Ok, here is the log for the combofix.txt file. I am going to run FRST again now as you asked.
ComboFix 16-02-15.01 - jthompson 02/17/2016 10:05:29.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3793.1114 [GMT -5:00]
Running from: c:\users\mqc874\Desktop\ComboFix.exe
AV: System Center Endpoint Protection *Disabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: System Center Endpoint Protection *Disabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\programdata\Roaming
c:\users\mqc874\g2mdlhlpx.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\DEBUG.log
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((( Files Created from 2016-01-17 to 2016-02-17 )))))))))))))))))))))))))))))))
.
.
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\TEMP.ARRS.002\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\TEMP.ARRS.000\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\QMM-svc\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\Qmigrator\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\qmigrator.ARRS\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\jthompson\AppData\Local\temp
2016-02-17 20:39 . 2016-02-17 20:39 -------- d-----w- c:\users\FirstUser\AppData\Local\temp
2016-02-17 13:56 . 2015-11-25 11:02 11154520 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2016-02-09 16:31 . 2016-02-09 19:48 -------- d-----w- C:\AdwCleaner
2016-02-08 20:37 . 2016-02-08 23:19 -------- d-----w- C:\6Y2UrOId29PWot9k
2016-02-08 19:45 . 2016-02-08 19:45 -------- d-----w- c:\users\mqc874\AppData\Roaming\Enigma Software Group
2016-02-08 19:45 . 2016-02-08 19:45 -------- d-----w- C:\sh4ldr
2016-02-08 19:44 . 2016-02-08 19:44 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys
2016-02-08 19:44 . 2016-02-08 19:44 -------- d-----w- c:\program files\Enigma Software Group
2016-02-08 15:47 . 2016-02-15 16:46 -------- d-----w- C:\FRST
2016-02-06 19:58 . 2016-02-06 19:58 -------- d-----w- c:\users\mqc874\AppData\Local\CEF
2016-02-06 19:52 . 2016-02-06 19:52 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2016-02-06 19:30 . 2016-02-06 21:26 -------- d-----w- C:\KVRT_Data
2016-02-05 15:39 . 2016-02-05 15:39 -------- d-----w- c:\users\mqc874\AppData\Roaming\SUPERAntiSpyware.com
2016-02-05 15:38 . 2016-02-05 15:39 -------- d-----w- c:\program files\SUPERAntiSpyware
2016-02-05 15:38 . 2016-02-05 15:38 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2016-02-05 13:47 . 2015-07-01 18:30 1190000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{2F9BEF04-F328-46BE-95AB-21E9736610D2}\gapaengine.dll
2016-02-03 17:00 . 2013-08-22 05:17 2407936 ----a-w- c:\windows\SysWow64\PrintConfig.dll
2016-02-02 15:38 . 2016-02-02 15:39 -------- d-----w- c:\users\mqc874\New folder
2016-01-27 16:06 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2016-01-27 16:06 . 2015-08-27 17:58 1391104 ----a-w- c:\windows\SysWow64\msxml6.dll
2016-01-27 16:06 . 2015-08-27 18:18 1887232 ----a-w- c:\windows\system32\msxml3.dll
2016-01-27 16:06 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml6r.dll
2016-01-27 16:06 . 2015-08-27 18:13 2048 ----a-w- c:\windows\system32\msxml3r.dll
2016-01-27 16:06 . 2015-08-27 17:58 1241088 ----a-w- c:\windows\SysWow64\msxml3.dll
2016-01-27 16:06 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml6r.dll
2016-01-27 16:06 . 2015-08-27 17:51 2048 ----a-w- c:\windows\SysWow64\msxml3r.dll
2016-01-26 17:56 . 2015-07-16 19:12 53248 ----a-w- c:\windows\SysWow64\tsgqec.dll
2016-01-26 17:56 . 2015-07-16 19:11 62976 ----a-w- c:\windows\system32\tsgqec.dll
2016-01-26 17:56 . 2015-07-16 19:12 856064 ----a-w- c:\windows\SysWow64\rdvidcrl.dll
2016-01-26 17:56 . 2015-07-16 19:12 6131200 ----a-w- c:\windows\SysWow64\mstscax.dll
2016-01-26 17:56 . 2015-07-16 19:11 7077376 ----a-w- c:\windows\system32\mstscax.dll
2016-01-26 17:56 . 2015-07-16 19:11 1057792 ----a-w- c:\windows\system32\rdvidcrl.dll
2016-01-26 17:56 . 2015-07-11 13:15 429568 ----a-w- c:\windows\system32\wksprt.exe
2016-01-26 17:53 . 2015-08-05 17:56 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2016-01-26 17:51 . 2015-11-05 19:02 2048 ----a-w- c:\windows\system32\tzres.dll
2016-01-26 17:51 . 2015-11-05 19:00 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2016-01-26 17:49 . 2015-07-15 18:10 1743360 ----a-w- c:\windows\system32\sysmain.dll
2016-01-26 17:49 . 2015-07-15 18:10 11264 ----a-w- c:\windows\system32\msmmsp.dll
2016-01-26 17:49 . 2015-07-15 18:15 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2016-01-26 17:49 . 2015-07-15 18:02 2560 ----a-w- c:\windows\system32\drivers\en-US\mountmgr.sys.mui
2016-01-26 17:48 . 2015-08-06 18:04 14176768 ----a-w- c:\windows\system32\shell32.dll
2016-01-26 17:48 . 2015-08-06 18:03 1866752 ----a-w- c:\windows\system32\ExplorerFrame.dll
2016-01-26 17:48 . 2015-08-06 17:44 1498624 ----a-w- c:\windows\SysWow64\ExplorerFrame.dll
2016-01-26 17:48 . 2015-09-01 18:14 503296 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tiptsf.dll
2016-01-26 17:48 . 2015-09-01 18:14 1247232 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tipskins.dll
2016-01-26 17:48 . 2015-09-01 18:14 110592 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipBand.dll
2016-01-26 17:48 . 2015-09-01 18:13 224768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TabTip.exe
2016-01-26 17:48 . 2015-09-01 18:12 544768 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\TipRes.dll
2016-01-26 17:48 . 2015-09-01 17:52 348672 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll
2016-01-26 17:48 . 2015-09-01 17:52 10240 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\TabTip32.exe
2016-01-26 17:47 . 2015-11-03 19:04 802304 ----a-w- c:\windows\system32\usp10.dll
2016-01-26 17:47 . 2015-11-03 18:56 627712 ----a-w- c:\windows\SysWow64\usp10.dll
2016-01-26 17:43 . 2015-08-05 17:06 39936 ----a-w- c:\windows\system32\drivers\tssecsrv.sys
2016-01-26 17:43 . 2015-08-05 17:56 22528 ----a-w- c:\windows\system32\icaapi.dll
2016-01-26 17:41 . 2015-07-09 17:58 82944 ----a-w- c:\windows\system32\dwmapi.dll
2016-01-26 17:41 . 2015-07-09 17:58 1632256 ----a-w- c:\windows\system32\dwmcore.dll
2016-01-26 17:41 . 2015-07-09 17:42 67584 ----a-w- c:\windows\SysWow64\dwmapi.dll
2016-01-26 17:41 . 2015-07-09 17:42 1372160 ----a-w- c:\windows\SysWow64\dwmcore.dll
2016-01-26 17:39 . 2015-07-15 03:19 52736 ----a-w- c:\windows\system32\basesrv.dll
2016-01-26 17:37 . 2015-11-10 18:55 1180160 ----a-w- c:\windows\system32\FntCache.dll
2016-01-26 17:37 . 2015-11-10 18:55 1008640 ----a-w- c:\windows\system32\user32.dll
2016-01-26 17:37 . 2015-11-10 18:39 1251328 ----a-w- c:\windows\SysWow64\DWrite.dll
2016-01-26 17:37 . 2015-11-10 18:37 833024 ----a-w- c:\windows\SysWow64\user32.dll
2016-01-26 17:37 . 2015-11-10 18:55 1648128 ----a-w- c:\windows\system32\DWrite.dll
2016-01-26 17:37 . 2015-11-10 17:47 3211264 ----a-w- c:\windows\system32\win32k.sys
2016-01-26 17:37 . 2015-07-01 20:49 260096 ----a-w- c:\windows\system32\WebClnt.dll
2016-01-26 17:37 . 2015-07-01 20:48 102912 ----a-w- c:\windows\system32\davclnt.dll
2016-01-26 17:37 . 2015-07-01 20:30 206848 ----a-w- c:\windows\SysWow64\WebClnt.dll
2016-01-26 17:37 . 2015-07-01 20:30 82432 ----a-w- c:\windows\SysWow64\davclnt.dll
2016-01-26 17:36 . 2015-06-17 17:47 404992 ----a-w- c:\windows\system32\gdi32.dll
2016-01-26 17:36 . 2015-06-17 17:37 312320 ----a-w- c:\windows\SysWow64\gdi32.dll
2016-01-26 17:35 . 2015-11-05 19:05 17408 ----a-w- c:\windows\system32\wshrm.dll
2016-01-26 17:35 . 2015-11-05 19:02 14848 ----a-w- c:\windows\SysWow64\wshrm.dll
2016-01-26 17:35 . 2015-11-05 09:53 146944 ----a-w- c:\windows\system32\drivers\rmcast.sys
2016-01-26 17:33 . 2015-10-01 18:04 616360 ----a-w- c:\windows\system32\winresume.efi
2016-01-26 17:33 . 2015-10-01 18:00 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe
2016-01-26 17:33 . 2015-10-01 17:00 61440 ----a-w- c:\windows\system32\drivers\appid.sys
2016-01-26 17:33 . 2015-10-01 18:00 59392 ----a-w- c:\windows\system32\appidapi.dll
2016-01-26 17:33 . 2015-10-01 18:00 32768 ----a-w- c:\windows\system32\appidsvc.dll
2016-01-26 17:33 . 2015-10-01 18:00 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe
2016-01-26 17:33 . 2015-10-01 17:50 50688 ----a-w- c:\windows\SysWow64\appidapi.dll
2016-01-26 17:33 . 2015-10-01 18:00 63488 ----a-w- c:\windows\system32\setbcdlocale.dll
2016-01-26 17:33 . 2015-10-01 18:06 692672 ----a-w- c:\windows\system32\winload.efi
2016-01-26 17:29 . 2015-10-20 01:05 86528 ----a-w- c:\windows\system32\TSpkg.dll
2016-01-26 17:18 . 2015-07-30 18:06 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2016-01-26 17:18 . 2015-07-30 17:57 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2016-01-26 17:18 . 2015-10-29 17:50 23552 ----a-w- c:\windows\system32\sdbinst.exe
2016-01-26 17:18 . 2015-10-29 17:49 20992 ----a-w- c:\windows\SysWow64\sdbinst.exe
2016-01-26 17:18 . 2015-10-29 17:50 6656 ----a-w- c:\windows\system32\shimeng.dll
2016-01-26 17:18 . 2015-10-29 17:50 342016 ----a-w- c:\windows\system32\apphelp.dll
2016-01-26 17:18 . 2015-10-29 17:50 72192 ----a-w- c:\windows\system32\aelupsvc.dll
2016-01-26 17:18 . 2015-10-29 17:50 5120 ----a-w- c:\windows\SysWow64\shimeng.dll
2016-01-26 17:18 . 2015-10-29 17:49 295936 ----a-w- c:\windows\SysWow64\apphelp.dll
2016-01-26 17:15 . 2015-07-23 00:02 1390592 ----a-w- c:\windows\system32\diagtrack.dll
2016-01-26 17:15 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\tdh.dll
2016-01-26 17:15 . 2015-07-22 17:53 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2016-01-26 17:15 . 2015-07-22 16:48 41984 ----a-w- c:\windows\system32\UtcResources.dll
2016-01-26 17:14 . 2015-07-23 00:02 879104 ----a-w- c:\windows\system32\advapi32.dll
2016-01-26 17:14 . 2015-07-22 17:53 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2016-01-26 17:14 . 2015-07-09 17:57 193536 ----a-w- c:\windows\system32\notepad.exe
2016-01-26 17:14 . 2015-07-09 17:57 193536 ----a-w- c:\windows\notepad.exe
2016-01-26 17:14 . 2015-07-09 17:42 179712 ----a-w- c:\windows\SysWow64\notepad.exe
2016-01-26 17:12 . 2015-06-25 10:06 115136 ----a-w- c:\windows\system32\consent.exe
2016-01-26 17:12 . 2015-06-25 10:01 70656 ----a-w- c:\windows\system32\appinfo.dll
2016-01-26 17:12 . 2015-06-25 10:01 1941504 ----a-w- c:\windows\system32\authui.dll
2016-01-26 17:12 . 2015-06-25 09:44 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2016-01-26 17:06 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys
2016-01-26 17:01 . 2015-09-02 03:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2016-01-26 17:01 . 2015-09-02 03:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2016-01-26 17:01 . 2015-09-02 03:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2016-01-26 17:01 . 2015-09-02 02:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2016-01-26 17:01 . 2015-09-02 02:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2016-01-26 17:01 . 2015-09-02 02:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2016-01-26 17:01 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2016-01-26 17:01 . 2015-09-02 02:47 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2016-01-26 17:01 . 2015-09-02 01:47 372736 ----a-w- c:\windows\system32\atmfd.dll
2016-01-26 17:01 . 2015-09-02 01:33 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2016-01-22 22:33 . 2016-02-01 05:22 -------- d-----w- C:\Arris Office 2013
2016-01-22 18:11 . 2016-01-22 18:11 -------- d-----w- c:\users\mqc874\AppData\Roaming\Ellanet
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-02-11 15:08 . 2012-05-17 21:24 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-02-11 15:08 . 2012-05-17 21:24 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-14 16:05 . 2015-12-14 16:06 227520 ----a-w- c:\windows\system32\psping.exe
2015-12-14 16:05 . 2015-12-14 16:06 207664 ----a-w- c:\windows\system32\psshutdown.exe
2015-12-14 16:05 . 2015-12-14 16:06 187184 ----a-w- c:\windows\system32\pssuspend.exe
2015-12-14 16:05 . 2015-12-14 16:06 468592 ----a-w- c:\windows\system32\pskill.exe
2015-12-14 16:05 . 2015-12-14 16:06 396480 ----a-w- c:\windows\system32\PsExec.exe
2015-12-14 16:05 . 2015-12-14 16:06 390520 ----a-w- c:\windows\system32\PsInfo.exe
2015-12-14 16:05 . 2015-12-14 16:06 333176 ----a-w- c:\windows\system32\PsGetsid.exe
2015-12-14 16:05 . 2015-12-14 16:06 232232 ----a-w- c:\windows\system32\pslist.exe
2015-12-14 16:05 . 2015-12-14 16:06 183160 ----a-w- c:\windows\system32\PsLoggedon.exe
2015-12-14 16:05 . 2015-12-14 16:06 178040 ----a-w- c:\windows\system32\psloglist.exe
2015-12-14 16:05 . 2015-12-14 16:06 171608 ----a-w- c:\windows\system32\pspasswd.exe
2015-12-14 16:05 . 2015-12-14 16:06 169848 ----a-w- c:\windows\system32\PsService.exe
2015-12-14 16:05 . 2015-12-14 16:06 105264 ----a-w- c:\windows\system32\psfile.exe
2015-12-09 03:39 . 2010-11-21 03:27 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-08 09:00 . 2015-12-08 09:00 214832 ----a-w- c:\windows\system32\drivers\ssudmdm.sys
2015-12-08 09:00 . 2015-12-08 09:00 122160 ----a-w- c:\windows\system32\drivers\ssudbus.sys
2015-11-25 15:23 . 2015-11-25 15:23 58640 ----a-w- c:\windows\system32\drivers\DisplayLinkUsbIo_x64_7.9.630.0.sys
2015-11-25 15:23 . 2015-11-25 15:23 1425936 ----a-w- c:\windows\system32\DisplayLinkUsbCo64_7.9.630.0.dll
2015-11-24 00:10 . 2012-06-05 21:29 140158008 ----a-w- c:\windows\system32\MRT.exe
2014-08-16 23:16 . 2012-12-10 15:50 13024768 ----a-w- c:\program files (x86)\Common Files\lpuninstall.exe
2012-05-18 21:11 . 2012-05-18 18:20 132 ----a-w- c:\program files\RSASecurIDToken410.bat
2012-04-23 20:18 . 2012-05-16 15:08 2584848 ----a-w- c:\program files\WindowsInstaller-KB893803-x86.exe
2012-04-23 20:18 . 2012-05-16 15:08 645040 ----a-w- c:\program files\smcinst.exe
2012-04-23 20:18 . 2012-05-16 15:08 2587056 ----a-w- c:\program files\Setup.exe
2012-04-23 20:18 . 2012-05-16 15:08 7644672 ----a-w- c:\program files\Sep64.msi
2012-01-06 13:32 . 2012-01-06 13:32 1068952 ----a-w- c:\program files\BESRemove-8.2.1093.0.exe
2012-01-03 11:37 . 2012-01-03 11:37 6834176 ----a-w- c:\program files\BESClientMSI.msi
2011-10-19 17:54 . 2012-05-18 18:20 10307072 ----a-w- c:\program files\RSASecurIDToken410.msi
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-11-10 20:45 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-11-10 20:45 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-11-10 20:45 1731800 ----a-w- c:\progra~2\MICROS~1\Office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Push Client"="c:\users\mqc874\AppData\Local\ATT Connect\Participant\pull.exe" [2011-04-27 966944]
"OfficeSyncProcess"="c:\program files (x86)\Microsoft Office\Office14\MSOSYNC.EXE" [2015-09-02 721504]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2014-04-30 578560]
"PTOneClick"="c:\program files (x86)\WebEx\Productivity Tools\ptoneclk.exe" [2015-03-04 197368]
"SpybotPostWindows10UpgradeReInstall"="c:\program files\Common Files\AV\Spybot - Search and Destroy\Test.exe" [2015-07-28 1011200]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2015-09-04 4377256]
"Lync"="c:\program files (x86)\Microsoft Office\Office15\lync.exe" [2015-11-18 24117416]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2015-07-27 1566016]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2016-01-21 7935904]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-07-18 292088]
"IMSS"="c:\program files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe" [2012-02-28 133400]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-12-20 507744]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2011-12-22 362432]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2015-07-27 311616]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2011-03-09 107816]
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe" [2012-06-15 136488]
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCam.exe" [2012-06-15 234000]
"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2015-09-04 4377256]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-10-08 917112]
.
c:\users\mqc874\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Verizon Wireless Software Utility Application for Android – Samsung.lnk.disabled [2014-7-15 1935]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2012-4-1 1390368]
Install LastPass IE RunOnce.lnk - c:\program files (x86)\Common Files\lpuninstall.exe -p -name=LastPass -ffuuid
[email protected] [2012-12-10 13024768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableInstallerDetection"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"ConnectHomeDirToRoot"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\D:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkPad\Bluetooth Software\BtwProximityCP.dll c:\program files\ThinkVantage Fingerprint Software\psqlpwd.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1503781981-2815224856-594536586-135526\Scripts\Logon\0\0]
"Script"=disableproxy.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1503781981-2815224856-594536586-135526\Scripts\Logon\1\0]
"Script"=intranetZone.vbs
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-1830819319-1975652134-394877016-74296\Scripts\Logon\0\0]
"Script"=Regedit.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\group policy\state\S-1-5-21-2715536563-2913614024-2021022987-11069\Scripts\Logon\0\0]
"Script"=Regedit.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Andy"=c:\program files\Andy\HandyAndy.exe
"LGODDFU"=c:\program files (x86)\lg_fwupdate\lgfw.exe blrun
"Wondershare Helper Compact.exe"=c:\program files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe;c:\program files\Enigma Software Group\SpyHunter\SH4Service.exe [x]
R3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
R3 ahcix64s;ahcix64s;c:\windows\system32\drivers\ahcix64s.sys;c:\windows\SYSNATIVE\drivers\ahcix64s.sys [x]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys;c:\windows\SYSNATIVE\DRIVERS\motfilt.sys [x]
R3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 DisplayLinkUsbIo_x64;DisplayLinkUsbIo_x64;c:\windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.9.630.0.sys;c:\windows\SYSNATIVE\DRIVERS\DisplayLinkUsbIo_x64_7.9.630.0.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x]
R3 iaStorA;iaStorA;c:\windows\system32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
R3 iaStorS;iaStorS;c:\windows\system32\drivers\iaStorS.sys;c:\windows\SYSNATIVE\drivers\iaStorS.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 lpasvc;Microsoft Policy Platform Local Authority;c:\program files\Microsoft Policy Platform\policyHost.exe;c:\program files\Microsoft Policy Platform\policyHost.exe [x]
R3 lppsvc;Microsoft Policy Platform Processor;c:\program files\Microsoft Policy Platform\policyHost.exe;c:\program files\Microsoft Policy Platform\policyHost.exe [x]
R3 LS Config Download Service;LS Config Download Service;c:\program files (x86)\OnGuard\LnlConfigDownloadService.exe;c:\program files (x86)\OnGuard\LnlConfigDownloadService.exe [x]
R3 LS Linkage Server;LS Linkage Server;c:\program files (x86)\OnGuard\LSLServer.exe;c:\program files (x86)\OnGuard\LSLServer.exe [x]
R3 LS PTZ Tour Server;LS PTZ Tour Server;c:\program files (x86)\OnGuard\LnlPTZTourServer.exe;c:\program files (x86)\OnGuard\LnlPTZTourServer.exe [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys;c:\windows\SYSNATIVE\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys;c:\windows\SYSNATIVE\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys;c:\windows\SYSNATIVE\DRIVERS\motccgpfl.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys;c:\windows\SYSNATIVE\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys;c:\windows\SYSNATIVE\DRIVERS\motusbdevice.sys [x]
R3 mv64xx;mv64xx;c:\windows\system32\drivers\mv64xx.sys;c:\windows\SYSNATIVE\drivers\mv64xx.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NgFilter;Aventail VPN Filter;c:\windows\system32\DRIVERS\ngfilter.sys;c:\windows\SYSNATIVE\DRIVERS\ngfilter.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PrintNotify;Printer Extensions and Notifications;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ser2co;Belkin Serial port driver;c:\windows\system32\DRIVERS\ser2co64.sys;c:\windows\SYSNATIVE\DRIVERS\ser2co64.sys [x]
R3 silabenm;CP2102 USB to UART Bridge Serial Port Enumerator Driver;c:\windows\system32\DRIVERS\silabenm.sys;c:\windows\SYSNATIVE\DRIVERS\silabenm.sys [x]
R3 silabser;CP2102 USB to UART Bridge Driver;c:\windows\system32\DRIVERS\silabser.sys;c:\windows\SYSNATIVE\DRIVERS\silabser.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB RNDIS6 Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 dlkmdldr;dlkmdldr;c:\windows\system32\drivers\dlkmdldr.sys;c:\windows\SYSNATIVE\drivers\dlkmdldr.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\drivers\iaStorF.sys;c:\windows\SYSNATIVE\drivers\iaStorF.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys;c:\windows\SYSNATIVE\drivers\iusb3hcs.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 atccorrector;Absolute Time Corrector Service;c:\program files (x86)\FlexibleSoft\Absolute Time Corrector\atcorrector.exe;c:\program files (x86)\FlexibleSoft\Absolute Time Corrector\atcorrector.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 CAMService;CAM Service;c:\program files\Intel\CAM\bin\CAMService.exe;c:\program files\Intel\CAM\bin\CAMService.exe [x]
S2 CipcCdp;Cisco IP Communicator driver for CDP;c:\windows\system32\DRIVERS\CipcCdp.sys;c:\windows\SYSNATIVE\DRIVERS\CipcCdp.sys [x]
S2 CmRcService;Configuration Manager Remote Control;c:\windows\CCM\RemCtrl\CmRcService.exe;c:\windows\CCM\RemCtrl\CmRcService.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DisplayLinkService;DisplayLinkManager;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe;c:\program files\DisplayLink Core Software\DisplayLinkManager.exe [x]
S2 Fitbit Connect;Fitbit Connect Service;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe [x]
S2 GenieWifiService;GenieWifiService;c:\program files (x86)\Genie Soft\Genie Wifi\GenieWifiService.exe;c:\program files (x86)\Genie Soft\Genie Wifi\GenieWifiService.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 LpsSearchSvc;LpsSearchSvc;c:\program files (x86)\Common Files\Lenel\LpsSearchSvc.exe;c:\program files (x86)\Common Files\Lenel\LpsSearchSvc.exe [x]
S2 LS Client Update;LS Client Update;c:\program files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe;c:\program files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe [x]
S2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
S2 NgVpnMgr;Aventail VPN Client;c:\windows\system32\ngvpnmgr.exe;c:\windows\SYSNATIVE\ngvpnmgr.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 PanGPS;PanGPS;c:\program files\Palo Alto Networks\GlobalProtect\PanGPS.exe;c:\program files\Palo Alto Networks\GlobalProtect\PanGPS.exe [x]
S2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
S2 risdxc;risdxc;c:\windows\system32\drivers\risdxc64.sys;c:\windows\SYSNATIVE\drivers\risdxc64.sys [x]
S2 smihlp;SMI Helper Driver (smihlp);c:\program files\ThinkVantage Fingerprint Software\smihlp.sys;c:\program files\ThinkVantage Fingerprint Software\smihlp.sys [x]
S2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe;c:\program files (x86)\VERIZONDM\bin\sprtsvc.exe [x]
S2 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe;c:\program files (x86)\VERIZONDM\bin\tgsrvc.exe [x]
S2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
S2 TPHKSVC;On Screen Display;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dlkmd;dlkmd;c:\windows\system32\drivers\dlkmd.sys;c:\windows\SYSNATIVE\drivers\dlkmd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 NgLog;Aventail VPN Logging;c:\windows\system32\DRIVERS\nglog.sys;c:\windows\SYSNATIVE\DRIVERS\nglog.sys [x]
S3 NgVpn;Aventail VPN Adapter;c:\windows\system32\DRIVERS\ngvpn.sys;c:\windows\SYSNATIVE\DRIVERS\ngvpn.sys [x]
S3 NgWfp;Aventail VPN Callout;c:\windows\system32\DRIVERS\ngwfp.sys;c:\windows\SYSNATIVE\DRIVERS\ngwfp.sys [x]
S3 PanGpd;PanGP Virtual Miniport;c:\windows\system32\DRIVERS\pangpd.sys;c:\windows\SYSNATIVE\DRIVERS\pangpd.sys [x]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-02-11 03:52 1090376 ----a-w- c:\program files (x86)\Google\Chrome\Application\48.0.2564.109\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2016-02-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-17 15:08]
.
2016-02-17 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-1830819319-1975652134-394877016-74296.job
- c:\program files (x86)\Citrix\GoToMeeting\4419\g2mupdate.exe [2016-02-12 15:39]
.
2016-02-17 c:\windows\Tasks\G2MUploadTask-S-1-5-21-1830819319-1975652134-394877016-74296.job
- c:\program files (x86)\Citrix\GoToMeeting\4419\g2mupload.exe [2016-02-12 15:39]
.
2016-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 16:29]
.
2016-02-17 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-17 16:29]
.
2016-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526Core.job
- c:\users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03 19:49]
.
2016-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526UA.job
- c:\users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03 19:49]
.
2016-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069Core1cf8eeef8b826ea.job
- c:\users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03 19:49]
.
2016-02-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069UA1cf8eeef8d4135a.job
- c:\users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-03 19:49]
.
2016-02-17 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task a8fe8680-abe2-45e8-8d8b-466c8abc0456.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
2016-02-05 c:\windows\Tasks\SUPERAntiSpyware Scheduled Task e98c4c5a-8f87-4354-b7ea-3b9df25865ab.job
- c:\program files\SUPERAntiSpyware\SASTask.exe [2013-11-07 20:08]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-11-10 20:50 2339032 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-11-10 20:50 2339032 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-11-10 20:50 2339032 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-17 12480616]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-09 1158248]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-06-02 290160]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-10-26 652624]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2009-07-07 2114376]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-30 1337000]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-02-20 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-02-20 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-02-20 441152]
"GlobalProtect"="c:\program files\Palo Alto Networks\GlobalProtect\PanGPA.exe" [2015-09-10 1802032]
"IntelPROSet"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2015-06-12 4879264]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-12-09 170256]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office15\EXCEL.EXE/3000
IE: LastPass - file://c:\users\mqc874\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - file://c:\users\mqc874\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office15\ONBttnIE.dll/105
Trusted Zone: arrisi.com\arris-mysites
Trusted Zone: arrisi.com\horizon
TCP: DhcpNameServer = 10.35.151.2 10.43.1.1 10.0.248.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
DPF: {F6962361-AD4A-4897-A356-3E10A15A102C} - hxxps://webxadmin-vm.arrisi.com/client/T27LD/webex/ieatgpc1.cab
FF - ProfilePath - c:\users\mqc874\AppData\Roaming\Mozilla\Firefox\Profiles\6illyohj.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: network.proxy.type - 0
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-atc.exe - (no file)
Wow6432Node-HKCU-Run-GenieFloater - c:\program files (x86)\Genie Soft\Genie Cleaner\GenieFloater.exe
SafeBoot-29361337.sys
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-NETGCOMM&0846&1100 - c:\program files (x86)\Netgear\MCU\CP2102\DriverUninstaller.exe VCP CP210x Cardinal\NETGCOMM&0846&1100
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\atccorrector]
"ImagePath"="c:\program files (x86)\FlexibleSoft\Absolute Time Corrector\atcorrector.exe /startedbyscm:72129319-40E32761-atccorrector"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1830819319-1975652134-394877016-74296\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9547D776-A04C-E308-9601-4A3F32D36EB0}*]
@Allowed: (Read) (RestrictedCode)
"oabfmmnffoemkolcioklbofpkdncoa"=hex:6a,61,6d,6d,66,6f,6d,6c,70,70,6c,6c,70,63,
64,64,64,6d,61,61,00,00
"pahdpfojkjpnkhfclfpnlpaljajcinfd"=hex:6a,61,6d,6d,66,6f,6d,6c,70,70,6c,6c,70,
63,64,64,64,6d,61,61,00,00
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_306_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_306.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2016-02-17 15:41:09
ComboFix-quarantined-files.txt 2016-02-17 20:41
.
Pre-Run: 12,596,416,512 bytes free
Post-Run: 12,463,075,328 bytes free
.
- - End Of File - - D9F289007CABC21A09C61B0F21BA5B31