Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

Firefox and m55.dnsqa.me notification

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
DeeCee70
Newbie


Joined: 05 Mar 2016
Last Visit: 10 Apr 2016
Posts: 8
Location: Melbourne, Australia

PostPosted: Sat Mar 05, 2016 5:14 am    Post subject: Firefox and m55.dnsqa.me notification Reply with quote

Hi there,
I have a fairly new computer and have in the last week or two run into Firefox pop-ups appearing, even though reportedly blocked.
I have run Malwarebytes and it found 44 suspicious files, which have been quarantined, but I'm now getting a pop up from it almost every time I open a new tab in Firefox, telling me its blocked a suspicious website - m55.dnsqa.me
Is there something further I can do to avoid this?

I've run the requested scans, as below...

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by DeniseC at 23:52:23 on 2016-03-05
Microsoft Windows 10 Home 10.0.10586.0.1252.61.1033.18.8107.4565 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\SysWOW64\esif_uf.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
c:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxHK.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?trackid=sp-006
uLocal Page = %11%\blank.htm
uSearch Bar = hxxps://www.google.com/?trackid=sp-006
uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
mStart Page = hxxps://www.google.com/?trackid=sp-006
mSearch Bar = hxxps://www.google.com/?trackid=sp-006
mSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Royal Raid: {730bc77f-4b48-4f48-9236-5cf092043d53} -
BHO: {73e63875-3642-489c-b934-1c996afd502f} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRunOnce: [Uninstall C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\DeniseC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
mRun: [StartCCC] "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [PowerDVD14Agent] "C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
mRun: [Adobe Photo Downloader] "C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
TCP: NameServer = 8.8.8.8,8.8.8.4
TCP: NameServer = 10.1.1.1
TCP: Interfaces\{112b8621-f656-4301-b8d5-713a0d72ce76} : DHCPNameServer = 82.163.143.171
TCP: Interfaces\{6f189d75-dc47-4b4d-8c63-d1184b5c7a04} : DHCPNameServer = 10.1.1.1
TCP: Interfaces\{970f3287-5c7b-4362-a2fb-c95d6fb6c04c} : DHCPNameServer = 82.163.143.171
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BtServer] "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DeniseC\AppData\Roaming\Mozilla\Firefox\Profiles\xv1zs44s.default\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1223183.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-29 74544]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswvmm.sys [2016-1-29 287016]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-7-25 1455552]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-29 1065720]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswsp.sys [2016-1-29 463744]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-30 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-27 264224]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-29 37656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-29 107792]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-29 165344]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-2-7 237096]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [2015-9-16 125656]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-9-16 1385640]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-11 25800]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [2015-2-18 608520]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-9-16 354936]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-7 223008]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-3-2 1513784]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-3-2 1135416]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2016-1-29 389896]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-9-16 307456]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-12-27 246472]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-1-15 245760]
R3 clwvd6;@oem20.inf,%clwvd.DeviceDesc% Service;CyberLink WebCam Virtual Driver 6.0 Service;C:\WINDOWS\System32\drivers\clwvd6.sys [2015-9-16 41704]
R3 dptf_cpu;dptf_cpu;C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-3-2 53752]
R3 dptf_pch;dptf_pch;C:\WINDOWS\System32\drivers\dptf_pch.sys [2016-3-2 50696]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 esif_lf;esif_lf;C:\WINDOWS\System32\drivers\esif_lf.sys [2016-3-2 261624]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-3-2 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-3-2 192216]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-3-2 64216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-9-16 895256]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2015-8-6 602352]
R3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2015-9-16 411712]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-10-30 4738672]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2015-12-27 44216]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-30 694784]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2015-6-24 30384]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27 143144]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-29 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-27 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-7-17 472872]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2015-12-28 31800]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2015-7-13 33448]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-30 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-30 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-30 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-2 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-3-2 29696]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== Created Last 30 ================
.
2016-03-02 10:54:41 609280 ----a-w- C:\WINDOWS\System32\MetroIntelGenericUIFramework.dll
2016-03-02 10:49:29 819880 ----a-w- C:\WINDOWS\System32\drivers\UMDF\esif_umdf2.dll
2016-03-02 10:49:29 53752 ----a-w- C:\WINDOWS\System32\drivers\dptf_cpu.sys
2016-03-02 10:49:29 50696 ----a-w- C:\WINDOWS\System32\drivers\dptf_pch.sys
2016-03-02 10:49:29 261624 ----a-w- C:\WINDOWS\System32\drivers\esif_lf.sys
2016-03-02 09:55:32 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-03-02 09:54:55 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-03-02 09:54:55 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-03-02 09:54:55 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-03-02 09:54:55 -------- d-----w- C:\ProgramData\Malwarebytes
2016-03-02 09:54:55 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-02 08:15:59 779384 ----a-w- C:\WINDOWS\System32\taskschd.dll
2016-02-21 11:24:00 -------- d-----w- C:\ProgramData\f9a5abd8-78a3-0
2016-02-21 11:19:42 -------- d-----w- C:\ProgramData\f9a5abd8-18f7-0
2016-02-21 11:19:40 -------- d-----w- C:\ProgramData\128613b
2016-02-21 11:19:38 -------- d-----w- C:\ProgramData\{193a96c1-412c-1}
2016-02-21 11:19:38 -------- d-----w- C:\ProgramData\{084e7819-312c-0}
2016-02-11 12:14:08 7835648 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-02-11 12:14:05 5662208 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-02-11 12:14:02 970752 ----a-w- C:\WINDOWS\System32\kerberos.dll
2016-02-11 12:14:02 792064 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2016-02-11 12:14:02 1387520 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2016-02-11 12:14:01 4502352 ----a-w- C:\WINDOWS\explorer.exe
2016-02-11 12:14:00 2606824 ----a-w- C:\WINDOWS\System32\combase.dll
2016-02-07 11:57:16 52184 ----a-w- C:\WINDOWS\avastSS.scr
.
==================== Find3M ====================
.
2016-03-05 09:15:18 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-02 11:04:55 18400 ----a-w- C:\WINDOWS\System32\drivers\rtkhdasetting.zip
2016-03-02 10:56:41 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-03-02 10:49:21 963232 ----a-w- C:\WINDOWS\System32\msvcr120.dll
2016-03-02 10:49:21 660128 ----a-w- C:\WINDOWS\System32\msvcp120.dll
2016-03-02 10:49:21 1385640 ----a-w- C:\WINDOWS\SysWow64\esif_uf.exe
2016-02-26 11:57:56 287016 ----a-w- C:\WINDOWS\System32\drivers\aswvmm.sys
2016-02-23 11:29:14 874968 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-02-23 11:29:14 1030416 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-02-23 11:27:25 7475040 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-02-23 11:27:19 1317640 ----a-w- C:\WINDOWS\System32\winload.efi
2016-02-23 11:27:19 1141504 ----a-w- C:\WINDOWS\System32\winload.exe
2016-02-23 11:27:14 2654872 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-23 11:25:45 1818696 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-02-23 11:25:43 563552 ----a-w- C:\WINDOWS\System32\drivers\acpi.sys
2016-02-23 11:25:40 2152288 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2016-02-23 11:23:53 713568 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-02-23 11:22:23 1173344 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-02-23 11:15:26 513888 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-02-23 11:09:52 1614176 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2016-02-23 11:08:17 989536 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2016-02-23 10:34:32 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-02-23 10:34:27 1859960 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-02-23 10:33:46 389992 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-02-23 10:33:35 696160 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-02-23 10:32:59 369912 ----a-w- C:\WINDOWS\System32\audiodg.exe
2016-02-23 10:32:37 8705672 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2016-02-23 10:32:10 2544264 ----a-w- C:\WINDOWS\System32\mfcore.dll
2016-02-23 10:32:06 498448 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-02-23 10:32:06 1152328 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll
2016-02-23 10:32:03 1062480 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2016-02-23 10:31:59 1017032 ----a-w- C:\WINDOWS\System32\mfsrcsnk.dll
2016-02-23 10:31:57 847656 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2016-02-23 10:31:55 476728 ----a-w- C:\WINDOWS\System32\msvproc.dll
2016-02-23 10:31:37 819648 ----a-w- C:\WINDOWS\System32\mfmpeg2srcsnk.dll
2016-02-23 10:31:19 536256 ----a-w- C:\WINDOWS\System32\AudioSes.dll
2016-02-23 10:31:14 408120 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2016-02-23 10:22:50 572272 ----a-w- C:\WINDOWS\SysWow64\taskschd.dll
2016-02-23 10:21:10 6606568 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-02-23 10:17:36 146272 ----a-w- C:\WINDOWS\System32\drivers\appid.sys
2016-02-23 09:49:02 216416 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-02-23 09:45:57 2773096 ----a-w- C:\WINDOWS\System32\d3d11.dll
2016-02-23 09:45:24 259336 ----a-w- C:\WINDOWS\System32\sqmapi.dll
2016-02-23 09:45:19 1998176 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-02-23 09:45:17 576352 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-02-23 09:45:11 394080 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-02-23 09:44:11 640984 ----a-w- C:\WINDOWS\System32\wer.dll
2016-02-23 09:44:07 147808 ----a-w- C:\WINDOWS\System32\wermgr.exe
2016-02-23 09:40:28 430944 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2016-02-23 09:39:55 502112 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-02-23 09:38:56 709176 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2016-02-23 09:38:54 2180136 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2016-02-23 09:38:45 6952088 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2016-02-23 09:38:45 420928 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2016-02-23 09:38:24 450912 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-02-23 09:38:18 980352 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2016-02-23 09:38:14 882720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2016-02-23 09:38:10 895080 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2016-02-23 09:37:41 713824 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2016-02-23 09:32:32 791744 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-02-23 09:27:31 376536 ----a-w- C:\WINDOWS\System32\Windows.Media.MediaControl.dll
2016-02-23 09:26:51 5241984 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-02-23 09:25:27 534368 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-02-23 09:20:41 1139712 ----a-w- C:\WINDOWS\System32\XblGameSave.dll
2016-02-23 09:20:35 238592 ----a-w- C:\WINDOWS\System32\drivers\xboxgip.sys
2016-02-23 09:19:41 29696 ----a-w- C:\WINDOWS\System32\drivers\xinputhid.sys
2016-02-23 09:17:08 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-02-23 09:12:21 77824 ----a-w- C:\WINDOWS\System32\provpackageapidll.dll
2016-02-23 09:10:24 27648 ----a-w- C:\WINDOWS\System32\WiFiConfigSP.dll
2016-02-23 09:07:53 37376 ----a-w- C:\WINDOWS\System32\LaunchWinApp.exe
2016-02-23 09:07:17 26112 ----a-w- C:\WINDOWS\System32\wlansvcpal.dll
2016-02-23 09:06:49 129536 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2016-02-23 09:01:19 104960 ----a-w- C:\WINDOWS\System32\drivers\rasl2tp.sys
2016-02-23 09:00:28 48640 ----a-w- C:\WINDOWS\System32\wfdprov.dll
2016-02-23 09:00:11 69632 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-02-23 08:58:42 187744 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-02-23 08:58:35 69632 ----a-w- C:\WINDOWS\System32\wininetlui.dll
2016-02-23 08:58:15 25088 ----a-w- C:\WINDOWS\System32\irmon.dll
2016-02-23 08:58:03 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2016-02-23 08:57:59 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2016-02-23 08:56:01 2186864 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2016-02-23 08:55:55 114688 ----a-w- C:\WINDOWS\System32\drivers\bridge.sys
2016-02-23 08:55:40 221600 ----a-w- C:\WINDOWS\SysWow64\sqmapi.dll
2016-02-23 08:54:19 112640 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2016-02-23 08:54:10 539256 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2016-02-23 08:54:02 141664 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2016-02-23 08:53:16 99328 ----a-w- C:\WINDOWS\System32\ngckeyenum.dll
2016-02-23 08:53:06 115712 ----a-w- C:\WINDOWS\System32\srpapi.dll
2016-02-23 08:52:47 87040 ----a-w- C:\WINDOWS\System32\MDMAppInstaller.exe
2016-02-23 08:51:15 176640 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2016-02-23 08:50:11 159232 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-02-23 08:48:27 86528 ----a-w- C:\WINDOWS\System32\AppCapture.dll
2016-02-23 08:48:04 41984 ----a-w- C:\WINDOWS\System32\TimeBrokerClient.dll
2016-02-23 08:40:17 74240 ----a-w- C:\WINDOWS\System32\SMSRouter.dll
2016-02-23 08:39:34 178176 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2016-02-23 08:38:44 320000 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2016-02-23 08:38:02 287712 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MediaControl.dll
2016-02-23 08:37:50 204288 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2016-02-23 08:37:41 274944 ----a-w- C:\WINDOWS\System32\DisplayManager.dll
2016-02-23 08:37:09 617984 ----a-w- C:\WINDOWS\System32\StorSvc.dll
.
============= FINISH: 23:53:27.25 ===============

SECOND FILE:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 28/12/2015 4:42:15 PM
System Uptime: 2/03/2016 9:37:18 PM (74 hours ago)
.
Motherboard: HP | | 80C2
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz | U3E1 | 1500/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 910 GiB total, 839.025 GiB free.
D: is FIXED (NTFS) - 21 GiB total, 2.378 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP10: 15/02/2016 4:30:11 PM - Installed Adobe Photoshop Elements 5.0
RP11: 2/03/2016 7:18:06 PM - Windows Update
RP12: 2/03/2016 7:20:25 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Acrobat Reader DC
Adobe Flash Player 20 NPAPI
Adobe Help Center 2.1
Adobe Photoshop Elements 5.0
Adobe Refresh Manager
Adobe Shockwave Player 12.2
AMD Catalyst Control Center
AMD Catalyst Install Manager
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CyberLink PhotoDirector
CyberLink Power Media Player 14
CyberLink PowerDirector 12
CyberLink YouCam
DisableMSDefender
Dropbox
Dropbox 25 GB
Dropbox Update Helper
Energy Star
Evernote v. 5.8.6
HP Customer Experience Enhancements
HP Documentation
HP ePrint Windows Driver
HP Recovery Manager
HP Registration Service
HP Support Assistant
HP Support Solutions Framework
HP System Event Utility
HP Welcome
HP Wireless Button Driver
iCloud
InetStat
Intel(R) Chipset Device Software
Intel(R) Dynamic Platform and Thermal Framework
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel® Trusted Connect Service Client
iTunes
Malwarebytes Anti-Malware version 2.2.0.1024
Microsoft Office
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Mozilla Firefox 44.0.2 (x86 en-US)
Mozilla Maintenance Service
Mozilla Thunderbird 38.6.0 (x86 en-US)
OEM Application Profile
OpenOffice 4.1.2
PX Profile Update
REALTEK Bluetooth Driver
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
Revo Uninstaller Pro 3.1.5
swMSM
Synaptics Pointing Device Driver
VLC media player
.
==== Event Viewer Messages From Past Week ========
.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The User Data Storage_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The User Data Access_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The Sync Host_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Service Control Manager [7031] - The Contact Data_b76232 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
4/03/2016 2:33:15 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-1Cool from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
3/03/2016 12:37:05 AM, Error: Service Control Manager [7031] - The Sync Host_966d3 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:49:47 PM, Error: Microsoft-Windows-DriverFrameworks-UserMode [10101] - The driver package installation has failed. The final status was 0xE0000203.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The User Data Storage_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The User Data Access_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The Sync Host_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
2/03/2016 9:35:17 PM, Error: Service Control Manager [7031] - The Contact Data_10d2cbc service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
1/03/2016 3:02:25 PM, Error: disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 10 Sep 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Mon Mar 07, 2016 3:59 am    Post subject: Reply with quote

Duplicate post therefore closed.
http://spywarewarrior.com/viewtopic.php?t=35418
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group