Jump to content


Photo

Only able to work in safe mode


  • This topic is locked This topic is locked
13 replies to this topic

#1 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 25 April 2016 - 05:52 PM

Computer started grinding to a halt about 4-5 days ago. Super slow and sometimes freezing. Been unable to do anything unless I reboot in safe mode. Even then, there's only so much I'm able to do as far as running virus scans. Wasn't able to get all the logs mentioned in the posting instructions, so I'll post what I have and see if it helps. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.10586.20
Run by djken at 23:52:07 on 2016-04-19
Microsoft Windows 10 Home  10.0.10586.0.1252.1.1033.18.7864.6896 [GMT -5:00]
.
AV: Webroot SecureAnywhere *Disabled/Updated* {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Webroot SecureAnywhere *Disabled/Updated* {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\helppane.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [OneDrive] "C:\Users\djken\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{b0669201-17b3-41bc-b300-5fd1898c653d} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{d5c356a5-5da4-4545-bfd7-20b1ccd4bd5e} : DHCPNameServer = 192.168.123.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-7-22 73976]
R0 amdpsp;AMD PSP Service;C:\WINDOWS\System32\drivers\amdpsp.sys [2015-7-2 277240]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2015-6-11 245096]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R0 WRkrn;WRkrn;C:\WINDOWS\System32\drivers\WRkrn.sys [2016-1-4 117728]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
R3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
R3 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
R3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
R3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
R3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-10-23 402136]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
R3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2015-6-11 83096]
S0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2015-6-11 846080]
S1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
S1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-5-6 68168]
S2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-7-22 245760]
S2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
S2 BcmBtRSupport;Bluetooth Driver Management Service;C:\WINDOWS\System32\BtwRSupportService.exe [2015-12-14 2286848]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-14 143144]
S2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-6-25 349728]
S2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-11 26680]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2015-4-7 863448]
S2 mcbootdelaystartsvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-10-23 380896]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2015-10-23 275368]
S2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-2-27 896456]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2015-10-23 389896]
S2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-6-5 316152]
S2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
S2 tbaseprovisioning;tbaseprovisioning;C:\Windows\SysWOW64\tbaseprovisioning.exe [2015-7-2 60432]
S2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2016-1-4 873072]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 amdkmcsp;AMD Kernel Mode CSP Service;C:\WINDOWS\System32\drivers\amdkmcsp.sys [2015-7-2 101104]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-7-22 102912]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\WINDOWS\System32\drivers\bcbtums.sys [2015-12-14 208176]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-4-15 245760]
S3 btwampfl;btwampfl;C:\WINDOWS\System32\drivers\btwampfl.sys [2015-12-14 223024]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-17 117248]
S3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2015-6-11 79248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-14 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-6-25 209952]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2015-10-23 207208]
S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 McAWFwk;McAfee Activation Service;C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [2015-10-23 338208]
S3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2015-6-11 419624]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2015-6-11 351144]
S3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2015-10-23 234192]
S3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2015-6-11 496368]
S3 mfencbdc;McAfee Inc. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2015-11-20 539496]
S3 mfencrk;McAfee Inc. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2015-11-20 109480]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-6-3 896768]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-15 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-15 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 wrUrlFlt;Webroot UrlFilter;C:\WINDOWS\System32\drivers\wrUrlFlt.sys [2016-1-4 54512]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-15 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 mccspsvc;McAfee CSP Service;"C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" --> C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [?]
S4 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-04-20 04:46:33 -------- d-----w- C:\FRST
2016-04-20 04:44:42 -------- d-----w- C:\Program Files (x86)\ESET
2016-04-20 04:30:56 -------- d-----w- C:\WINDOWS\pss
2016-04-15 18:00:25 9918976 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2016-04-15 17:58:34 676352 ----a-w- C:\WINDOWS\System32\WSDApi.dll
2016-04-15 17:57:51 88576 ----a-w- C:\WINDOWS\System32\AppxSysprep.dll
2016-04-04 07:33:48 -------- d-----w- C:\Program Files\iPod
2016-04-04 07:33:48 -------- d-----w- C:\Program Files (x86)\iTunes
2016-04-04 07:33:46 -------- d---a-w- C:\Program Files\iTunes
2016-04-02 14:26:30 -------- d--h--w- C:\OneDriveTemp
2016-03-28 05:20:21 -------- d-----w- C:\Program Files\Common Files\Webroot
2016-03-28 05:20:20 -------- d-----w- C:\Program Files (x86)\Common Files\Webroot
.
==================== Find3M  ====================
.
2016-04-20 04:31:26 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2016-04-15 02:33:56 54512 ----atw- C:\WINDOWS\System32\drivers\wrUrlFlt.sys
2016-04-06 18:32:08 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-04-06 18:32:08 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-04-02 04:13:14 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2016-04-02 04:10:46 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2016-04-02 04:10:39 374008 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2016-04-02 04:10:25 770640 ----a-w- C:\WINDOWS\System32\iuilp.dll
2016-04-02 03:30:16 151040 ----a-w- C:\WINDOWS\System32\VEStoreEventHandlers.dll
2016-04-02 03:29:38 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
2016-04-02 03:29:29 83968 ----a-w- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
2016-04-02 03:26:25 630272 ----a-w- C:\WINDOWS\System32\PhoneProviders.dll
2016-04-02 03:25:58 239104 ----a-w- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
2016-04-02 03:25:42 278528 ----a-w- C:\WINDOWS\System32\NotificationObjFactory.dll
2016-04-02 03:23:44 219648 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
2016-04-02 03:23:05 285696 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
2016-04-02 03:21:17 498688 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
2016-04-02 03:19:00 1054208 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2016-04-02 03:18:47 988160 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll
2016-04-02 03:15:47 1090048 ----a-w- C:\WINDOWS\System32\RDXService.dll
2016-04-02 03:14:35 3994624 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2016-04-02 03:09:17 1832448 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-04-02 03:08:48 2193408 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2016-04-02 03:07:41 2158592 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-04-02 03:07:22 3575296 ----a-w- C:\WINDOWS\System32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-02 03:03:52 4774912 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2016-04-02 03:00:39 1390080 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
2016-03-29 10:23:38 277856 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2016-03-29 10:22:12 874968 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-03-29 10:22:12 1030416 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-03-29 10:20:20 7474016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-03-29 10:20:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-03-29 10:20:19 1141504 ----a-w- C:\WINDOWS\System32\winload.exe
2016-03-29 10:20:17 2656952 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-29 10:18:46 2152280 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2016-03-29 10:15:23 100232 ----a-w- C:\WINDOWS\System32\omadmapi.dll
2016-03-29 10:05:03 1152864 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2016-03-29 10:02:09 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-03-29 10:02:02 334736 ----a-w- C:\WINDOWS\System32\policymanager.dll
2016-03-29 09:56:37 1297752 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-03-29 09:37:57 1862008 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-03-29 09:28:18 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-03-29 09:28:16 696664 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-03-29 09:25:23 58400 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
2016-03-29 09:25:13 258912 ----a-w- C:\WINDOWS\System32\drivers\ufx01000.sys
2016-03-29 09:19:37 296488 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2016-03-29 09:18:27 185184 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2016-03-29 09:17:08 300104 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-03-29 09:13:11 986976 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-03-29 09:11:53 605440 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-03-29 09:11:27 74424 ----a-w- C:\WINDOWS\System32\easinvoker.exe
2016-03-29 09:10:44 110584 ----a-w- C:\WINDOWS\System32\srvcli.dll
2016-03-29 09:09:54 78040 ----a-w- C:\WINDOWS\System32\wkscli.dll
2016-03-29 09:08:38 358752 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2016-03-29 09:08:30 261376 ----a-w- C:\WINDOWS\System32\LsaIso.exe
2016-03-29 08:44:53 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-03-29 08:44:50 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-03-29 08:41:44 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
2016-03-29 08:41:04 630632 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2016-03-29 08:32:59 253088 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-03-29 08:26:48 73872 ----a-w- C:\WINDOWS\SysWow64\srvcli.dll
2016-03-29 08:26:06 2403680 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2016-03-29 08:26:01 1089888 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2016-03-29 08:25:44 56320 ----a-w- C:\WINDOWS\SysWow64\wkscli.dll
2016-03-29 08:24:25 294752 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2016-03-29 08:21:40 378208 ----a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2016-03-29 08:17:11 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-03-29 08:16:55 26112 ----a-w- C:\WINDOWS\System32\drivers\xinputhid.sys
2016-03-29 08:07:26 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2016-03-29 08:07:14 92160 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.V2.dll
2016-03-29 08:07:14 31232 ----a-w- C:\WINDOWS\System32\wsdchngr.dll
2016-03-29 08:07:09 34816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2016-03-29 08:06:14 12800 ----a-w- C:\WINDOWS\System32\oleacchooks.dll
2016-03-29 08:06:04 45568 ----a-w- C:\WINDOWS\System32\atmlib.dll
2016-03-29 08:05:52 38912 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcWinRT.dll
2016-03-29 08:02:38 118272 ----a-w- C:\WINDOWS\System32\fontsub.dll
2016-03-29 08:01:15 541304 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2016-03-29 08:00:51 69632 ----a-w- C:\WINDOWS\System32\fveskybackup.dll
2016-03-29 08:00:40 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-03-29 08:00:23 76800 ----a-w- C:\WINDOWS\System32\NetCfgNotifyObjectHost.exe
2016-03-29 07:59:20 27648 ----a-w- C:\WINDOWS\System32\LicenseManagerShellext.exe
2016-03-29 07:58:17 69632 ----a-w- C:\WINDOWS\System32\wininetlui.dll
2016-03-29 07:57:59 95744 ----a-w- C:\WINDOWS\System32\samlib.dll
2016-03-29 07:57:44 58368 ----a-w- C:\WINDOWS\System32\browcli.dll
2016-03-29 07:57:42 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2016-03-29 07:57:22 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2016-03-29 07:55:34 36352 ----a-w- C:\WINDOWS\System32\tbauth.dll
2016-03-29 07:55:29 83968 ----a-w- C:\WINDOWS\System32\drivers\serial.sys
2016-03-29 07:55:24 120320 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2016-03-29 07:54:12 112640 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2016-03-29 07:54:03 147456 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2016-03-29 07:53:25 116224 ----a-w- C:\WINDOWS\System32\FontProvider.dll
2016-03-29 07:52:04 26112 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2016-03-29 07:51:53 167936 ----a-w- C:\WINDOWS\System32\dafBth.dll
2016-03-29 07:51:14 181248 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2016-03-29 07:51:06 87040 ----a-w- C:\WINDOWS\System32\tzautoupdate.dll
2016-03-29 07:50:52 107520 ----a-w- C:\WINDOWS\System32\BdeHdCfgLib.dll
2016-03-29 07:50:25 66048 ----a-w- C:\WINDOWS\System32\OnDemandConnRouteHelper.dll
2016-03-29 07:50:15 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2016-03-29 07:50:11 33280 ----a-w- C:\WINDOWS\System32\wuautoappupdate.dll
.
============= FINISH: 23:53:29.09 ===============
 


#2 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 25 April 2016 - 05:53 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by djken (administrator) on DESKTOP-3JTJ13L (19-04-2016 23:50:48)
Running from C:\Users\djken\Desktop\DS
Loaded Profiles: djken (Available Profiles: djken)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)
Winlogon\Notify\!SASWinLogon: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017280 2010-05-06] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\...\RunOnce: [Uninstall C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-01-04]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{b0669201-17b3-41bc-b300-5fd1898c653d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{d5c356a5-5da4-4545-bfd7-20b1ccd4bd5e}: [DhcpNameServer] 192.168.123.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2567572015-817838235-4254248779-1001 -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-01-11] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-14] (Webroot)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-01-11] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-14] (Webroot)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-01-11] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-01-11] (Webroot)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-03-03] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-10-23]
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://mail.google.com/mail/u/0/?zx=7807zed2on15#inbox
CHR Profile: C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-14]
CHR Extension: (Google Docs) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-14]
CHR Extension: (Google Drive) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-14]
CHR Extension: (YouTube) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-14]
CHR Extension: (Google Search) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-14]
CHR Extension: (Google Sheets) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-14]
CHR Extension: (Google Docs Offline) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-14]
CHR Extension: (Webroot Filtering Extension) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-01-11]
CHR Extension: (Webroot Password Manager) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc [2016-01-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-14]
CHR Extension: (Gmail) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-14]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2015-12-14] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-14] (Dropbox, Inc.)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
S3 MessagingService_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 MessagingService_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 OneSyncSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S2 OneSyncSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_3e060; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_3e060; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
S3 PimIndexMaintenanceSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-01-15] (Realtek Semiconductor)
S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-07-02] (Advanced Micro Devices, Inc.)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2016-03-29] (Microsoft Corporation)
S3 UnistoreSvc_13dd3; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_1632ab1; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_39d32; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_43b79; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_46d97; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_48093; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4a757; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4ae46; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4f7af; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5206a; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_52d88; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_534fa; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5365c; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_70fc4; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7c0f3; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7dd89; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_b7b21; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_d1230; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-12-17] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WRSVC; C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-07-02] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-07-22] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-07-02] (Advanced Micro Devices, Inc. )
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2015-12-14] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-07-08] (Broadcom Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows ® Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [245760 2016-03-29] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-30] (Intel® Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-30] (Intel Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [68168 2010-05-06] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-01-04] (Webroot)
S3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [54512 2016-04-14] (Webroot)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-19 23:46 - 2016-04-19 23:50 - 00000000 ____D C:\FRST
2016-04-19 23:44 - 2016-04-19 23:44 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-19 23:32 - 2016-04-19 23:32 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-19 23:30 - 2016-04-19 23:30 - 00000000 ____D C:\WINDOWS\pss
2016-04-19 17:13 - 2016-04-19 17:13 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-04-18 10:36 - 2016-04-18 10:36 - 00000000 _____ C:\Users\djken\AppData\Local\{2FEBD302-5673-40FA-9B6B-A168FCC3BD12}
2016-04-18 02:55 - 2016-04-18 02:55 - 00000000 _____ C:\Users\djken\AppData\Local\{8E65E9F2-2073-4D53-B337-5804C4235E34}
2016-04-17 21:50 - 2016-04-17 23:37 - 950023390 _____ C:\Users\djken\Downloads\MiaMalkova.mp4.rar
2016-04-17 16:16 - 2016-04-17 20:15 - 693010229 _____ C:\Users\djken\Downloads\11Elsa_Julia.mp4
2016-04-16 15:50 - 2016-04-16 16:34 - 260571793 _____ C:\Users\djken\Downloads\ir-rico-brooke.mp4
2016-04-16 15:49 - 2016-04-16 19:56 - 733476866 _____ C:\Users\djken\Downloads\14Kim6.wmv
2016-04-15 13:00 - 2016-03-29 00:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-15 12:59 - 2016-04-01 22:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-15 12:59 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-15 12:59 - 2016-04-01 22:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-15 12:59 - 2016-04-01 22:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-15 12:59 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-15 12:59 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-15 12:59 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-15 12:59 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-15 12:59 - 2016-03-29 03:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-15 12:59 - 2016-03-29 03:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-15 12:59 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-15 12:59 - 2016-03-29 03:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-15 12:59 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-15 12:59 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-15 12:59 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-15 12:59 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-15 12:59 - 2016-03-29 03:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-15 12:59 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-15 12:59 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-15 12:59 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-15 12:59 - 2016-03-29 02:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-15 12:59 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-15 12:59 - 2016-03-29 02:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-15 12:59 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-15 12:59 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-15 12:59 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-15 12:59 - 2016-03-29 02:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-15 12:59 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-15 12:59 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-15 12:59 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-15 12:59 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-15 12:59 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-15 12:59 - 2016-03-29 02:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-15 12:59 - 2016-03-29 01:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-15 12:59 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-15 12:59 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-15 12:59 - 2016-03-29 01:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-15 12:59 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-15 12:59 - 2016-03-29 01:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-15 12:59 - 2016-03-29 01:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-15 12:59 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-15 12:59 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 12:59 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-15 12:59 - 2016-03-29 01:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-15 12:59 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-15 12:59 - 2016-03-29 01:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-15 12:59 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-15 12:59 - 2016-03-29 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-15 12:59 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-15 12:59 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-15 12:59 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-15 12:59 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-15 12:59 - 2016-03-29 01:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-15 12:59 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-15 12:59 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-15 12:59 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-15 12:59 - 2016-03-29 01:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-15 12:59 - 2016-03-29 01:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-15 12:59 - 2016-03-29 01:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-15 12:59 - 2016-03-29 01:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-15 12:59 - 2016-03-29 00:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-15 12:59 - 2016-03-29 00:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-15 12:59 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-15 12:59 - 2016-03-29 00:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-15 12:59 - 2016-03-29 00:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-15 12:59 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-15 12:59 - 2016-03-29 00:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-15 12:59 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-15 12:59 - 2016-03-29 00:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-15 12:59 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-15 12:59 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-15 12:58 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-15 12:58 - 2016-04-01 23:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-15 12:58 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-15 12:58 - 2016-04-01 22:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-15 12:58 - 2016-04-01 22:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-15 12:58 - 2016-04-01 22:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-15 12:58 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-15 12:58 - 2016-04-01 22:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-15 12:58 - 2016-04-01 22:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-15 12:58 - 2016-04-01 22:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-15 12:58 - 2016-04-01 22:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-15 12:58 - 2016-04-01 22:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-15 12:58 - 2016-04-01 22:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-15 12:58 - 2016-04-01 22:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-15 12:58 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-15 12:58 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-15 12:58 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-15 12:58 - 2016-03-29 05:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-15 12:58 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-15 12:58 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-15 12:58 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-15 12:58 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-15 12:58 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-15 12:58 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-15 12:58 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-15 12:58 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-15 12:58 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-15 12:58 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-15 12:58 - 2016-03-29 04:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-15 12:58 - 2016-03-29 04:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-15 12:58 - 2016-03-29 04:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-15 12:58 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-15 12:58 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-15 12:58 - 2016-03-29 04:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-15 12:58 - 2016-03-29 04:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-15 12:58 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-15 12:58 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-15 12:58 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-15 12:58 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-15 12:58 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-15 12:58 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-15 12:58 - 2016-03-29 03:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-15 12:58 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-15 12:58 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-15 12:58 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-15 12:58 - 2016-03-29 03:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-15 12:58 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-15 12:58 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-15 12:58 - 2016-03-29 03:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-15 12:58 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-15 12:58 - 2016-03-29 03:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-15 12:58 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-15 12:58 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-15 12:58 - 2016-03-29 03:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-15 12:58 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-15 12:58 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-15 12:58 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-15 12:58 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-15 12:58 - 2016-03-29 02:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-15 12:58 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-15 12:58 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-15 12:58 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-15 12:58 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-15 12:58 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-15 12:58 - 2016-03-29 02:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.

#3 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 25 April 2016 - 05:53 PM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 12/17/2015 4:41:27 AM
System Uptime: 4/19/2016 11:31:40 PM (0 hours ago)
.
Motherboard: HP |  | 2B29
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics     | CPU 1 | 1996/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 98.323 GiB free.
D: is FIXED (NTFS) - 18 GiB total, 2.334 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 4/19/2016 7:03:03 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
12 Labours of Hercules III: Girl Power
AMD Catalyst Control Center
AMD Catalyst Install Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Azkend 2: The World Beneath
Barn Yarn Collector's Edition
Bonjour
Broadcom 802.11 Network Adapter
Broadcom Bluetooth Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Coyote The Outlander
Cyberlink PhotoDirector
CyberLink Power Media Player 14
CyberLink PowerDirector 12
Delicious: Emily's Wonder Wedding Premium Edition
Dropbox
Dropbox 25 GB
Dropbox Update Helper
Energy Star
Entwined: The Perfect Murder
Evernote v. 5.8.6
Family Vacation 2: Road Trip
Google Chrome
Google Earth
Google Update Helper
Home Makeover
HP Customer Experience Enhancements
HP Documentation
HP ePrint Windows Driver
HP ESU for Microsoft Windows 10
HP Recovery Manager
HP Registration Service
HP Support Assistant
HP Support Information
HP Support Solutions Framework
HP Welcome
iCloud
IGT Slots: Paradise Garden
Imperial Island: Birth of an Empire
iTunes
Jewel Match Snowscapes
Living Legends: Frozen Beauty Collector's Edition
Lost Lands: Dark Overlord Collector's Edition
Lost Souls: Timeless Fables Collector's Edition
Magic Heroes: Save Our Park
Manor Memoirs Collector's Edition
McAfee LiveSafe
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mystery Expedition: Prisoners of Ice
PeaZip 5.5.1
Plagiarii
Polar Bowler 1st Frame
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Runefall
Rush Hour! Gas Station
Sky High Farm
SUPERAntiSpyware Professional
Update Installer for WildTangent Games App
VLC media player
Webroot SecureAnywhere
WildTangent Games
WildTangent Games App for HP
.
==== Event Viewer Messages From Past Week ========
.
4/19/2016 5:27:50 PM, Error: Service Control Manager [7023]  - The Interactive Services Detection service terminated with the following error:  Incorrect function.
4/19/2016 5:16:54 PM, Error: Service Control Manager [7022]  - The McAfee Proxy Service service hung on starting.
4/19/2016 5:14:57 PM, Error: Service Control Manager [7022]  - The McAfee Personal Firewall Service service hung on starting.
4/19/2016 5:14:16 PM, Error: Service Control Manager [7022]  - The McAfee Home Network service hung on starting.
4/19/2016 5:10:59 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
4/19/2016 5:10:59 PM, Error: Service Control Manager [7000]  - The Windows Modules Installer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:10:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
4/19/2016 5:10:44 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HPSupportSolutionsFrameworkService service to connect.
4/19/2016 5:10:44 PM, Error: Service Control Manager [7000]  - The HP Support Solutions Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:08:05 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the gupdate service to connect.
4/19/2016 5:07:35 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the GamesAppIntegrationService service to connect.
4/19/2016 5:07:35 PM, Error: Service Control Manager [7000]  - The GamesAppIntegrationService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:04:34 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the PEFService service to connect.
4/19/2016 5:04:34 PM, Error: Service Control Manager [7000]  - The PEFService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:03:39 PM, Error: Service Control Manager [7000]  - The wrUrlFlt service failed to start due to the following error:  There are no more endpoints available from the endpoint mapper.
4/19/2016 12:16:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
4/19/2016 12:16:01 PM, Error: Service Control Manager [7000]  - The Software Protection service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 11:53:27 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:53:27 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:53:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/19/2016 11:52:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/19/2016 11:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
4/19/2016 11:52:07 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/19/2016 11:48:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/19/2016 11:46:10 PM, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:43:21 PM, Error: Service Control Manager [7000]  - The McAfee Inc. mfehidk service failed to start due to the following error:  The operation completed successfully.
4/19/2016 11:43:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
4/19/2016 11:43:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
4/19/2016 11:43:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
4/19/2016 11:35:47 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Defender Service service to connect.
4/19/2016 11:35:47 AM, Error: Service Control Manager [7000]  - The Windows Defender Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 11:32:45 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/19/2016 11:31:56 PM, Error: Service Control Manager [7001]  - The NlaSvc service depends on the Dhcp service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The WinHttpAutoProxySvc service depends on the Dhcp service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb20 service depends on the mrxsmb service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb10 service depends on the mrxsmb service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb service depends on the rdbss service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mfevtp service depends on the mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The LanmanWorkstation service depends on the nsi service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The iphlpsvc service depends on the WinHttpAutoProxySvc service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The IKEEXT service depends on the nsi service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The nsi service depends on the nsiproxy service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The Dnscache service depends on the tdx service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The Dhcp service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:17 PM, Error: Service Control Manager [7024]  - The Delivery Optimization service terminated with the following service-specific error:  The class is configured to run as a security id different from the caller
4/19/2016 11:31:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
4/19/2016 11:29:28 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.
4/19/2016 11:29:07 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-3JTJ13L\djken SID (S-1-5-21-2567572015-817838235-4254248779-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
4/19/2016 11:28:28 PM, Error: Application Popup [1060]  - 
4/19/2016 11:23:42 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
4/19/2016 11:20:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
4/19/2016 10:14:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
4/19/2016 10:14:43 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 10:14:43 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/18/2016 9:18:26 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Boot Delay Start Service service to connect.
4/18/2016 9:18:26 PM, Error: Service Control Manager [7000]  - The McAfee Boot Delay Start Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Personal Firewall Service service to connect.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7000]  - The McAfee Platform Services service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7000]  - The McAfee Personal Firewall Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "Unavailable" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
4/18/2016 8:30:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
4/18/2016 8:30:43 PM, Error: Service Control Manager [7000]  - The McAfee Home Network service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Home Network service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 2:32:10 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca
4/18/2016 2:27:39 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect.
4/18/2016 2:27:39 PM, Error: Service Control Manager [7000]  - The Client License Service (ClipSVC) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 2:22:57 AM, Error: Volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
4/18/2016 2:08:40 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
4/18/2016 12:57:36 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NcdAutoSetup service.
4/18/2016 11:45:51 AM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
4/18/2016 11:32:01 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
4/18/2016 11:14:17 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXwmnqm0nvq2b90pwvr42qmtdjp7cj3w82.mca
4/18/2016 11:07:40 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
4/18/2016 11:07:40 PM, Error: Service Control Manager [7000]  - The McAfee Anti-Spam Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 10:50:27 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
4/18/2016 10:49:38 AM, Error: Service Control Manager [7022]  - The Microsoft Account Sign-in Assistant service hung on starting.
4/18/2016 10:49:33 AM, Error: Service Control Manager [7022]  - The Geolocation Service service hung on starting.
4/18/2016 10:49:03 AM, Error: Service Control Manager [7022]  - The Dropbox Update Service (dbupdate) service hung on starting.
4/18/2016 10:47:57 AM, Error: Service Control Manager [7022]  - The Background Intelligent Transfer Service service hung on starting.
4/18/2016 10:10:28 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel Security PEF Service service to connect.
4/18/2016 10:10:28 PM, Error: Service Control Manager [7000]  - The Intel Security PEF Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:44:23 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Downloaded Maps Manager service to connect.
4/18/2016 1:44:23 PM, Error: Service Control Manager [7000]  - The Downloaded Maps Manager service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:39:03 PM, Error: Service Control Manager [7022]  - The Delivery Optimization service hung on starting.
4/18/2016 1:36:58 PM, Error: Service Control Manager [7000]  - The Dropbox Update Service (dbupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:36:57 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dropbox Update Service (dbupdate) service to connect.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:03:30 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The User Manager service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Update Orchestrator Service service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Network Setup Service service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Application Information service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Geolocation Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/13/2016 11:44:06 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Home Network service, but this action failed with the following error:  An instance of the service is already running.
.
==== End Of File ===========================
 


#4 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 25 April 2016 - 05:54 PM

And that's all I could get. Every other virus scan I ran froze up or wouldn't finish. I have McAfee and Webroot. Neither have been able to turn up anything. 


Edited by DK1980, 25 April 2016 - 05:57 PM.


#5 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 27 April 2016 - 05:42 AM

Hello, Welcome to SpywareInfoForum.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

There is no indication of malware on this computer.
This fix will only remove the restrictions on the Browser and do a maintenace cleanup.

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.


Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-14]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" [X]
C:\Users\djken\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\djken\AppData\Local\Temp\tmp8A5B.exe
C:\Users\djken\AppData\Local\Temp\tmpCC31.exe
C:\Users\djken\AppData\Local\Temp\tmpFBB5.exe
C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

===

Althought McAfee and Webroot should work well toghether I suggest you disable McAfee and see if the problem persists.
Let me know if you have had both of these programs for some time or you installed one recently.
===

If you can restore your system to a date prior to the start of this problem?


Execute the instruction under this section of the page..
3. Restore your PC
http://home.bt.com/t...-11364008291943
===

Let me know what you have done and if the problem persists.
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#6 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 28 April 2016 - 02:40 AM

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by djken (2016-04-28 00:44:56) Run:1
Running from C:\Users\djken\Desktop\DS
Loaded Profiles: djken (Available Profiles: djken)
Boot Mode: Safe Mode (minimal)
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-14]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" [X]
C:\Users\djken\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\djken\AppData\Local\Temp\tmp8A5B.exe
C:\Users\djken\AppData\Local\Temp\tmpCC31.exe
C:\Users\djken\AppData\Local\Temp\tmpFBB5.exe
C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
End
 
 
 
*****************
 
Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc" => key removed successfully
mccspsvc => service removed successfully
C:\Users\djken\AppData\Local\Temp\SSUPDATE.EXE => moved successfully
C:\Users\djken\AppData\Local\Temp\tmp8A5B.exe => moved successfully
C:\Users\djken\AppData\Local\Temp\tmpCC31.exe => moved successfully
C:\Users\djken\AppData\Local\Temp\tmpFBB5.exe => moved successfully
"C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => File/Folder not found.
EmptyTemp: => 2.2 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 00:47:47 ====


#7 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 28 April 2016 - 02:40 AM

I couldn't do a system restore outside of safe mode, and in safe mode I couldn't figure out how to create a restore point. It had an automatic restore point that didn't go back to before the problem started. 



#8 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 28 April 2016 - 06:02 AM

Refer to this article.
http://www.tenforums...ndows-10-a.html

Execute the instructions in section 5. To Start Windows 10 in Normal Mode.

If the problem persists I suggest you start a new topic in this Windows 10 Forum.
The problem is not caused by malware and this is not my forte.


http://www.bleepingc...ows-10-support/
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760

#9 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 09 May 2016 - 12:13 PM

Computer is painfully slow and freezes up whenever I'm not in Safe Mode. I've tried to do a System Restore but haven't been able to figure out how to do it in Safe Mode. The logs I'm posting were the only ones I was able to get. 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.10586.20
Run by djken at 23:52:07 on 2016-04-19
Microsoft Windows 10 Home  10.0.10586.0.1252.1.1033.18.7864.6896 [GMT -5:00]
.
AV: Webroot SecureAnywhere *Disabled/Updated* {4646A877-74EB-CD3B-8FDB-210DB94FA61A}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Webroot SecureAnywhere *Disabled/Updated* {FD274993-52D1-C2B5-B56B-1A7FC2C8ECA7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\helppane.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
C:\Program Files\Webroot\WRSA.exe
C:\Program Files\Webroot\WRSA.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar.dll
uRun: [OneDrive] "C:\Users\djken\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [WRSVC] "C:\Program Files\Webroot\WRSA.exe" -ul
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\INSTAL~1.LNK - C:\Program Files (x86)\Common Files\wruninstall.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{b0669201-17b3-41bc-b300-5fd1898c653d} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{d5c356a5-5da4-4545-bfd7-20b1ccd4bd5e} : DHCPNameServer = 192.168.123.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Webroot Vault: {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-BHO: Webroot Filtering Extension: {C9C42510-9B41-42c1-9DCD-7282A2D07C61} - C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll
x64-TB: Webroot Toolbar: {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} - C:\ProgramData\WRData\PKG\LPBar64.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-7-22 73976]
R0 amdpsp;AMD PSP Service;C:\WINDOWS\System32\drivers\amdpsp.sys [2015-7-2 277240]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2015-6-11 245096]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R0 WRkrn;WRkrn;C:\WINDOWS\System32\drivers\WRkrn.sys [2016-1-4 117728]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
R3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
R3 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
R3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
R3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
R3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-10-23 402136]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
R3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2015-6-11 83096]
S0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2015-6-11 846080]
S1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
S1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
S1 SASDIFSV;SASDIFSV;C:\Program Files (x86)\SUPERAntiSpyware\sasdifsv.sys [2010-2-17 12872]
S1 SASKUTIL;SASKUTIL;C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [2010-5-6 68168]
S2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-7-22 245760]
S2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
S2 BcmBtRSupport;Bluetooth Driver Management Service;C:\WINDOWS\System32\BtwRSupportService.exe [2015-12-14 2286848]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-14 143144]
S2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-6-25 349728]
S2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-11 26680]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2015-4-7 863448]
S2 mcbootdelaystartsvc;McAfee Boot Delay Start Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-10-23 380896]
S2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2015-10-23 275368]
S2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2016-2-27 896456]
S2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2015-10-23 389896]
S2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-6-5 316152]
S2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
S2 tbaseprovisioning;tbaseprovisioning;C:\Windows\SysWOW64\tbaseprovisioning.exe [2015-7-2 60432]
S2 WRSVC;WRSVC;C:\Program Files\Webroot\WRSA.exe [2016-1-4 873072]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 amdkmcsp;AMD Kernel Mode CSP Service;C:\WINDOWS\System32\drivers\amdkmcsp.sys [2015-7-2 101104]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-7-22 102912]
S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\WINDOWS\System32\drivers\bcbtums.sys [2015-12-14 208176]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-4-15 245760]
S3 btwampfl;btwampfl;C:\WINDOWS\System32\drivers\btwampfl.sys [2015-12-14 223024]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-17 117248]
S3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2015-6-11 79248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-14 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2015-6-25 209952]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2015-10-23 207208]
S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 McAWFwk;McAfee Activation Service;C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [2015-10-23 338208]
S3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2015-6-11 419624]
S3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2015-6-11 351144]
S3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2015-10-23 234192]
S3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2015-6-11 496368]
S3 mfencbdc;McAfee Inc. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2015-11-20 539496]
S3 mfencrk;McAfee Inc. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2015-11-20 109480]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-6-3 896768]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-15 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-15 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 wrUrlFlt;Webroot UrlFilter;C:\WINDOWS\System32\drivers\wrUrlFlt.sys [2016-1-4 54512]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-15 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 mccspsvc;McAfee CSP Service;"C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" --> C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe [?]
S4 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-10-23 453520]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-04-20 04:46:33 -------- d-----w- C:\FRST
2016-04-20 04:44:42 -------- d-----w- C:\Program Files (x86)\ESET
2016-04-20 04:30:56 -------- d-----w- C:\WINDOWS\pss
2016-04-15 18:00:25 9918976 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2016-04-15 17:58:34 676352 ----a-w- C:\WINDOWS\System32\WSDApi.dll
2016-04-15 17:57:51 88576 ----a-w- C:\WINDOWS\System32\AppxSysprep.dll
2016-04-04 07:33:48 -------- d-----w- C:\Program Files\iPod
2016-04-04 07:33:48 -------- d-----w- C:\Program Files (x86)\iTunes
2016-04-04 07:33:46 -------- d---a-w- C:\Program Files\iTunes
2016-04-02 14:26:30 -------- d--h--w- C:\OneDriveTemp
2016-03-28 05:20:21 -------- d-----w- C:\Program Files\Common Files\Webroot
2016-03-28 05:20:20 -------- d-----w- C:\Program Files (x86)\Common Files\Webroot
.
==================== Find3M  ====================
.
2016-04-20 04:31:26 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2016-04-15 02:33:56 54512 ----atw- C:\WINDOWS\System32\drivers\wrUrlFlt.sys
2016-04-06 18:32:08 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-04-06 18:32:08 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-04-02 04:13:14 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2016-04-02 04:10:46 730344 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2016-04-02 04:10:39 374008 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2016-04-02 04:10:25 770640 ----a-w- C:\WINDOWS\System32\iuilp.dll
2016-04-02 03:30:16 151040 ----a-w- C:\WINDOWS\System32\VEStoreEventHandlers.dll
2016-04-02 03:29:38 127488 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll
2016-04-02 03:29:29 83968 ----a-w- C:\WINDOWS\SysWow64\VEDataLayerHelpers.dll
2016-04-02 03:26:25 630272 ----a-w- C:\WINDOWS\System32\PhoneProviders.dll
2016-04-02 03:25:58 239104 ----a-w- C:\WINDOWS\SysWow64\NotificationObjFactory.dll
2016-04-02 03:25:42 278528 ----a-w- C:\WINDOWS\System32\NotificationObjFactory.dll
2016-04-02 03:23:44 219648 ----a-w- C:\WINDOWS\SysWow64\VEEventDispatcher.dll
2016-04-02 03:23:05 285696 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll
2016-04-02 03:21:17 498688 ----a-w- C:\WINDOWS\System32\tileobjserver.dll
2016-04-02 03:19:00 1054208 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2016-04-02 03:18:47 988160 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll
2016-04-02 03:15:47 1090048 ----a-w- C:\WINDOWS\System32\RDXService.dll
2016-04-02 03:14:35 3994624 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2016-04-02 03:09:17 1832448 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll
2016-04-02 03:08:48 2193408 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2016-04-02 03:07:41 2158592 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2016-04-02 03:07:22 3575296 ----a-w- C:\WINDOWS\System32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-02 03:03:52 4774912 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2016-04-02 03:00:39 1390080 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
2016-03-29 10:23:38 277856 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys
2016-03-29 10:22:12 874968 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-03-29 10:22:12 1030416 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-03-29 10:20:20 7474016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-03-29 10:20:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-03-29 10:20:19 1141504 ----a-w- C:\WINDOWS\System32\winload.exe
2016-03-29 10:20:17 2656952 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-03-29 10:18:46 2152280 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2016-03-29 10:15:23 100232 ----a-w- C:\WINDOWS\System32\omadmapi.dll
2016-03-29 10:05:03 1152864 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2016-03-29 10:02:09 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-03-29 10:02:02 334736 ----a-w- C:\WINDOWS\System32\policymanager.dll
2016-03-29 09:56:37 1297752 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-03-29 09:37:57 1862008 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-03-29 09:28:18 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-03-29 09:28:16 696664 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-03-29 09:25:23 58400 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.dll
2016-03-29 09:25:13 258912 ----a-w- C:\WINDOWS\System32\drivers\ufx01000.sys
2016-03-29 09:19:37 296488 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2016-03-29 09:18:27 185184 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys
2016-03-29 09:17:08 300104 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-03-29 09:13:11 986976 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-03-29 09:11:53 605440 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-03-29 09:11:27 74424 ----a-w- C:\WINDOWS\System32\easinvoker.exe
2016-03-29 09:10:44 110584 ----a-w- C:\WINDOWS\System32\srvcli.dll
2016-03-29 09:09:54 78040 ----a-w- C:\WINDOWS\System32\wkscli.dll
2016-03-29 09:08:38 358752 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2016-03-29 09:08:30 261376 ----a-w- C:\WINDOWS\System32\LsaIso.exe
2016-03-29 08:44:53 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-03-29 08:44:50 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-03-29 08:41:44 51128 ----a-w- C:\WINDOWS\SysWow64\SensorsNativeApi.dll
2016-03-29 08:41:04 630632 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2016-03-29 08:32:59 253088 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-03-29 08:26:48 73872 ----a-w- C:\WINDOWS\SysWow64\srvcli.dll
2016-03-29 08:26:06 2403680 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2016-03-29 08:26:01 1089888 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2016-03-29 08:25:44 56320 ----a-w- C:\WINDOWS\SysWow64\wkscli.dll
2016-03-29 08:24:25 294752 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2016-03-29 08:21:40 378208 ----a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS
2016-03-29 08:17:11 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-03-29 08:16:55 26112 ----a-w- C:\WINDOWS\System32\drivers\xinputhid.sys
2016-03-29 08:07:26 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2016-03-29 08:07:14 92160 ----a-w- C:\WINDOWS\System32\SensorsNativeApi.V2.dll
2016-03-29 08:07:14 31232 ----a-w- C:\WINDOWS\System32\wsdchngr.dll
2016-03-29 08:07:09 34816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2016-03-29 08:06:14 12800 ----a-w- C:\WINDOWS\System32\oleacchooks.dll
2016-03-29 08:06:04 45568 ----a-w- C:\WINDOWS\System32\atmlib.dll
2016-03-29 08:05:52 38912 ----a-w- C:\WINDOWS\apppatch\apppatch64\AcWinRT.dll
2016-03-29 08:02:38 118272 ----a-w- C:\WINDOWS\System32\fontsub.dll
2016-03-29 08:01:15 541304 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2016-03-29 08:00:51 69632 ----a-w- C:\WINDOWS\System32\fveskybackup.dll
2016-03-29 08:00:40 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-03-29 08:00:23 76800 ----a-w- C:\WINDOWS\System32\NetCfgNotifyObjectHost.exe
2016-03-29 07:59:20 27648 ----a-w- C:\WINDOWS\System32\LicenseManagerShellext.exe
2016-03-29 07:58:17 69632 ----a-w- C:\WINDOWS\System32\wininetlui.dll
2016-03-29 07:57:59 95744 ----a-w- C:\WINDOWS\System32\samlib.dll
2016-03-29 07:57:44 58368 ----a-w- C:\WINDOWS\System32\browcli.dll
2016-03-29 07:57:42 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2016-03-29 07:57:22 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2016-03-29 07:55:34 36352 ----a-w- C:\WINDOWS\System32\tbauth.dll
2016-03-29 07:55:29 83968 ----a-w- C:\WINDOWS\System32\drivers\serial.sys
2016-03-29 07:55:24 120320 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2016-03-29 07:54:12 112640 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2016-03-29 07:54:03 147456 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2016-03-29 07:53:25 116224 ----a-w- C:\WINDOWS\System32\FontProvider.dll
2016-03-29 07:52:04 26112 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2016-03-29 07:51:53 167936 ----a-w- C:\WINDOWS\System32\dafBth.dll
2016-03-29 07:51:14 181248 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2016-03-29 07:51:06 87040 ----a-w- C:\WINDOWS\System32\tzautoupdate.dll
2016-03-29 07:50:52 107520 ----a-w- C:\WINDOWS\System32\BdeHdCfgLib.dll
2016-03-29 07:50:25 66048 ----a-w- C:\WINDOWS\System32\OnDemandConnRouteHelper.dll
2016-03-29 07:50:15 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2016-03-29 07:50:11 33280 ----a-w- C:\WINDOWS\System32\wuautoappupdate.dll
.
============= FINISH: 23:53:29.09 ===============
 


#10 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 09 May 2016 - 12:13 PM

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 12/17/2015 4:41:27 AM
System Uptime: 4/19/2016 11:31:40 PM (0 hours ago)
.
Motherboard: HP |  | 2B29
Processor: AMD A8-6410 APU with AMD Radeon R5 Graphics     | CPU 1 | 1996/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 912 GiB total, 98.323 GiB free.
D: is FIXED (NTFS) - 18 GiB total, 2.334 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP22: 4/19/2016 7:03:03 PM - Scheduled Checkpoint
.
==== Installed Programs ======================
.
12 Labours of Hercules III: Girl Power
AMD Catalyst Control Center
AMD Catalyst Install Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Azkend 2: The World Beneath
Barn Yarn Collector's Edition
Bonjour
Broadcom 802.11 Network Adapter
Broadcom Bluetooth Drivers
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Coyote The Outlander
Cyberlink PhotoDirector
CyberLink Power Media Player 14
CyberLink PowerDirector 12
Delicious: Emily's Wonder Wedding Premium Edition
Dropbox
Dropbox 25 GB
Dropbox Update Helper
Energy Star
Entwined: The Perfect Murder
Evernote v. 5.8.6
Family Vacation 2: Road Trip
Google Chrome
Google Earth
Google Update Helper
Home Makeover
HP Customer Experience Enhancements
HP Documentation
HP ePrint Windows Driver
HP ESU for Microsoft Windows 10
HP Recovery Manager
HP Registration Service
HP Support Assistant
HP Support Information
HP Support Solutions Framework
HP Welcome
iCloud
IGT Slots: Paradise Garden
Imperial Island: Birth of an Empire
iTunes
Jewel Match Snowscapes
Living Legends: Frozen Beauty Collector's Edition
Lost Lands: Dark Overlord Collector's Edition
Lost Souls: Timeless Fables Collector's Edition
Magic Heroes: Save Our Park
Manor Memoirs Collector's Edition
McAfee LiveSafe
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Mystery Expedition: Prisoners of Ice
PeaZip 5.5.1
Plagiarii
Polar Bowler 1st Frame
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Runefall
Rush Hour! Gas Station
Sky High Farm
SUPERAntiSpyware Professional
Update Installer for WildTangent Games App
VLC media player
Webroot SecureAnywhere
WildTangent Games
WildTangent Games App for HP
.
==== Event Viewer Messages From Past Week ========
.
4/19/2016 5:27:50 PM, Error: Service Control Manager [7023]  - The Interactive Services Detection service terminated with the following error:  Incorrect function.
4/19/2016 5:16:54 PM, Error: Service Control Manager [7022]  - The McAfee Proxy Service service hung on starting.
4/19/2016 5:14:57 PM, Error: Service Control Manager [7022]  - The McAfee Personal Firewall Service service hung on starting.
4/19/2016 5:14:16 PM, Error: Service Control Manager [7022]  - The McAfee Home Network service hung on starting.
4/19/2016 5:10:59 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
4/19/2016 5:10:59 PM, Error: Service Control Manager [7000]  - The Windows Modules Installer service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:10:59 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "Unavailable" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
4/19/2016 5:10:44 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HPSupportSolutionsFrameworkService service to connect.
4/19/2016 5:10:44 PM, Error: Service Control Manager [7000]  - The HP Support Solutions Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:08:05 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the gupdate service to connect.
4/19/2016 5:07:35 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the GamesAppIntegrationService service to connect.
4/19/2016 5:07:35 PM, Error: Service Control Manager [7000]  - The GamesAppIntegrationService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:04:34 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the PEFService service to connect.
4/19/2016 5:04:34 PM, Error: Service Control Manager [7000]  - The PEFService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 5:03:39 PM, Error: Service Control Manager [7000]  - The wrUrlFlt service failed to start due to the following error:  There are no more endpoints available from the endpoint mapper.
4/19/2016 12:16:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
4/19/2016 12:16:01 PM, Error: Service Control Manager [7000]  - The Software Protection service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 11:53:27 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:53:27 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:53:27 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
4/19/2016 11:52:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
4/19/2016 11:52:56 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
4/19/2016 11:52:07 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
4/19/2016 11:48:18 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/19/2016 11:46:10 PM, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:43:21 PM, Error: Service Control Manager [7000]  - The McAfee Inc. mfehidk service failed to start due to the following error:  The operation completed successfully.
4/19/2016 11:43:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40}
4/19/2016 11:43:21 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {C90134D2-4AE9-407A-919A-4A2EF09C6C51}
4/19/2016 11:43:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "Unavailable" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06}
4/19/2016 11:35:47 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Defender Service service to connect.
4/19/2016 11:35:47 AM, Error: Service Control Manager [7000]  - The Windows Defender Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 11:32:45 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
4/19/2016 11:31:56 PM, Error: Service Control Manager [7001]  - The NlaSvc service depends on the Dhcp service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The WinHttpAutoProxySvc service depends on the Dhcp service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb20 service depends on the mrxsmb service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb10 service depends on the mrxsmb service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mrxsmb service depends on the rdbss service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The mfevtp service depends on the mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The LanmanWorkstation service depends on the nsi service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The iphlpsvc service depends on the WinHttpAutoProxySvc service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:55 PM, Error: Service Control Manager [7001]  - The IKEEXT service depends on the nsi service which failed to start because of the following error:  The dependency service or group failed to start.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The nsi service depends on the nsiproxy service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The Dnscache service depends on the tdx service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:54 PM, Error: Service Control Manager [7001]  - The Dhcp service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
4/19/2016 11:31:17 PM, Error: Service Control Manager [7024]  - The Delivery Optimization service terminated with the following service-specific error:  The class is configured to run as a security id different from the caller
4/19/2016 11:31:03 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
4/19/2016 11:29:28 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the mfemms service.
4/19/2016 11:29:07 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID  {C2F03A33-21F5-47FA-B4BB-156362A2F239}  and APPID  {316CDED5-E4AE-4B15-9113-7055D84DCC97}  to the user DESKTOP-3JTJ13L\djken SID (S-1-5-21-2567572015-817838235-4254248779-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
4/19/2016 11:28:28 PM, Error: Application Popup [1060]  - 
4/19/2016 11:23:42 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
4/19/2016 11:20:05 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
4/19/2016 10:14:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
4/19/2016 10:14:43 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/19/2016 10:14:43 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
4/18/2016 9:18:26 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Boot Delay Start Service service to connect.
4/18/2016 9:18:26 PM, Error: Service Control Manager [7000]  - The McAfee Boot Delay Start Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Platform Services service to connect.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Personal Firewall Service service to connect.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7000]  - The McAfee Platform Services service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Service Control Manager [7000]  - The McAfee Personal Firewall Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:31:24 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service mcpltsvc with arguments "Unavailable" in order to run the server: {20966775-18A4-4299-B8E3-772C336B52A7}
4/18/2016 8:30:43 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Home Network service to connect.
4/18/2016 8:30:43 PM, Error: Service Control Manager [7000]  - The McAfee Home Network service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Platform Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Personal Firewall Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 8:29:36 PM, Error: Service Control Manager [7031]  - The McAfee Home Network service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/18/2016 2:32:10 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppXv1pa150fssxfwf8qn0j65z3gp1qhwkcs.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:x4c7a3b7dy2188y46d4ya362y19ac5a5805e5x.AppX368sbpk1kx658x0p332evjk2v0y02kxp.mca
4/18/2016 2:27:39 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Client License Service (ClipSVC) service to connect.
4/18/2016 2:27:39 PM, Error: Service Control Manager [7000]  - The Client License Service (ClipSVC) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 2:22:57 AM, Error: Volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
4/18/2016 2:08:40 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: CortanaUI.AppXn73w0hsq3g4wx1h9fhf7q02vw2wta6qc.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
4/18/2016 12:57:36 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NcdAutoSetup service.
4/18/2016 11:45:51 AM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
4/18/2016 11:32:01 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\System32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
4/18/2016 11:14:17 PM, Error: Microsoft-Windows-DistributedCOM [10001]  - Unable to start a DCOM Server: App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXwmnqm0nvq2b90pwvr42qmtdjp7cj3w82.mca
4/18/2016 11:07:40 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Anti-Spam Service service to connect.
4/18/2016 11:07:40 PM, Error: Service Control Manager [7000]  - The McAfee Anti-Spam Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 10:50:27 AM, Error: Service Control Manager [7022]  - The Windows Update service hung on starting.
4/18/2016 10:49:38 AM, Error: Service Control Manager [7022]  - The Microsoft Account Sign-in Assistant service hung on starting.
4/18/2016 10:49:33 AM, Error: Service Control Manager [7022]  - The Geolocation Service service hung on starting.
4/18/2016 10:49:03 AM, Error: Service Control Manager [7022]  - The Dropbox Update Service (dbupdate) service hung on starting.
4/18/2016 10:47:57 AM, Error: Service Control Manager [7022]  - The Background Intelligent Transfer Service service hung on starting.
4/18/2016 10:10:28 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Intel Security PEF Service service to connect.
4/18/2016 10:10:28 PM, Error: Service Control Manager [7000]  - The Intel Security PEF Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:44:23 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Downloaded Maps Manager service to connect.
4/18/2016 1:44:23 PM, Error: Service Control Manager [7000]  - The Downloaded Maps Manager service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:39:03 PM, Error: Service Control Manager [7022]  - The Delivery Optimization service hung on starting.
4/18/2016 1:36:58 PM, Error: Service Control Manager [7000]  - The Dropbox Update Service (dbupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/18/2016 1:36:57 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dropbox Update Service (dbupdate) service to connect.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Profile Service service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the IKE and AuthIP IPsec Keying Modules service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:04:20 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Computer Browser service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:03:30 AM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error:  An instance of the service is already running.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The User Manager service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Update Orchestrator Service service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Network Setup Service service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7034]  - The Application Information service terminated unexpectedly.  It has done this 1 time(s).
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Windows Update service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Windows Management Instrumentation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The User Profile Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Themes service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Task Scheduler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The System Event Notification Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Shell Hardware Detection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Server service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The IP Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The IKE and AuthIP IPsec Keying Modules service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Group Policy Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Geolocation Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Computer Browser service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2016 3:02:20 AM, Error: Service Control Manager [7031]  - The Background Intelligent Transfer Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/13/2016 11:44:06 PM, Error: Service Control Manager [7032]  - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee Home Network service, but this action failed with the following error:  An instance of the service is already running.
.
==== End Of File ===========================
 


#11 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 09 May 2016 - 12:14 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by djken (administrator) on DESKTOP-3JTJ13L (19-04-2016 23:50:48)
Running from C:\Users\djken\Desktop\DS
Loaded Profiles: djken (Available Profiles: djken)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (minimal)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8790264 2016-01-15] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2015-06-21] (CyberLink Corp.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)
Winlogon\Notify\!SASWinLogon: C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll [2009-09-03] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe [2017280 2010-05-06] (SUPERAntiSpyware.com)
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\...\RunOnce: [Uninstall C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\djken\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files (x86)\SUPERAntiSpyware\SASSEH.DLL [77824 2008-05-13] (SuperAdBlocker.com)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2016-01-04]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\wruninstall.exe (Webroot Software, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{b0669201-17b3-41bc-b300-5fd1898c653d}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{d5c356a5-5da4-4545-bfd7-20b1ccd4bd5e}: [DhcpNameServer] 192.168.123.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2567572015-817838235-4254248779-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2567572015-817838235-4254248779-1001 -> {CDC93D95-9670-4DE5-82C8-C130C83DE4B1} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll [2016-01-11] (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-14] (Webroot)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll [2016-01-11] (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files (x86)\Common Files\Webroot\WebFiltering\wrflt.dll [2016-04-14] (Webroot)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-02-25] (HP)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll [2016-01-11] (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll [2016-01-11] (Webroot)
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll [2016-03-29] (Microsoft Corporation)
Handler-x32: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll [2016-03-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-03-03] (McAfee, Inc.)
 
FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-06-25] ()
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-10-23]
 
Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxps://mail.google.com/mail/u/0/?zx=7807zed2on15#inbox
CHR Profile: C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-14]
CHR Extension: (Google Docs) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-14]
CHR Extension: (Google Drive) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-14]
CHR Extension: (YouTube) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-14]
CHR Extension: (Google Search) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-14]
CHR Extension: (Google Sheets) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-12-14]
CHR Extension: (Google Docs Offline) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-14]
CHR Extension: (Webroot Filtering Extension) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2016-01-11]
CHR Extension: (Webroot Password Manager) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc [2016-01-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-14]
CHR Extension: (Gmail) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-14]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2286848 2015-12-14] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-14] (Dropbox, Inc.)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-06-25] (WildTangent)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 HPSupportSolutionsFrameworkService; c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-19] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 MessagingService; C:\Windows\System32\MessagingService.dll [52736 2015-10-30] (Microsoft Corporation)
S3 MessagingService_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 MessagingService_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 MessagingService_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 MessagingService_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
S2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
S2 mfevtp; C:\windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S2 OneSyncSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S2 OneSyncSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_3e060; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_3e060; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U2 OneSyncSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
S3 PimIndexMaintenanceSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 PimIndexMaintenanceSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 PimIndexMaintenanceSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [316152 2016-01-15] (Realtek Semiconductor)
S2 tbaseprovisioning; C:\Windows\SysWOW64\tbaseprovisioning.exe [60432 2015-07-02] (Advanced Micro Devices, Inc.)
S3 TieringEngineService; C:\Windows\system32\TieringEngineService.exe [290304 2015-10-30] (Microsoft Corporation)
S4 tzautoupdate; C:\Windows\system32\tzautoupdate.dll [87040 2016-03-29] (Microsoft Corporation)
S3 UnistoreSvc_13dd3; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UnistoreSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_1632ab1; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_39d32; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_43b79; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_46d97; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_48093; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4a757; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4ae46; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4f7af; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5206a; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_52d88; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_534fa; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5365c; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_70fc4; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7c0f3; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7dd89; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_b7b21; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_d1230; C:\WINDOWS\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UnistoreSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_13dd3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
S3 UserDataSvc_13dd3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_1632ab1; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_1632ab1; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_39d32; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_39d32; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_43b79; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_43b79; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_46d97; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_46d97; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_48093; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_48093; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4a757; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4a757; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4ae46; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4ae46; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4f7af; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_4f7af; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5206a; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5206a; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_52d88; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_52d88; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_534fa; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_534fa; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5365c; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_5365c; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_70fc4; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_70fc4; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7c0f3; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7c0f3; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7dd89; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_7dd89; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_b7b21; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_b7b21; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_d1230; C:\WINDOWS\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
U3 UserDataSvc_d1230; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-12-17] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
S2 WRSVC; C:\Program Files\Webroot\WRSA.exe [873072 2016-02-27] (Webroot)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdkmcsp; C:\Windows\system32\DRIVERS\amdkmcsp.sys [101104 2015-07-02] (Advanced Micro Devices, Inc. )
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-07-22] (Advanced Micro Devices, Inc.)
R0 amdpsp; C:\Windows\System32\DRIVERS\amdpsp.sys [277240 2015-07-02] (Advanced Micro Devices, Inc. )
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-07-22] (Advanced Micro Devices)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [208176 2015-12-14] (Broadcom Corporation.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-07-08] (Broadcom Corporation)
S3 bcmfn; C:\Windows\System32\drivers\bcmfn.sys [9728 2015-10-30] (Windows ® Win 7 DDK provider)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [245760 2016-03-29] (Microsoft Corporation)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 iai2c; C:\Windows\System32\drivers\iai2c.sys [81408 2015-10-30] (Intel® Corporation)
S3 iaLPSS2i_I2C; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [165888 2015-10-30] (Intel Corporation)
S3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
S0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [896768 2016-02-17] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402136 2015-05-27] (Realsil Semiconductor Corporation)
S1 SASDIFSV; C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS [12872 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.SYS [68168 2010-05-06] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [45056 2015-10-30] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117728 2016-01-04] (Webroot)
S3 wrUrlFlt; C:\WINDOWS\system32\DRIVERS\wrUrlFlt.sys [54512 2016-04-14] (Webroot)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-04-19 23:46 - 2016-04-19 23:50 - 00000000 ____D C:\FRST
2016-04-19 23:44 - 2016-04-19 23:44 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-19 23:32 - 2016-04-19 23:32 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-19 23:30 - 2016-04-19 23:30 - 00000000 ____D C:\WINDOWS\pss
2016-04-19 17:13 - 2016-04-19 17:13 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-04-18 10:36 - 2016-04-18 10:36 - 00000000 _____ C:\Users\djken\AppData\Local\{2FEBD302-5673-40FA-9B6B-A168FCC3BD12}
2016-04-18 02:55 - 2016-04-18 02:55 - 00000000 _____ C:\Users\djken\AppData\Local\{8E65E9F2-2073-4D53-B337-5804C4235E34}
2016-04-17 21:50 - 2016-04-17 23:37 - 950023390 _____ C:\Users\djken\Downloads\MiaMalkova.mp4.rar
2016-04-17 16:16 - 2016-04-17 20:15 - 693010229 _____ C:\Users\djken\Downloads\11Elsa_Julia.mp4
2016-04-16 15:50 - 2016-04-16 16:34 - 260571793 _____ C:\Users\djken\Downloads\ir-rico-brooke.mp4
2016-04-16 15:49 - 2016-04-16 19:56 - 733476866 _____ C:\Users\djken\Downloads\14Kim6.wmv
2016-04-15 13:00 - 2016-03-29 00:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-15 12:59 - 2016-04-01 22:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-15 12:59 - 2016-04-01 22:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-15 12:59 - 2016-04-01 22:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-15 12:59 - 2016-04-01 22:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-15 12:59 - 2016-03-29 04:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-15 12:59 - 2016-03-29 04:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-15 12:59 - 2016-03-29 04:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-15 12:59 - 2016-03-29 04:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-15 12:59 - 2016-03-29 03:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-15 12:59 - 2016-03-29 03:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-15 12:59 - 2016-03-29 03:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-15 12:59 - 2016-03-29 03:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-15 12:59 - 2016-03-29 03:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-15 12:59 - 2016-03-29 03:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-15 12:59 - 2016-03-29 03:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-15 12:59 - 2016-03-29 03:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-15 12:59 - 2016-03-29 03:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-15 12:59 - 2016-03-29 02:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-15 12:59 - 2016-03-29 02:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-15 12:59 - 2016-03-29 02:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-15 12:59 - 2016-03-29 02:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-15 12:59 - 2016-03-29 02:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-15 12:59 - 2016-03-29 02:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-15 12:59 - 2016-03-29 02:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-15 12:59 - 2016-03-29 02:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-15 12:59 - 2016-03-29 02:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-15 12:59 - 2016-03-29 02:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-15 12:59 - 2016-03-29 02:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-15 12:59 - 2016-03-29 02:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-15 12:59 - 2016-03-29 02:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-15 12:59 - 2016-03-29 02:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-15 12:59 - 2016-03-29 02:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-15 12:59 - 2016-03-29 02:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-15 12:59 - 2016-03-29 02:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-15 12:59 - 2016-03-29 01:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-15 12:59 - 2016-03-29 01:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-15 12:59 - 2016-03-29 01:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-15 12:59 - 2016-03-29 01:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-15 12:59 - 2016-03-29 01:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-15 12:59 - 2016-03-29 01:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-15 12:59 - 2016-03-29 01:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-15 12:59 - 2016-03-29 01:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-15 12:59 - 2016-03-29 01:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-15 12:59 - 2016-03-29 01:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-15 12:59 - 2016-03-29 01:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-15 12:59 - 2016-03-29 01:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-15 12:59 - 2016-03-29 01:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-15 12:59 - 2016-03-29 01:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-15 12:59 - 2016-03-29 01:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-15 12:59 - 2016-03-29 01:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-15 12:59 - 2016-03-29 01:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-15 12:59 - 2016-03-29 01:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-15 12:59 - 2016-03-29 01:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-15 12:59 - 2016-03-29 01:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-15 12:59 - 2016-03-29 01:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-15 12:59 - 2016-03-29 01:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-15 12:59 - 2016-03-29 01:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-15 12:59 - 2016-03-29 01:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-15 12:59 - 2016-03-29 01:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-15 12:59 - 2016-03-29 01:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-15 12:59 - 2016-03-29 01:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-15 12:59 - 2016-03-29 01:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-15 12:59 - 2016-03-29 01:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-15 12:59 - 2016-03-29 01:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-15 12:59 - 2016-03-29 01:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-15 12:59 - 2016-03-29 01:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-15 12:59 - 2016-03-29 01:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-15 12:59 - 2016-03-29 00:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-15 12:59 - 2016-03-29 00:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-15 12:59 - 2016-03-29 00:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-15 12:59 - 2016-03-29 00:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-15 12:59 - 2016-03-29 00:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-15 12:59 - 2016-03-29 00:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-15 12:59 - 2016-03-29 00:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-15 12:59 - 2016-03-29 00:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-15 12:59 - 2016-03-29 00:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-15 12:59 - 2016-03-29 00:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-15 12:59 - 2016-03-29 00:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-15 12:58 - 2016-04-01 23:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-15 12:58 - 2016-04-01 23:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-15 12:58 - 2016-04-01 23:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-15 12:58 - 2016-04-01 22:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-15 12:58 - 2016-04-01 22:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-15 12:58 - 2016-04-01 22:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-15 12:58 - 2016-04-01 22:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-15 12:58 - 2016-04-01 22:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-15 12:58 - 2016-04-01 22:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-15 12:58 - 2016-04-01 22:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-15 12:58 - 2016-04-01 22:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-15 12:58 - 2016-04-01 22:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-15 12:58 - 2016-04-01 22:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-15 12:58 - 2016-04-01 22:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-15 12:58 - 2016-03-29 05:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-15 12:58 - 2016-03-29 05:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-15 12:58 - 2016-03-29 05:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-15 12:58 - 2016-03-29 05:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-15 12:58 - 2016-03-29 05:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-15 12:58 - 2016-03-29 05:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-15 12:58 - 2016-03-29 05:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-15 12:58 - 2016-03-29 05:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-15 12:58 - 2016-03-29 05:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-15 12:58 - 2016-03-29 05:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-15 12:58 - 2016-03-29 05:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-15 12:58 - 2016-03-29 05:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-15 12:58 - 2016-03-29 05:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-15 12:58 - 2016-03-29 04:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-15 12:58 - 2016-03-29 04:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-15 12:58 - 2016-03-29 04:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-15 12:58 - 2016-03-29 04:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-15 12:58 - 2016-03-29 04:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-15 12:58 - 2016-03-29 04:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-15 12:58 - 2016-03-29 04:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-15 12:58 - 2016-03-29 04:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-15 12:58 - 2016-03-29 04:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-15 12:58 - 2016-03-29 04:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-15 12:58 - 2016-03-29 04:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-15 12:58 - 2016-03-29 04:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-15 12:58 - 2016-03-29 04:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-15 12:58 - 2016-03-29 04:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-15 12:58 - 2016-03-29 03:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-15 12:58 - 2016-03-29 03:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-15 12:58 - 2016-03-29 03:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-15 12:58 - 2016-03-29 03:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-15 12:58 - 2016-03-29 03:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-15 12:58 - 2016-03-29 03:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-15 12:58 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-15 12:58 - 2016-03-29 03:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-15 12:58 - 2016-03-29 03:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-15 12:58 - 2016-03-29 03:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-15 12:58 - 2016-03-29 03:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-15 12:58 - 2016-03-29 03:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-15 12:58 - 2016-03-29 03:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-15 12:58 - 2016-03-29 03:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-15 12:58 - 2016-03-29 02:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-15 12:58 - 2016-03-29 02:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-15 12:58 - 2016-03-29 02:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-15 12:58 - 2016-03-29 02:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-15 12:58 - 2016-03-29 02:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-15 12:58 - 2016-03-29 02:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-15 12:58 - 2016-03-29 02:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-15 12:58 - 2016-03-29 02:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-15 12:58 - 2016-03-29 02:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-15 12:58 - 2016-03-29 02:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-15 12:58 - 2016-03-29 02:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-15 12:58 - 2016-03-29 02:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.

#12 DK1980

DK1980

    Member

  • Full Member
  • Pip
  • 94 posts

Posted 09 May 2016 - 12:14 PM

Fix result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by djken (2016-04-28 00:44:56) Run:1
Running from C:\Users\djken\Desktop\DS
Loaded Profiles: djken (Available Profiles: djken)
Boot Mode: Safe Mode (minimal)
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
CHR Extension: (Chrome Web Store Payments) - C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-14]
CHR HKLM\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngkhgikojglcgnckopipfdajaifmmnnc] - hxxp://clients2.google.com/service/update2/crx
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.6.1180.0\McCSPServiceHost.exe" [X]
C:\Users\djken\AppData\Local\Temp\SSUPDATE.EXE
C:\Users\djken\AppData\Local\Temp\tmp8A5B.exe
C:\Users\djken\AppData\Local\Temp\tmpCC31.exe
C:\Users\djken\AppData\Local\Temp\tmpFBB5.exe
C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
 
End
 
 
 
*****************
 
Error: Restore point can only be created in normal mode.
Processes closed successfully.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => moved successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ngkhgikojglcgnckopipfdajaifmmnnc" => key removed successfully
mccspsvc => service removed successfully
C:\Users\djken\AppData\Local\Temp\SSUPDATE.EXE => moved successfully
C:\Users\djken\AppData\Local\Temp\tmp8A5B.exe => moved successfully
C:\Users\djken\AppData\Local\Temp\tmpCC31.exe => moved successfully
C:\Users\djken\AppData\Local\Temp\tmpFBB5.exe => moved successfully
"C:\Users\djken\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda" => File/Folder not found.
EmptyTemp: => 2.2 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 00:47:47 ====


#13 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,530 posts

Posted 12 May 2016 - 12:26 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#14 nasdaq

nasdaq

    Forum Deity

  • Global Moderator
  • PipPipPipPipPip
  • 49,159 posts

Posted 12 May 2016 - 06:55 PM

DK1980 your topics have been merged.

Do you still need help with this computer?
nasdaq

Favorite tools: [ SpywareBlaster ] [ Spybot ] [ AdAware ] [ HijackThis ]
[ Housecall online virus scan ] [ Bitdefender online virus scan ]
[ AVG antivirus ] [ Sunbelt Personal Firewall ] [ ZoneAlarm firewall ]

My help is free, but if we have helped you in anyway,please considerDonating ,
see this topic for details.
We need members like you.

========
Shouldn't water be worth more than diamonds?
Adam Smith Glasgow, 1760




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

Member of

Support SpywareInfo Forum - click the button
PayPal - The safer, easier way to pay online!