ComboFix 15-11-15.01 - Doris 11/16/2015  14:22:31.2.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3974.2680 [GMT -7:00]
Running from: c:\users\Doris\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AV: Trend Micro Titanium *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Trend Micro Titanium *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\users\Doris\AppData\Local\datos.txt
c:\users\Doris\GoToAssistDownloadHelper.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\X86
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_AdobeUpdateService
.
.
(((((((((((((((((((((((((   Files Created from 2015-10-16 to 2015-11-16  )))))))))))))))))))))))))))))))
.
.
2015-11-16 21:33 . 2015-11-16 21:33	--------	d-----w-	c:\users\Mcx1-DORIS-PC\AppData\Local\temp
2015-11-16 21:33 . 2015-11-16 21:33	--------	d-----w-	c:\users\Kevin\AppData\Local\temp
2015-11-16 21:33 . 2015-11-16 21:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-11-13 22:25 . 2013-09-20 17:49	21040	----a-w-	c:\windows\system32\sdnclean64.exe
2015-11-13 22:11 . 2014-03-11 15:48	40480	----a-w-	c:\windows\system32\drivers\PsBoot.sys
2015-11-13 22:00 . 2015-11-03 17:55	3211264	----a-w-	c:\windows\system32\win32k.sys
2015-11-13 21:55 . 2015-11-13 22:00	--------	d-----w-	C:\AdwCleaner
2015-11-12 00:29 . 2015-11-12 00:29	--------	d-----w-	C:\found.001
2015-11-11 21:45 . 2015-11-13 21:51	--------	d-----w-	C:\FRST
2015-11-11 19:19 . 2015-11-11 19:19	--------	d-----w-	C:\found.000
2015-11-11 12:45 . 2015-10-13 04:57	950720	----a-w-	c:\windows\system32\drivers\ndis.sys
2015-11-11 12:38 . 2015-10-01 18:00	2164224	----a-w-	c:\program files\Windows Journal\Journal.exe
2015-11-11 12:20 . 2015-10-20 01:12	5570496	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-11-11 12:17 . 2015-10-13 16:41	497664	----a-w-	c:\windows\system32\drivers\afd.sys
2015-11-11 12:17 . 2015-10-13 16:40	118272	----a-w-	c:\windows\system32\drivers\tdx.sys
2015-11-11 04:08 . 2015-11-11 04:08	--------	d-----w-	c:\users\Doris\AppData\Roaming\SUPERAntiSpyware.com
2015-11-11 04:07 . 2015-11-11 04:08	--------	d-----w-	c:\program files\SUPERAntiSpyware
2015-11-11 04:07 . 2015-11-11 04:07	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2015-11-11 00:03 . 2013-09-04 20:57	31264	----a-w-	c:\windows\system32\drivers\gfiutil.sys
2015-11-11 00:03 . 2015-08-27 13:31	40584	----a-w-	c:\windows\system32\drivers\gfiark.sys
2015-11-11 00:02 . 2015-11-12 01:19	--------	d-----w-	C:\VIPRERESCUE
2015-11-10 13:15 . 2015-07-16 19:12	6131200	----a-w-	c:\windows\SysWow64\mstscax.dll
2015-11-10 13:15 . 2015-07-16 19:11	7077376	----a-w-	c:\windows\system32\mstscax.dll
2015-11-10 13:15 . 2015-07-11 13:15	429568	----a-w-	c:\windows\system32\wksprt.exe
2015-11-10 13:15 . 2015-07-16 19:12	856064	----a-w-	c:\windows\SysWow64\rdvidcrl.dll
2015-11-10 13:15 . 2015-07-16 19:12	53248	----a-w-	c:\windows\SysWow64\tsgqec.dll
2015-11-10 13:15 . 2015-07-16 19:11	62976	----a-w-	c:\windows\system32\tsgqec.dll
2015-11-10 13:15 . 2015-07-16 19:11	1057792	----a-w-	c:\windows\system32\rdvidcrl.dll
2015-11-10 13:15 . 2014-12-11 17:47	87040	----a-w-	c:\windows\system32\TSWbPrxy.exe
2015-11-10 04:35 . 2013-10-02 01:10	44544	----a-w-	c:\windows\system32\TsUsbGDCoInstaller.dll
2015-11-10 04:35 . 2013-10-02 04:38	3072	----a-w-	c:\windows\system32\drivers\en-US\tsusbflt.sys.mui
2015-11-10 04:35 . 2013-10-02 02:11	13824	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-11-10 04:35 . 2013-10-02 02:08	12800	----a-w-	c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-11-10 04:35 . 2013-10-02 02:22	56832	----a-w-	c:\windows\system32\drivers\TsUsbFlt.sys
2015-11-10 04:35 . 2013-10-02 01:48	18944	----a-w-	c:\windows\system32\wksprtPS.dll
2015-11-10 04:35 . 2013-10-02 00:14	50176	----a-w-	c:\windows\SysWow64\MsRdpWebAccess.dll
2015-11-10 04:35 . 2013-10-02 00:14	17920	----a-w-	c:\windows\SysWow64\wksprtPS.dll
2015-11-10 04:35 . 2013-10-02 01:48	56832	----a-w-	c:\windows\system32\MsRdpWebAccess.dll
2015-11-10 04:34 . 2013-10-01 22:34	1068544	----a-w-	c:\windows\SysWow64\mstsc.exe
2015-11-10 04:34 . 2013-10-01 23:31	1147392	----a-w-	c:\windows\system32\mstsc.exe
2015-11-10 04:22 . 2015-08-05 17:56	22528	----a-w-	c:\windows\system32\icaapi.dll
2015-11-10 04:22 . 2015-08-05 17:06	39936	----a-w-	c:\windows\system32\drivers\tssecsrv.sys
2015-11-10 02:27 . 2015-11-15 03:12	--------	d-----w-	c:\users\Doris\AppData\Local\ElevatedDiagnostics
2015-11-08 15:17 . 2015-11-10 20:27	--------	d-----w-	c:\programdata\VusSumx
2015-11-05 22:13 . 2015-11-05 22:13	--------	d-----w-	C:\FFOutput
2015-11-05 22:12 . 2015-11-05 22:12	--------	d-----w-	c:\program files (x86)\FormatFactory
2015-11-05 22:02 . 2015-11-05 22:02	--------	d-----w-	c:\users\Doris\AppData\Roaming\MPEG Streamclip
2015-10-30 18:38 . 2015-10-30 18:38	--------	d-----w-	c:\program files\Common Files\Microsoft
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-29 17:50 . 2015-11-11 12:39	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2015-10-29 17:50 . 2015-11-11 12:39	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-10-29 17:50 . 2015-11-11 12:39	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2015-10-29 17:50 . 2015-11-11 12:39	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-10-29 17:49 . 2015-11-11 12:39	562176	----a-w-	c:\windows\apppatch\AcLayers.dll
2015-10-29 17:49 . 2015-11-11 12:39	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-10-29 17:49 . 2015-11-11 12:39	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-10-29 17:49 . 2015-11-11 12:39	211968	----a-w-	c:\windows\apppatch\AcXtrnal.dll
2015-10-29 17:39 . 2015-11-11 12:39	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-10-28 01:43 . 2012-10-31 00:42	145617392	----a-w-	c:\windows\system32\MRT.exe
2015-10-20 00:45 . 2015-11-11 12:20	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-10-13 08:29 . 2015-10-13 08:29	875720	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-10-13 08:22 . 2015-10-13 08:22	869568	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-10-01 18:06 . 2015-10-14 09:56	692672	----a-w-	c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 09:56	616360	----a-w-	c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 09:55	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 09:55	59392	----a-w-	c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 09:55	32768	----a-w-	c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 09:55	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 09:55	147456	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 09:55	50688	----a-w-	c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 09:55	61440	----a-w-	c:\windows\system32\drivers\appid.sys
2015-09-18 19:22 . 2015-10-15 07:42	25432	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-09-18 19:19 . 2015-10-15 07:42	700416	----a-w-	c:\windows\system32\invagent.dll
2015-09-18 19:19 . 2015-10-15 07:42	766464	----a-w-	c:\windows\system32\generaltel.dll
2015-09-18 19:19 . 2015-10-15 07:42	503808	----a-w-	c:\windows\system32\devinv.dll
2015-09-18 19:19 . 2015-10-15 07:42	1291264	----a-w-	c:\windows\system32\appraiser.dll
2015-09-18 19:19 . 2015-10-15 07:42	73216	----a-w-	c:\windows\system32\acmigration.dll
2015-09-18 19:09 . 2015-10-15 07:42	1163776	----a-w-	c:\windows\system32\aeinv.dll
2015-09-11 05:04 . 2012-06-05 02:20	778440	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-09-11 05:04 . 2012-06-05 02:20	142536	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-09-09 10:55 . 2015-09-09 10:55	0	----a-w-	c:\windows\SysWow64\shoE0EC.tmp
2015-09-02 03:04 . 2015-09-09 07:43	41984	----a-w-	c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-09 07:43	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-09 07:43	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-09 07:43	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-09 07:43	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-09 07:43	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-09 07:43	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-09 07:43	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-09 07:43	372736	----a-w-	c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-09 07:43	299520	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-08-27 18:18 . 2015-09-09 07:45	2004480	----a-w-	c:\windows\system32\msxml6.dll
2015-08-27 18:18 . 2015-09-09 07:45	1887232	----a-w-	c:\windows\system32\msxml3.dll
2015-08-27 18:13 . 2015-09-09 07:45	2048	----a-w-	c:\windows\system32\msxml6r.dll
2015-08-27 18:13 . 2015-09-09 07:45	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-08-27 17:58 . 2015-09-09 07:45	1391104	----a-w-	c:\windows\SysWow64\msxml6.dll
2015-08-27 17:58 . 2015-09-09 07:45	1241088	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-08-27 17:51 . 2015-09-09 07:45	2048	----a-w-	c:\windows\SysWow64\msxml6r.dll
2015-08-27 17:51 . 2015-09-09 07:45	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-08-21 21:15 . 2015-03-11 18:18	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-28 09:31	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-28 09:31	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-28 09:31	1729752	----a-w-	c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinResSync"="c:\users\Doris\AppData\Roaming\Microsoft\Protect\e4b853e8e5c36aab61ef.rs" [X]
"Lync"="c:\program files\Microsoft Office 15\Root\Office15\lync.exe" [2015-05-19 24025768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2011-12-16 133400]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-30 284440]
"Dell DataSafe Online"="c:\program files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe" [2010-08-26 1117528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2015-03-21 60712]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-07-08 998104]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"ToolboxFX"="c:\program files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" [2014-08-14 59632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
"HideSCAHealth"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"TaskbarNoNotification"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R2 mfemms;McAfee Service Controller;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe [x]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
R3 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [x]
R3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
R3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys;c:\windows\SYSNATIVE\drivers\gfiark.sys [x]
R3 gfiutil;gfiutil;c:\windows\system32\drivers\gfiutil.sys;c:\windows\SYSNATIVE\drivers\gfiutil.sys [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
R3 HPFXFAX;HPFXFAX;c:\windows\system32\drivers\hppdfaxio.sys;c:\windows\SYSNATIVE\drivers\hppdfaxio.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
R3 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys;c:\windows\SYSNATIVE\drivers\mferkdet.sys [x]
R3 mfesapsn;McAfee Process Start Notification Service;c:\program files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys;c:\program files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [x]
R3 NOBU;Dell DataSafe Online;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE;c:\program files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe SERVICE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe;c:\program files (x86)\Dell Wireless\Ath_WlanAgent.exe [x]
R4 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R4 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe;c:\program files (x86)\McAfee\SiteAdvisor\McSACore.exe [x]
R4 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.163\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.163\McCHSvc.exe [x]
R4 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.6.1008.0\McCSPServiceHost.exe [x]
R4 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
R4 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
R4 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R4 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R4 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\drivers\PxHlpa64.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys;c:\windows\SYSNATIVE\drivers\mfeaack.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2015-10-27 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2011-12-14 04:09]
.
2015-11-11 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 6f6b2351-9e11-41d2-83e9-f6acd56bf525.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-11-11 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task 908b65ea-dae6-40a6-a5ce-e3ffc38c34f4.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2015-11-16 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2011-12-14 04:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-05-28 10:56	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-05-28 10:56	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-05-28 10:56	2334936	----a-w-	c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-04-07 169768]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-22 398616]
"DellStage"="c:\program files (x86)\Dell Stage\Dell Stage\stage_primary.exe" [2011-11-03 2190704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-22 439064]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://learn.maricopa.edu/login/ldap
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: sharepoint.com\maricopa
Trusted Zone: sharepoint.com\maricopa-my
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
FF - ProfilePath - c:\users\Doris\AppData\Roaming\Mozilla\Firefox\Profiles\rpsub9od.default\
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-NeroLauncher - c:\program files (x86)\Nero\SyncUP\NeroLauncher.exe
Notify-SDWinLogon - SDWinLogon.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3023224 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3035490 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3037581 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074230 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3074550 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3097996 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB3098781 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.51209\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-891251935-3120285653-2804985873-1000_Classes\Drive\shellex\FolderExtensions\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}]
@Denied: (C D 2 3 6) (CreatorAuthority-4)
@Denied: (C D 2 3 6) (Everyone)
@Allowed: (Read) (S-1-5-21-891251935-3120285653-2804985873-1000)
"DriveMask"=dword:ffffffff
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
.
**************************************************************************
.
Completion time: 2015-11-16  15:09:47 - machine was rebooted
ComboFix-quarantined-files.txt  2015-11-16 22:09
.
Pre-Run: 263,994,638,336 bytes free
Post-Run: 263,481,262,080 bytes free
.
- - End Of File - - B4D03DB8DD84CA69DDD00811D9AD8A0F