Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

dns unlocker

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
acapella
Warrior


Joined: 15 Feb 2005
Last Visit: 02 Dec 2016
Posts: 53

PostPosted: Tue Aug 25, 2015 5:00 pm    Post subject: dns unlocker Reply with quote

2 week old brand new computer with windows 10 all of a sudden inundated with pop ups mostly from dnsunlocker. please help ! logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16412
Run by Lazarte at 20:51:34 on 2015-08-25
Microsoft Windows 10 Home 10.0.10240.0.1252.1.1033.18.12205.9372 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall *Enabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\igfxCUIService.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe
C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe
C:\Windows\SysWOW64\rundll32.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskhostw.exe
C:\Windows\system32\sihost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Users\Lazarte\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\fontdrvhost.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
C:\Program Files\Dell\Dell Data Services\DDSSvc.exe
C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe
C:\Program Files\Dell\Dell Product Registration\PRSvc.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Program Files\Dell\Dell Foundation Services\DFSSystrayUI.exe
C:\Program Files (x86)\Dell Update\DellUpService.exe
C:\Program Files (x86)\Dell Update\DellUpTray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe
C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Program Files (x86)\Comodo\Chromodo\chromodo.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uLocal Page = %11%\blank.htm
mStart Page = about:blank
mDefault_Page_URL = hxxp://www.yahoo.com/?ilc=8
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll
uRun: [OneDrive] "C:\Users\Lazarte\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRunOnce: [Uninstall C:\Users\Lazarte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Lazarte\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\amd64"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ACTIVC~1.LNK - C:\Program Files\ActivIdentity\ActivClient\acsagent.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 75.75.75.75 75.75.76.76 192.168.1.1
TCP: Interfaces\{08c46601-72a8-475f-8d92-f5075d0072f7} : NameServer = 199.203.131.150,82.163.143.168
TCP: Interfaces\{e0b5fbdc-2369-4ae4-85c5-6de209e84c52} : NameServer = 199.203.131.150,82.163.143.168
TCP: Interfaces\{e0b5fbdc-2369-4ae4-85c5-6de209e84c52} : DHCPNameServer = 75.75.75.75 75.75.76.76 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
x64-Run: [WavesSvc] "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
x64-Run: [acevents] "C:\Program Files\ActivIdentity\ActivClient\acevents.exe"
x64-Run: [accrdsub] "C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2015-7-23 1455552]
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2015-5-29 875928]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2015-5-29 344704]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2015-8-12 200528]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2015-7-23 91912]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R2 18b1a977;LighterGeneration;C:\Windows\System32\rundll32.exe [2015-7-10 59392]
R2 27a6a368;SystemAssister;C:\Windows\System32\rundll32.exe [2015-7-10 59392]
R2 770e3dd8;ProcessModule;C:\Windows\System32\rundll32.exe [2015-7-10 59392]
R2 a084bb95;StatInit;C:\Windows\System32\rundll32.exe [2015-7-10 59392]
R2 ac.sharedstore;ActivIdentity Shared Store Service;C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [2013-6-13 278288]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe [2015-6-7 323152]
R2 ChromodoUpdater;COMODO Chromodo Update Service;C:\Program Files (x86)\Comodo\Chromodo\chromodo_updater.exe [2015-3-5 2368712]
R2 ClickToRunSvc;Servicio Hacer clic y ejecutar de Microsoft Office;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-8-8 2765496]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 Dell Customer Connect;Dell Customer Connect;C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2015-6-15 153328]
R2 Dell Data Services;Dell Data Services;C:\Program Files\Dell\Dell Data Services\DDSSvc.exe [2015-6-19 46792]
R2 Dell Foundation Services;Dell Foundation Services;C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2015-8-18 116424]
R2 Dell Help & Support;Dell Help & Support;C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [2015-7-3 49864]
R2 Dell Product Registration;Dell Product Registration;C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2015-7-8 69320]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-6-23 238320]
R2 DellUpdate;Dell Update Service;C:\Program Files (x86)\Dell Update\DellUpService.exe [2015-6-9 237272]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-7-23 351120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2015-8-12 155368]
R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2015-4-7 782608]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [2015-7-23 1694152]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2015-7-23 373704]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2015-7-23 254792]
R2 ReimageRealTimeProtector;Reimage Real Time Protector;C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2015-8-19 7743472]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-7-23 295128]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-6-11 20648]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2015-7-23 604776]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2015-5-29 77536]
R3 GKUPRO2D;GKUPRO2D;C:\Windows\System32\drivers\GKUPRO2D.sys [2015-8-8 129008]
R3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2015-6-2 412440]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2015-5-29 347800]
R3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2015-7-23 232656]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2015-5-29 496888]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2015-6-28 529080]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2015-8-12 37960]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2015-7-23 886528]
R3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2015-7-23 402136]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2015-7-10 28512]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\Windows\System32\drivers\mfeelamk.sys [2015-5-29 80920]
S2 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\Windows\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2015-8-9 207208]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-7-10 115200]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-7-16 472872]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\Windows\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 McAWFwk;McAfee Activation Service;C:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [2015-7-23 338208]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2015-6-28 109728]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2015-8-8 934752]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2015-7-23 1031680]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2015-8-20 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2015-8-8 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2015-8-12 685568]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\Windows\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2015-7-10 25600]
S4 McOobeSv2;McAfee OOBE Service2;C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [2015-7-23 368048]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2015-08-26 00:21:30 -------- d-----w- C:\ProgramData\Reimage Protector
2015-08-26 00:21:24 -------- d-----w- C:\Program Files\Reimage
2015-08-25 23:35:56 16148 ----a-w- C:\Windows\System32\DESKTOP-1QAUITQ_Lazarte_HistoryPrediction.bin
2015-08-21 13:27:07 -------- d-----w- C:\Program Files (x86)\IP Address
2015-08-21 13:27:03 -------- d-----w- C:\Program Files (x86)\ExpeoRtAApplIcati
2015-08-21 13:26:56 -------- d-----w- C:\Program Files (x86)\ExpourrTApplicaTi
2015-08-21 13:26:51 -------- d-----w- C:\Program Files (x86)\ExpaorrtApplicati
2015-08-21 09:06:52 -------- d-----w- C:\Program Files (x86)\Super Optimizer
2015-08-21 09:06:50 -------- d-----w- C:\Users\Lazarte\AppData\Local\Programs
2015-08-21 09:06:49 -------- d-----w- C:\ProgramData\{cd5dbfac-acaf-f4fa-cd5d-dbfacacafeb2}
2015-08-17 08:33:40 -------- d-----w- C:\Program Files (x86)\GrapiHiteCoMmmannd
2015-08-17 08:33:30 -------- d-----w- C:\Program Files (x86)\GrapphiTeCommAnd
2015-08-17 08:33:22 -------- d-----w- C:\Program Files (x86)\Nice Day weather
2015-08-17 08:33:19 -------- d-----w- C:\Program Files (x86)\GRaphIteCommand
2015-08-16 10:43:56 -------- d-----w- C:\ProgramData\16500078106309072207
2015-08-16 09:23:53 -------- d-----w- C:\ProgramData\StatInit
2015-08-16 09:23:46 -------- d-----w- C:\ProgramData\LighterGeneration
2015-08-16 09:23:07 -------- d-----w- C:\ProgramData\ProcessModule
2015-08-16 07:29:52 -------- d-----w- C:\ProgramData\SystemAssister
2015-08-12 09:12:25 -------- d-----w- C:\Windows\System32\MRT
2015-08-10 00:53:52 -------- d-----w- C:\Windows\System32\SleepStudy
2015-08-09 19:49:50 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\PCDr
2015-08-09 09:35:21 207208 ----a-w- C:\Windows\System32\drivers\HipShieldK.sys
2015-08-09 09:34:28 -------- d-----w- C:\Program Files\Common Files\AV
2015-08-09 09:34:21 -------- d-----w- C:\Users\Lazarte\AppData\Local\Microsoft Help
2015-08-09 01:59:20 631504 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2015-08-09 01:57:22 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-08-09 01:50:59 841728 ----a-w- C:\Windows\System32\Windows.Media.Import.dll
2015-08-09 01:40:46 -------- d-----w- C:\Program Files\Common Files\ActivIdentity
2015-08-09 01:40:46 -------- d-----w- C:\Program Files\ActivIdentity
2015-08-09 01:40:46 -------- d-----w- C:\Program Files (x86)\ActivIdentity
2015-08-09 01:37:01 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\Thinstall
2015-08-09 01:37:01 -------- d-----w- C:\Users\Lazarte\AppData\Local\Thinstall
2015-08-09 00:31:12 -------- d-----w- C:\Users\Lazarte\AppData\Local\Comms
2015-08-09 00:08:29 -------- d-----w- C:\Users\Lazarte\AppData\Local\Google
2015-08-09 00:07:23 -------- d-----w- C:\Program Files (x86)\Yahoo!
2015-08-08 23:52:42 -------- d-----w- C:\Users\Lazarte\AppData\Local\Mozilla
2015-08-08 23:52:07 -------- d-----w- C:\Users\Lazarte\AppData\Local\Comodo
2015-08-08 23:52:01 -------- d-----w- C:\Program Files (x86)\Comodo
2015-08-08 23:51:45 -------- d-----w- C:\Users\Lazarte\AppData\Local\CleanerPro
2015-08-08 23:50:00 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\One System Care
2015-08-08 23:45:44 -------- d-----w- C:\Users\Lazarte\AppData\Local\IsolatedStorage
2015-08-08 23:45:34 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\UpdaterEX
2015-08-08 23:43:04 -------- d-----w- C:\Users\Lazarte\AppData\Local\NetworkTiles
2015-08-08 23:42:43 -------- d-----w- C:\Users\Lazarte\AppData\Local\MicrosoftEdge
2015-08-08 23:41:10 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\Intel Corporation
2015-08-08 23:40:25 -------- d-----r- C:\Users\Lazarte\OneDrive
2015-08-08 23:40:12 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2015-08-08 23:39:09 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\Dell
2015-08-08 23:39:04 -------- d-----w- C:\Users\Lazarte\AppData\Local\Power2Go8
2015-08-08 23:39:03 -------- d-----w- C:\Users\Lazarte\AppData\Roaming\DropboxOEM
2015-08-08 23:39:03 -------- d-----w- C:\Users\Lazarte\AppData\Local\DropboxOEM
2015-08-08 23:37:58 16148 ----a-w- C:\Windows\System32\DESKTOP-1QAUITQ_defaultuser0_HistoryPrediction.bin
2015-08-08 23:31:51 16148 ----a-w- C:\Windows\System32\DESKTOP-SAP2I4V_defaultuser0_HistoryPrediction.bin
2015-08-08 23:29:15 129008 ----a-w- C:\Windows\System32\drivers\GKUPRO2D.sys
2015-08-08 23:28:10 180 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-08-08 23:27:07 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{918F0D33-92F0-44A1-AAAB-B7CE5A2E2DDE}\gapaengine.dll
2015-08-08 23:27:07 1187344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2015-08-08 23:26:55 12222168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7602F2C2-389D-4630-B5BD-026128882638}\mpengine.dll
2015-08-08 23:26:49 300704 ------w- C:\Windows\System32\MpSigStub.exe
.
==================== Find3M ====================
.
2015-08-13 04:23:47 2178560 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2015-08-13 04:22:26 2093056 ----a-w- C:\Windows\System32\wlidsvc.dll
2015-08-13 04:20:39 414208 ----a-w- C:\Windows\System32\AppXDeploymentClient.dll
2015-08-13 04:17:58 1795072 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2015-08-13 03:53:21 311808 ----a-w- C:\Windows\SysWow64\AppXDeploymentClient.dll
2015-08-11 10:04:24 2462648 ----a-w- C:\Windows\System32\mfcore.dll
2015-08-11 10:04:23 4532304 ----a-w- C:\Windows\explorer.exe
2015-08-11 10:04:15 1087296 ----a-w- C:\Windows\System32\mfplat.dll
2015-08-11 10:03:20 8021840 ----a-w- C:\Windows\System32\ntoskrnl.exe
2015-08-11 10:03:09 442208 ----a-w- C:\Windows\System32\drivers\storport.sys
2015-08-11 10:02:57 554744 ----a-w- C:\Windows\System32\directmanipulation.dll
2015-08-11 10:02:56 80720 ----a-w- C:\Windows\System32\drivers\stornvme.sys
2015-08-11 10:02:49 292856 ----a-w- C:\Windows\System32\LockAppHost.exe
2015-08-11 09:52:49 993104 ----a-w- C:\Windows\System32\ReAgent.dll
2015-08-11 09:50:47 1643872 ----a-w- C:\Windows\System32\diagtrack.dll
2015-08-11 09:40:22 4048808 ----a-w- C:\Windows\SysWow64\explorer.exe
2015-08-11 09:40:12 918320 ----a-w- C:\Windows\SysWow64\mfplat.dll
2015-08-11 09:40:08 2151208 ----a-w- C:\Windows\SysWow64\mfcore.dll
2015-08-11 09:38:22 454000 ----a-w- C:\Windows\SysWow64\directmanipulation.dll
2015-08-11 09:37:48 243800 ----a-w- C:\Windows\SysWow64\LockAppHost.exe
2015-08-11 09:26:03 845664 ----a-w- C:\Windows\SysWow64\ReAgent.dll
2015-08-11 09:23:59 16706560 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2015-08-11 09:22:04 21875200 ----a-w- C:\Windows\System32\edgehtml.dll
2015-08-11 09:21:13 148992 ----a-w- C:\Windows\System32\tetheringservice.dll
2015-08-11 09:21:04 52224 ----a-w- C:\Windows\System32\tetheringclient.dll
2015-08-11 09:20:42 2224640 ----a-w- C:\Windows\System32\NetworkMobileSettings.dll
2015-08-11 09:20:02 483328 ----a-w- C:\Windows\System32\OneDriveSettingSyncProvider.dll
2015-08-11 09:19:45 235520 ----a-w- C:\Windows\System32\SettingsHandlers_Notifications.dll
2015-08-11 09:18:44 235008 ----a-w- C:\Windows\System32\UserMgrProxy.dll
2015-08-11 09:16:32 2416640 ----a-w- C:\Windows\System32\MFMediaEngine.dll
2015-08-11 09:14:02 404480 ----a-w- C:\Windows\System32\diagtrack_wininternal.dll
2015-08-11 09:13:42 413184 ----a-w- C:\Windows\System32\diagtrack_win.dll
2015-08-11 09:11:40 2446336 ----a-w- C:\Windows\System32\InputService.dll
2015-08-11 09:11:18 553472 ----a-w- C:\Windows\System32\GamePanel.exe
2015-08-11 09:10:47 293376 ----a-w- C:\Windows\System32\TextInputFramework.dll
2015-08-11 09:10:12 324096 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 09:10:06 778752 ----a-w- C:\Windows\System32\Windows.ApplicationModel.Store.dll
2015-08-11 09:09:55 32768 ----a-w- C:\Windows\System32\wuautoappupdate.dll
2015-08-11 09:08:04 893440 ----a-w- C:\Windows\System32\MbaeApiPublic.dll
2015-08-11 09:08:04 563200 ----a-w- C:\Windows\System32\MbaeApi.dll
2015-08-11 09:07:52 593920 ----a-w- C:\Windows\System32\wcmsvc.dll
2015-08-11 09:07:47 1178112 ----a-w- C:\Windows\System32\wwansvc.dll
2015-08-11 09:07:44 115712 ----a-w- C:\Windows\System32\MbaeParserTask.exe
2015-08-11 09:06:50 2662400 ----a-w- C:\Windows\System32\Windows.UI.Logon.dll
2015-08-11 09:06:19 7523328 ----a-w- C:\Windows\System32\Chakra.dll
2015-08-11 09:05:48 342016 ----a-w- C:\Windows\System32\LocationGeofences.dll
2015-08-11 09:05:27 269312 ----a-w- C:\Windows\System32\LocationFramework.dll
2015-08-11 09:05:23 78848 ----a-w- C:\Windows\System32\LocationFrameworkInternalPS.dll
2015-08-11 09:05:20 137216 ----a-w- C:\Windows\System32\LocationPermissions.dll
2015-08-11 09:05:10 996352 ----a-w- C:\Windows\System32\RDXService.dll
2015-08-11 09:05:07 3527168 ----a-w- C:\Windows\System32\tquery.dll
2015-08-11 09:03:09 2558976 ----a-w- C:\Windows\System32\mssrch.dll
2015-08-11 09:02:53 186368 ----a-w- C:\Windows\System32\cloudAP.dll
2015-08-11 09:02:15 621056 ----a-w- C:\Windows\System32\enterprisecsps.dll
2015-08-11 09:02:08 3588096 ----a-w- C:\Windows\System32\win32kfull.sys
2015-08-11 09:02:03 1890304 ----a-w- C:\Windows\System32\dwmcore.dll
2015-08-11 09:01:38 1334784 ----a-w- C:\Windows\System32\UIAutomationCore.dll
2015-08-11 09:00:45 336384 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2015-08-11 09:00:06 274432 ----a-w- C:\Windows\System32\syncutil.dll
2015-08-11 08:59:51 123392 ----a-w- C:\Windows\System32\mssprxy.dll
2015-08-11 08:59:33 42496 ----a-w- C:\Windows\SysWow64\tetheringclient.dll
2015-08-11 08:59:29 1106432 ----a-w- C:\Windows\System32\sysmain.dll
2015-08-11 08:59:27 642560 ----a-w- C:\Windows\System32\rdbui.dll
2015-08-11 08:58:11 372224 ----a-w- C:\Windows\SysWow64\OneDriveSettingSyncProvider.dll
2015-08-11 08:57:51 13024768 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2015-08-11 08:57:12 159744 ----a-w- C:\Windows\SysWow64\UserMgrProxy.dll
2015-08-11 08:51:35 1916928 ----a-w- C:\Windows\SysWow64\MFMediaEngine.dll
2015-08-11 08:51:33 1823232 ----a-w- C:\Windows\SysWow64\InputService.dll
2015-08-11 08:50:59 131584 ----a-w- C:\Windows\SysWow64\Windows.UI.Core.TextInput.dll
2015-08-11 08:50:58 200704 ----a-w- C:\Windows\SysWow64\TextInputFramework.dll
2015-08-11 08:50:47 420352 ----a-w- C:\Windows\SysWow64\GamePanel.exe
2015-08-11 08:49:50 586752 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.dll
2015-08-11 08:49:30 247808 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-08-11 08:48:25 671232 ----a-w- C:\Windows\SysWow64\MbaeApiPublic.dll
2015-08-11 08:47:09 448512 ----a-w- C:\Windows\SysWow64\MbaeApi.dll
2015-08-11 08:45:48 18805760 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2015-08-11 08:45:09 1820672 ----a-w- C:\Windows\SysWow64\Windows.UI.Logon.dll
2015-08-11 08:43:39 2748416 ----a-w- C:\Windows\SysWow64\tquery.dll
2015-08-11 08:42:33 5454848 ----a-w- C:\Windows\SysWow64\Chakra.dll
2015-08-11 08:40:45 1593856 ----a-w- C:\Windows\SysWow64\dwmcore.dll
2015-08-11 08:40:32 1964544 ----a-w- C:\Windows\SysWow64\mssrch.dll
2015-08-11 08:40:12 1112064 ----a-w- C:\Windows\SysWow64\UIAutomationCore.dll
2015-08-11 08:39:28 280576 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2015-08-11 08:38:43 162304 ----a-w- C:\Windows\SysWow64\ReInfo.dll
2015-08-08 23:31:16 200 ----a-w- C:\Windows\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-08-08 15:38:46 794088 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2015-08-08 15:38:46 179688 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-08 07:29:58 1822280 ----a-w- C:\Windows\System32\ntdll.dll
2015-08-08 07:19:45 608936 ----a-w- C:\Windows\System32\fontdrvhost.exe
2015-08-08 07:01:18 1533496 ----a-w- C:\Windows\SysWow64\ntdll.dll
2015-08-08 06:48:13 539728 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2015-08-08 06:40:23 365056 ----a-w- C:\Windows\System32\atmfd.dll
2015-08-08 06:24:15 2415104 ----a-w- C:\Windows\System32\DWrite.dll
2015-08-08 06:24:06 1679360 ----a-w- C:\Windows\System32\FntCache.dll
2015-08-08 06:15:14 303104 ----a-w- C:\Windows\SysWow64\atmfd.dll
2015-08-08 06:00:44 1985024 ----a-w- C:\Windows\SysWow64\DWrite.dll
2015-08-06 03:17:40 200528 ----a-w- C:\Windows\System32\drivers\wof.sys
2015-08-06 03:17:34 237392 ----a-w- C:\Windows\System32\drivers\rdyboost.sys
2015-08-06 02:22:03 685568 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys
2015-08-05 04:49:51 783112 ----a-w- C:\Windows\System32\mfsvr.dll
.
============= FINISH: 20:52:06.66 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 8/8/2015 7:33:35 PM
System Uptime: 8/25/2015 7:34:45 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 088DT1
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz | CPU 1 | 3201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 1849 GiB total, 1807.161 GiB free.
D: is CDROM (UDF)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 8/8/2015 7:27:07 PM - Windows Modules Installer
RP3: 8/12/2015 5:11:20 AM - Windows Update
RP4: 8/12/2015 5:11:41 AM - Windows Update
RP5: 8/15/2015 3:50:05 PM - Windows Update
RP6: 8/20/2015 5:26:00 AM - Windows Update
.
==== Installed Programs ======================
.
ActivClient CAC x64
Chromodo
CyberLink Media Suite 12
CyberLink Media Suite Essentials
CyberLink Power Media Player 12
CyberLink Power2Go 8
CyberLink PowerDirector 12
Dell Customer Connect
Dell Data Services
Dell Digital Delivery
Dell Foundation Services
Dell Help & Support
Dell Product Registration
Dell SupportAssist
Dell SupportAssistAgent
Dell Update
Dell WLAN and Bluetooth Client Installation
Dropbox 20 GB
DSC/AA Factory Installer
Extended Update
GrapiHiteCoMmmannd
Intel(R) Chipset Device Software
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel® Security Assist
Intel® Trusted Connect Service Client
IP Address
LighterGeneration
Maxx Audio Installer (x64)
McAfee LiveSafe – Internet Security
McAfee WebAdvisor
Microsoft Office 365 - en-us
Microsoft Office 365 - es-es
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
ProcessModule
Qualcomm Atheros Bluetooth Suite (64)
Realtek Card Reader
Realtek Ethernet Controller All-In-One Windows Driver
Realtek High Definition Audio Driver
Reimage Protector
StatInit
SystemAssister
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== Event Viewer Messages From Past Week ========
.
8/25/2015 7:34:22 PM, Error: Service Control Manager [7031] - The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/25/2015 7:34:22 PM, Error: Service Control Manager [7031] - The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/25/2015 7:34:22 PM, Error: Service Control Manager [7031] - The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/25/2015 7:34:22 PM, Error: Service Control Manager [7031] - The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
8/25/2015 7:24:29 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session1 service, but this action failed with the following error: An instance of the service is already running.
8/25/2015 7:24:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
8/25/2015 7:24:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
8/25/2015 6:55:30 PM, Error: Service Control Manager [7023] - The Interactive Services Detection service terminated with the following error: Incorrect function.
8/25/2015 6:55:30 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Boot Delay Start Service service to connect.
8/25/2015 6:55:30 PM, Error: Service Control Manager [7000] - The McAfee Boot Delay Start Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
8/25/2015 6:04:09 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
8/25/2015 6:03:24 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID {C2F03A33-21F5-47FA-B4BB-156362A2F239} and APPID {316CDED5-E4AE-4B15-9113-7055D84DCC97} to the user DESKTOP-1QAUITQ\Lazarte SID (S-1-5-21-3095785614-2918439649-4203598249-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.WindowsStore_2015.8.12.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157). This security permission can be modified using the Component Services administrative tool.
8/24/2015 8:08:41 PM, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
8/20/2015 4:23:50 PM, Error: Service Control Manager [7034] - The McAfee SiteAdvisor Service service terminated unexpectedly. It has done this 1 time(s).
8/18/2015 9:05:33 PM, Error: Schannel [36887] - A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 40.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 13 Oct 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Thu Aug 27, 2015 3:30 am    Post subject: Reply with quote

Duplicate post therefore closed.
http://spywarewarrior.com/viewtopic.php?t=35358
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group