-B644-4073-A34B-09D81A6CA9D1} : NameServer = 41.48.23.61 41.48.23.29
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{ED878BCA-FBBB-4372-B670-01DCE68682FE}\84F6D656 : DHCPNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = about:blank
x64-BHO: McAfee WebAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [IgfxTray] "C:\Windows\System32\igfxtray.exe"
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [GwxControlPanelMonitor] "C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe" /traymode
x64-Run: [Samsung Link] "C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
x64-Run: [IntelConnectCenter] C:\Program Files\Intel\ConnectCenter\bin\ICCLauncher.exe /tasktrayonly
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - <orphaned>
x64-IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: PFW - <no file>
x64-SSODL: WebCheck - <orphaned>
Hosts: 0.0.0.1 mssplus.mcafee.com
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sue\AppData\Roaming\Mozilla\Firefox\Profiles\bx9jbngc.default-1456469919201\
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2013-4-30 677360]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2013-4-30 28656]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-1-24 20464]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2016-8-2 884792]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2016-9-9 252984]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2014-1-24 21584]
R1 Uim_DEVIM;UIM Direct Device Image Plugin;C:\Windows\System32\drivers\uim_devim.sys [2015-8-21 25904]
R2 AllShare Framework DMS;AllShare Framework DMS;C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [2013-12-21 404360]
R2 ASCValidator;ASC Validator;C:\ProgramData\ASCValidator\ASCValidatorService.exe [2016-12-9 29696]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-14 27136]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-4-30 15344]
R2 LyonessBrowserUpdater;LyonessBrowserUpdater;C:\Program Files (x86)\LyonessBrowserUpdater\LyonessBrowserUpdater.exe [2015-3-23 180736]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2017-1-26 188352]
R2 McAPExe;McAfee AP Service;C:\Program Files\McAfee\MSC\McAPExe.exe [2016-10-19 998992]
R2 McBootDelayStartSvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe [2016-5-31 1910000]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [2016-10-19 596768]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2016-10-19 384016]
R2 ModuleCoreService;McAfee Module Core Service;C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2016-10-19 1454216]
R2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-10-19 1045336]
R2 Samsung Link Service;Samsung Link Service;C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [2016-9-1 623848]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-1-17 754784]
R2 STCServ;Intel(R) Common Connectivity Framework;C:\Program Files\Intel\STCServ\STCServ.exe [2015-3-16 8095456]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-1-26 995800]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-11-2 16248]
R2 UI Assistant Service;UI Assistant Service;C:\Program Files (x86)\Cell C\AssistantServices.exe [2015-8-13 277248]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2016-9-9 88120]
R3 HSPADataCardusbmdm;HSPADataCard Proprietary USB Driver;C:\Windows\System32\drivers\HSPADataCardusbmdm.sys [2014-1-29 123392]
R3 HSPADataCardusbnmea;HSPADataCard NMEA Port;C:\Windows\System32\drivers\HSPADataCardusbnmea.sys [2014-1-29 123392]
R3 HSPADataCardusbser;HSPADataCard Diagnostic Port;C:\Windows\System32\drivers\HSPADataCardusbser.sys [2014-1-29 123392]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-1-24 368112]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-1-24 786416]
R3 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2014-1-24 169432]
R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2016-8-2 477752]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2016-8-2 364088]
R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2016-10-19 242704]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2016-9-9 512056]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2016-8-1 519456]
R3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2016-9-9 110136]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2017-1-26 46240]
R3 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2016-10-19 331280]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-24 769168]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\Windows\System32\drivers\RTL8192su.sys [2010-11-25 694888]
R3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);C:\Windows\System32\drivers\rusb3hub.sys [2012-3-15 102912]
R3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);C:\Windows\System32\drivers\rusb3xhc.sys [2012-3-15 220672]
S1 UsbCharger;UsbCharger;C:\Windows\System32\drivers\UsbCharger.sys [2014-1-24 21584]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2016-11-29 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2016-11-29 125112]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-9-5 131712]
S3 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-1-16 1039376]
S3 ggflt;SOMC USB Flash Driver Filter;C:\Windows\System32\drivers\ggflt.sys [2015-6-9 16088]
S3 ggsomc;SOMC USB Flash Driver;C:\Windows\System32\drivers\ggsomc.sys [2015-6-9 30424]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2016-10-19 216704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2016-12-14 114688]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-2-5 449496]
S3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-2-13 731648]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-2-13 820184]
S3 massfilter;Mass Storage Filter Driver;C:\Windows\System32\drivers\massfilter.sys [2015-8-13 11776]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe [2016-12-14 329480]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2016-8-1 100136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2016-8-24 19456]
S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 Sony PC Companion;Sony PC Companion;C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2015-6-9 155520]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-9-5 165504]
S3 TrueKeyServiceHelper;TrueKeyServiceHelper;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-1-26 86864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2016-8-24 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2016-8-24 30208]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-1-31 1255736]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .ini: inifile=C:\Windows\SysWow64\NOTEPAD.EXE %1
FileExt: .inf: inffile=C:\Windows\SysWow64\NOTEPAD.EXE %1
.
=============== Created Last 30 ================
.
2017-01-12 10:14:59 -------- d-----w- C:\Program Files (x86)\Advanced Password Manager IE Addon
2017-01-12 09:48:16 -------- d-----w- C:\Users\Sue\AppData\Roaming\AdvancedPasswordManager.com
.
==================== Find3M ====================
.
2017-01-31 13:26:38 5642 --sha-w- C:\ProgramData\KGyGaAvL.sys
2017-01-11 08:15:18 802904 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2017-01-11 08:15:18 144472 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2017-01-05 18:55:50 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2017-01-05 18:55:50 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2017-01-05 17:43:17 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2017-01-05 17:42:59 690688 ----a-w- C:\Windows\SysWow64\adtschema.dll
2017-01-05 17:32:02 64000 ----a-w- C:\Windows\System32\auditpol.exe
2017-01-05 17:25:29 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2017-01-05 17:24:54 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2017-01-05 17:24:53 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2017-01-05 17:24:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2017-01-05 17:23:20 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2017-01-05 17:19:03 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2016-11-29 20:34:16 28352 ----a-w- C:\Windows\SysWow64\aspnet_counters.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcr110_clr0400.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcr100_clr0400.dll
2016-11-29 20:34:16 19112 ----a-w- C:\Windows\SysWow64\msvcp110_clr0400.dll
2016-11-29 20:27:48 30400 ----a-w- C:\Windows\System32\aspnet_counters.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcr110_clr0400.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcr100_clr0400.dll
2016-11-29 20:27:48 19112 ----a-w- C:\Windows\System32\msvcp110_clr0400.dll
2016-11-21 18:12:11 109568 ----a-w- C:\Windows\System32\hlink.dll
2016-11-20 16:19:47 84992 ----a-w- C:\Windows\SysWow64\hlink.dll
2016-11-20 14:07:52 467392 ----a-w- C:\Windows\System32\drivers\cng.sys
2016-11-17 16:41:49 370920 ----a-w- C:\Windows\System32\clfs.sys
2016-11-12 19:48:25 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2016-11-12 19:48:08 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2016-11-12 19:28:01 66560 ----a-w- C:\Windows\System32\iesetup.dll
2016-11-12 19:26:46 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2016-11-12 19:26:27 417792 ----a-w- C:\Windows\System32\html.iec
2016-11-12 19:25:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2016-11-12 19:25:41 576000 ----a-w- C:\Windows\System32\vbscript.dll
2016-11-12 19:08:26 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2016-11-12 19:08:24 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2016-11-12 19:07:47 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2016-11-12 18:56:20 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2016-11-12 18:53:10 6049280 ----a-w- C:\Windows\System32\jscript9.dll
2016-11-12 18:47:35 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2016-11-12 18:41:49 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2016-11-12 18:30:22 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2016-11-12 18:29:26 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2016-11-12 18:29:13 498688 ----a-w- C:\Windows\SysWow64\vbscript.dll
2016-11-12 18:29:05 341504 ----a-w- C:\Windows\SysWow64\html.iec
2016-11-12 18:27:51 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2016-11-12 18:14:53 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2016-11-12 18:14:16 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2016-11-12 18:08:54 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2016-11-12 18:08:32 2131456 ----a-w- C:\Windows\System32\inetcpl.cpl
2016-11-12 17:57:35 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2016-11-12 17:37:20 4608000 ----a-w- C:\Windows\SysWow64\jscript9.dll
2016-11-12 17:36:39 2055680 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2016-11-12 17:36:13 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2016-11-12 17:35:33 2920960 ----a-w- C:\Windows\System32\wininet.dll
2016-11-12 17:05:59 2444800 ----a-w- C:\Windows\SysWow64\wininet.dll
2016-11-10 16:32:41 1009152 ----a-w- C:\Windows\System32\user32.dll
2016-11-10 16:19:40 833024 ----a-w- C:\Windows\SysWow64\user32.dll
2016-11-09 16:41:27 114408 ----a-w- C:\Windows\System32\consent.exe
2016-11-09 16:33:43 2048 ----a-w- C:\Windows\System32\tzres.dll
2016-11-09 16:33:34 504320 ----a-w- C:\Windows\System32\msihnd.dll
2016-11-09 16:33:34 3244032 ----a-w- C:\Windows\System32\msi.dll
2016-11-09 16:33:34 25088 ----a-w- C:\Windows\System32\msimsg.dll
2016-11-09 16:33:26 70144 ----a-w- C:\Windows\System32\appinfo.dll
2016-11-09 16:33:26 1941504 ----a-w- C:\Windows\System32\authui.dll
2016-11-09 16:17:52 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2016-11-09 16:17:31 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2016-11-09 16:17:31 25088 ----a-w- C:\Windows\SysWow64\msimsg.dll
2016-11-09 16:17:31 2365440 ----a-w- C:\Windows\SysWow64\msi.dll
2016-11-09 16:17:18 1806848 ----a-w- C:\Windows\SysWow64\authui.dll
2016-11-09 16:02:19 128512 ----a-w- C:\Windows\System32\msiexec.exe
2016-11-09 15:55:06 73216 ----a-w- C:\Windows\SysWow64\msiexec.exe
2016-11-06 16:33:24 404992 ----a-w- C:\Windows\System32\gdi32.dll
2016-11-06 16:16:46 312832 ----a-w- C:\Windows\SysWow64\gdi32.dll
2016-11-06 16:01:47 3219456 ----a-w- C:\Windows\System32\win32k.sys
2015-12-22 06:52:37 12964920 ----a-w- C:\Program Files (x86)\Common Files\wruninstall.exe
.
============= FINISH: 9:28:11.57 ===============