Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

A little help.......

 
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal
View previous topic :: View next topic  
Author Message
posefish
Warrior


Joined: 14 Oct 2011
Last Visit: 05 Jan 2016
Posts: 73

PostPosted: Thu Dec 24, 2015 12:38 pm    Post subject: A little help....... Reply with quote

I find that my windows update will not work, videos are interrupted, browser is slow and some programs do not load completely. Here are the logs requested. thanks!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10586.20
Run by John at 12:22:00 on 2015-12-24
Microsoft Windows 10 Home 10.0.10586.0.1252.1.1033.18.8078.6368 [GMT -8:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\system32\sihost.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\WINDOWS\system32\taskhostw.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files\Classic Shell\ClassicStartMenu.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.foxnews.com/
uSearch Bar = Preserve
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
uRun: [OneDrive] "C:\Users\John\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN36RDXH2F05KC:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\John\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\WINDOWS\System32\RunDll32.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{224c079e-9089-4ecb-944a-901d157edb42} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{b393193f-e6b9-4f34-84eb-0f06eaeedb2f} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{b393193f-e6b9-4f34-84eb-0f06eaeedb2f}\75D4532316236666 : DHCPNameServer = 192.168.178.87
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: ClassicIEBHO Class: {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
x64-Run: [Classic Start Menu] "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-7-5 647736]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-29 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-29 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-29 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-29 218624]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-10-29 87040]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-29 8192]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2015-12-4 2748600]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-29 43944]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-29 43944]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-7-26 25800]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-10-29 330136]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-12-25 129856]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-29 78848]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R3 AiCharger;ASUS Charger Driver;C:\WINDOWS\System32\drivers\AiCharger.sys [2012-7-24 17152]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\WINDOWS\System32\drivers\AmpPal.sys [2013-5-21 165344]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-10-29 245248]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys [2015-5-13 19976]
R3 ibtfltcoex;Intel Corporation;C:\WINDOWS\System32\drivers\ibtfltcoex.sys [2015-7-1 79632]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-7-29 38976]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-10-29 121344]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2015-7-2 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-29 20480]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew01.sys [2015-10-29 3343872]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
R3 usb3Hub;USB-IF USB 3.0 Hub;C:\WINDOWS\System32\drivers\usb3Hub.sys [2012-11-29 47072]
R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-29 118112]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-29 364464]
R3 XHCIPort;USB-IF xHCI USB Host Controller;C:\WINDOWS\System32\drivers\xHCIPort.sys [2012-11-29 188896]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-12-25 166720]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-29 43944]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-7-2 1135416]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-12-25 365376]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-29 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-29 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-29 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-29 43944]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-29 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-11 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-29 43944]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-29 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-29 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-29 50016]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-29 81408]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-29 165888]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-29 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-29 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-29 117760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-7-29 50240]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-29 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-29 26624]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-29 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-29 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2015-7-2 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-29 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-29 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-29 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-29 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-29 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-29 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-29 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-29 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-29 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-29 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-29 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-29 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-10-29 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-29 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-29 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-10-29 254816]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-29 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-10-29 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-29 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-29 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-29 27488]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-29 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-29 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-29 43944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-10-29 694784]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-29 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-29 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-29 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-29 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-10-29 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-29 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-10-29 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-29 43944]
.
=============== Created Last 30 ================
.
2015-12-24 18:54:36 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5FC1F4DB-AD7F-4094-BE81-4F6E2C2FA3CB}\mpengine.dll
2015-12-19 23:13:54 11154520 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2015-12-19 22:59:42 -------- d-----w- C:\Users\John\AppData\Local\WebDiscoverBrowser
2015-12-19 22:59:34 -------- d-----w- C:\Program Files\WebDiscoverBrowser
2015-12-19 22:58:26 -------- d-----w- C:\ProgramData\ba5bbb1e-64c5-1
2015-12-19 22:58:26 -------- d-----w- C:\ProgramData\ba5bbb1e-3a55-0
2015-12-19 22:57:29 -------- d-----w- C:\searchplugins
2015-12-19 22:57:23 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2015-12-19 22:57:16 -------- d-----w- C:\Users\John\AppData\Local\Lavasoft
2015-12-19 22:57:04 425744 ----a-w- C:\WINDOWS\System32\LavasoftTcpService64.dll
2015-12-19 22:57:04 345360 ----a-w- C:\WINDOWS\SysWow64\LavasoftTcpService.dll
2015-12-19 22:57:00 -------- d-----w- C:\Program Files (x86)\Lavasoft
2015-12-19 17:56:41 -------- d-----w- C:\Users\John\AppData\Roaming\com.pandora.desktop.66F690BC77738C95E986E1B4A197193F28756A21.1
2015-12-19 17:56:40 -------- d---a-w- C:\Program Files (x86)\Pandora
2015-12-18 00:07:56 -------- d-----w- C:\Users\John\AppData\Local\Microsoft Help
2015-12-18 00:04:52 88752 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.6366.2036\vcruntime140.dll
2015-12-18 00:04:52 635040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.6366.2036\msvcp140.dll
2015-12-17 23:53:14 -------- d-----w- C:\FRST
2015-12-17 23:44:37 -------- d-----w- C:\AdwCleaner
2015-12-15 18:35:31 -------- d-----w- C:\ProgramData\IntelDLM
2015-12-15 18:29:06 -------- d-----w- C:\Users\John\AppData\Local\Intel
2015-12-15 18:28:05 -------- d-----w- C:\Program Files (x86)\Intel Driver Update Utility
2015-12-12 17:02:59 -------- d--h--w- C:\$SysReset
2015-12-11 18:49:22 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2015-12-11 17:14:59 586080 ----a-w- C:\WINDOWS\SysWow64\wimgapi.dll
2015-12-10 16:54:21 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{CDA948E2-4CD7-41F5-9222-2B0D99D67C2E}\gapaengine.dll
2015-12-10 16:37:48 -------- d-----w- C:\Users\John\AppData\Local\ActiveSync
2015-12-10 11:38:26 -------- d-sh--we C:\ProgramData\Documents
2015-12-10 11:28:05 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2015-12-10 11:24:04 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2015-12-10 11:24:04 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2015-12-10 11:11:01 72704 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2015-12-10 11:11:01 69120 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2015-12-10 11:10:38 -------- d-----w- C:\Program Files (x86)\Common Files\Intel
2015-12-10 11:10:37 -------- d-----w- C:\Program Files (x86)\ASUS
2015-12-10 11:10:23 -------- d-----w- C:\ProgramData\SetupTPDriver
2015-12-10 11:10:06 -------- d-----w- C:\WINDOWS\System32\DAX2
2015-12-10 11:09:49 -------- d-----w- C:\Program Files\Realtek
2015-12-10 11:09:44 -------- d-----w- C:\WINDOWS\SysWow64\RTCOM
2015-12-10 11:09:28 2718208 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2015-12-10 11:06:33 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2015-12-10 11:04:59 -------- d-sh--w- C:\Recovery
2015-12-10 11:04:56 -------- dc----w- C:\WINDOWS\Panther
2015-12-10 11:02:20 -------- d-----w- C:\Windows.old
2015-12-10 11:01:41 -------- d-----w- C:\WINDOWS\System32\Microsoft
2015-12-10 10:59:22 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2015-12-10 10:59:22 35480 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2015-12-10 10:59:22 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-12-10 10:59:11 35480 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2015-12-10 10:59:11 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2015-12-10 10:59:11 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2015-12-04 22:21:20 -------- d-----w- C:\Program Files\Microsoft Office 15
2015-12-04 14:55:16 202928 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2015-12-04 14:54:58 354512 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2015-12-04 14:54:58 16064 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
.
==================== Find3M ====================
.
2015-12-12 17:31:03 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2015-12-10 16:35:25 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-09 22:19:58 95024 ----a-w- C:\WINDOWS\System32\drivers\dc3d.sys
2015-12-09 03:39:31 301728 ------w- C:\WINDOWS\System32\MpSigStub.exe
2015-12-07 04:57:01 973664 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2015-12-07 04:55:42 1281376 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2015-12-07 04:49:31 412512 ----a-w- C:\WINDOWS\System32\wifitask.exe
2015-12-07 04:47:58 116720 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2015-12-07 04:47:57 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2015-12-07 04:47:57 898184 ----a-w- C:\WINDOWS\SysWow64\mfsrcsnk.dll
2015-12-07 04:47:54 716928 ----a-w- C:\WINDOWS\SysWow64\mfmpeg2srcsnk.dll
2015-12-07 04:45:46 264544 ----a-w- C:\WINDOWS\System32\ContentDeliveryManager.Utilities.dll
2015-12-07 04:15:40 1035776 ----a-w- C:\WINDOWS\System32\XboxNetApiSvc.dll
2015-12-07 04:15:08 75776 ----a-w- C:\WINDOWS\System32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-07 04:10:37 824320 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2015-12-07 04:09:36 30208 ----a-w- C:\WINDOWS\System32\StorageUsage.dll
2015-12-07 04:09:27 92160 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2015-12-07 04:09:07 133120 ----a-w- C:\WINDOWS\System32\flvprophandler.dll
2015-12-07 04:07:43 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2015-12-07 04:07:34 77312 ----a-w- C:\WINDOWS\System32\ProvPluginEng.dll
2015-12-07 04:07:13 16984064 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2015-12-07 04:06:52 231936 ----a-w- C:\WINDOWS\System32\KnobsCore.dll
2015-12-07 04:06:38 199168 ----a-w- C:\WINDOWS\System32\InstallAgent.exe
2015-12-07 04:06:36 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2015-12-07 04:06:32 572928 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2015-12-07 04:05:28 36864 ----a-w- C:\WINDOWS\System32\BackgroundTransferHost.exe
2015-12-07 04:05:15 192000 ----a-w- C:\WINDOWS\System32\provisioningcsp.dll
2015-12-07 04:04:28 56320 ----a-w- C:\WINDOWS\System32\provtool.exe
2015-12-07 04:04:20 66560 ----a-w- C:\WINDOWS\System32\moshost.dll
2015-12-07 04:03:46 13017600 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2015-12-07 04:02:54 477696 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-12-07 04:02:49 161280 ----a-w- C:\WINDOWS\SysWow64\InstallAgent.exe
2015-12-07 04:02:01 269824 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2015-12-07 04:01:43 34304 ----a-w- C:\WINDOWS\SysWow64\BackgroundTransferHost.exe
2015-12-07 04:01:07 543232 ----a-w- C:\WINDOWS\System32\StoreAgent.dll
2015-12-07 04:00:55 323072 ----a-w- C:\WINDOWS\System32\MSFlacDecoder.dll
2015-12-07 04:00:52 203776 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll
2015-12-07 04:00:51 210432 ----a-w- C:\WINDOWS\System32\wcmcsp.dll
2015-12-07 04:00:40 618496 ----a-w- C:\WINDOWS\System32\StorSvc.dll
2015-12-07 03:59:52 286208 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2015-12-07 03:59:49 292352 ----a-w- C:\WINDOWS\System32\provengine.dll
2015-12-07 03:59:37 558080 ----a-w- C:\WINDOWS\System32\MBMediaManager.dll
2015-12-07 03:59:16 165376 ----a-w- C:\WINDOWS\System32\provdatastore.dll
2015-12-07 03:58:17 459776 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2015-12-07 03:57:48 387072 ----a-w- C:\WINDOWS\System32\qdvd.dll
2015-12-07 03:57:40 409088 ----a-w- C:\WINDOWS\SysWow64\StoreAgent.dll
2015-12-07 03:57:28 270848 ----a-w- C:\WINDOWS\SysWow64\MSFlacDecoder.dll
2015-12-07 03:56:27 497152 ----a-w- C:\WINDOWS\System32\mfmkvsrcsnk.dll
2015-12-07 03:56:18 607232 ----a-w- C:\WINDOWS\System32\wcmsvc.dll
2015-12-07 03:55:38 7979008 ----a-w- C:\WINDOWS\System32\mos.dll
2015-12-07 03:55:02 346112 ----a-w- C:\WINDOWS\SysWow64\MapConfiguration.dll
2015-12-07 03:54:56 850432 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2015-12-07 03:54:56 569856 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2015-12-07 03:53:28 381952 ----a-w- C:\WINDOWS\SysWow64\mfmkvsrcsnk.dll
2015-12-07 03:51:16 1318912 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll
2015-12-07 03:51:00 223232 ----a-w- C:\WINDOWS\System32\fveapibase.dll
2015-12-07 03:50:55 1131520 ----a-w- C:\WINDOWS\System32\Windows.Media.Audio.dll
2015-12-07 03:49:01 1105920 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Audio.dll
2015-12-07 03:48:02 6297088 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2015-12-07 03:47:02 3428864 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2015-12-07 03:45:53 683008 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:45 900608 ----a-w- C:\WINDOWS\System32\Windows.Networking.BackgroundTransfer.dll
2015-12-07 03:45:44 2582016 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2015-12-07 03:44:48 2796032 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2015-12-07 03:43:35 931328 ----a-w- C:\WINDOWS\System32\MSMPEG2ENC.DLL
2015-12-07 03:43:07 2598400 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll
2015-12-07 03:41:02 2061824 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2015-12-07 03:40:47 3593216 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2015-12-07 03:40:23 1995776 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2015-12-07 03:40:08 1706496 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2015-12-07 03:39:24 764928 ----a-w- C:\WINDOWS\System32\fveapi.dll
2015-12-07 03:38:14 871936 ----a-w- C:\WINDOWS\SysWow64\MSMPEG2ENC.DLL
2015-12-07 03:33:04 375296 ----a-w- C:\WINDOWS\System32\MDEServer.exe
2015-12-07 03:32:46 126464 ----a-w- C:\WINDOWS\System32\dialserver.dll
2015-12-01 07:12:09 2152800 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2015-12-01 00:33:29 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2015-12-01 00:33:29 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-11-25 01:12:46 408 ----a-w- C:\Users\John\AppData\Roaming\sp_data.sys
2015-11-24 12:07:40 1817160 ----a-w- C:\WINDOWS\System32\ntdll.dll
2015-11-24 11:06:29 1540768 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2015-11-24 10:26:50 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2015-11-24 10:01:57 2756096 ----a-w- C:\WINDOWS\System32\mshtml.tlb
2015-11-24 09:54:15 7680 ----a-w- C:\WINDOWS\System32\readingviewresources.dll
2015-11-24 09:53:39 115200 ----a-w- C:\WINDOWS\System32\win32k.sys
2015-11-24 09:45:01 18944 ----a-w- C:\WINDOWS\System32\wshrm.dll
2015-11-24 09:37:04 147968 ----a-w- C:\WINDOWS\System32\drivers\rmcast.sys
2015-11-24 09:26:34 1337240 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2015-11-24 09:19:35 182784 ----a-w- C:\WINDOWS\System32\shutdownux.dll
2015-11-24 09:12:41 523776 ----a-w- C:\WINDOWS\System32\catsrvut.dll
2015-11-24 08:58:24 604672 ----a-w- C:\WINDOWS\System32\vbscript.dll
2015-11-24 08:55:41 1393664 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2015-11-24 08:54:21 2756096 ----a-w- C:\WINDOWS\SysWow64\mshtml.tlb
2015-11-24 08:52:05 1717248 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2015-11-24 08:49:47 1648640 ----a-w- C:\WINDOWS\System32\comsvcs.dll
2015-11-24 08:14:34 415744 ----a-w- C:\WINDOWS\SysWow64\catsrvut.dll
2015-11-24 08:03:47 503296 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2015-11-24 07:59:27 1467392 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2015-11-24 07:57:56 1328128 ----a-w- C:\WINDOWS\SysWow64\comsvcs.dll
2015-11-24 07:35:50 22393856 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2015-11-24 07:29:31 2352128 ----a-w- C:\WINDOWS\System32\authui.dll
.
============= FINISH: 12:23:34.89 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Home
Boot Device: \Device\HarddiskVolume1
Install Date: 12/10/2015 3:42:26 AM
System Uptime: 12/24/2015 10:43:25 AM (2 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | Q400A
Processor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz | SOCKET 0 | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 677 GiB total, 618.9 GiB free.
D: is CDROM (CDFS)
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP4: 12/17/2015 3:38:28 AM - Windows Modules Installer
RP5: 12/19/2015 3:01:00 PM - Removed Playthru Player
RP6: 12/24/2015 9:03:28 AM - Windows Update
RP7: 12/24/2015 9:03:59 AM - Windows Update
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Reader X (10.1.16) MUI
Adobe Refresh Manager
Alcor Micro USB Card Reader
ASUS Instant Connect
ASUS InstantOn
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Screen Saver
ASUS Smart Gesture
ASUS Splendid Video Enhancement Technology
ASUS Tutor
ASUS USB Charger Plus
ASUSDVD
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
ATK Package
Bing Bar
Classic Shell
D3DX10
Google Earth
Google Update Helper
HP Customer Experience Enhancements
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Support Assistant
HP Support Solutions Framework
HP Update
I.R.I.S. OCR
Intel(R) Management Engine Components
Intel(R) PRO/Wireless Driver
Intel(R) Processor Graphics
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel(R) WiDi
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Malwarebytes Anti-Malware version 2.2.0.1024
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 365 - en-us
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT Redists
MSVCRT110
MSVCRT110_amd64
Office 16 Click-to-Run Extensibility Component
Office 16 Click-to-Run Licensing Component
Office 16 Click-to-Run Localization Component
Pandora
Photo Common
Photo Gallery
Realtek High Definition Audio Driver
Sony Preset Manager 2.0d
Sony Sound Forge Audio Studio 8.0
Sound Forge Audio Studio 10.0
Waves Diamond Bundle 4.05
Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 1.0.0.262)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinFlash
.
==== Event Viewer Messages From Past Week ========
.
12/24/2015 9:41:02 AM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The system cannot find the path specified.
12/24/2015 9:40:49 AM, Error: Service Control Manager [7031] - The User Data Storage_59c6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 9:40:49 AM, Error: Service Control Manager [7031] - The User Data Access_59c6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 9:40:49 AM, Error: Service Control Manager [7031] - The Sync Host_59c6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 9:40:49 AM, Error: Service Control Manager [7031] - The Contact Data_59c6d service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7034] - The Intel(R) ME Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:32 AM, Error: Service Control Manager [7034] - The HP Support Solutions Framework Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:32 AM, Error: Service Control Manager [7034] - The ASUS InstantOn Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:32 AM, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Spybot-S&D 2 Security Center Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/24/2015 9:40:32 AM, Error: Service Control Manager [7031] - The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
12/24/2015 9:40:31 AM, Error: Service Control Manager [7034] - The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:31 AM, Error: Service Control Manager [7034] - The Intel(R) Content Protection HECI Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:31 AM, Error: Service Control Manager [7034] - The ATKGFNEX Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 9:40:31 AM, Error: Service Control Manager [7034] - The ASLDR Service service terminated unexpectedly. It has done this 1 time(s).
12/24/2015 10:46:21 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the UNS service to connect.
12/24/2015 10:46:21 AM, Error: Service Control Manager [7000] - The Intel(R) Management and Security Application User Notification Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/24/2015 10:43:52 AM, Error: Service Control Manager [7000] - The jhi_service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/24/2015 10:43:50 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the jhi_service service to connect.
12/24/2015 10:43:03 AM, Error: Service Control Manager [7031] - The User Data Storage_78d13 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 10:43:03 AM, Error: Service Control Manager [7031] - The User Data Access_78d13 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 10:43:03 AM, Error: Service Control Manager [7031] - The Sync Host_78d13 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 10:43:03 AM, Error: Service Control Manager [7031] - The Contact Data_78d13 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/24/2015 10:43:03 AM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
12/23/2015 12:02:54 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {9E175B6D-F52A-11D8-B9A5-505054503030} and APPID {9E175B9C-F52A-11D8-B9A5-505054503030} to the user JP\John SID (S-1-5-21-3936709736-1518792879-354126822-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
12/22/2015 8:49:55 AM, Error: Tcpip [4199] - The system detected an address conflict for IP address 192.168.1.9 with the system having network hardware address 28-57-67-ED-34-80. Network operations on this system may be disrupted as a result.
12/21/2015 9:42:45 AM, Error: Service Control Manager [7031] - The User Data Storage_3135c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/21/2015 9:42:45 AM, Error: Service Control Manager [7031] - The User Data Access_3135c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/21/2015 9:42:45 AM, Error: Service Control Manager [7031] - The Sync Host_3135c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/21/2015 9:42:45 AM, Error: Service Control Manager [7031] - The Contact Data_3135c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/19/2015 3:08:26 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Intel(R) Management and Security Application User Notification Service service to connect.
12/19/2015 3:05:23 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SearchProtectionService service to connect.
12/19/2015 3:05:23 PM, Error: Service Control Manager [7000] - The SearchProtectionService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/19/2015 3:03:48 PM, Error: Service Control Manager [7031] - The User Data Storage_57dee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/19/2015 3:03:48 PM, Error: Service Control Manager [7031] - The User Data Access_57dee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/19/2015 3:03:48 PM, Error: Service Control Manager [7031] - The Sync Host_57dee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/19/2015 3:03:48 PM, Error: Service Control Manager [7031] - The Contact Data_57dee service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 3:46:29 PM, Error: Service Control Manager [7031] - The User Data Storage_33a01 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 3:46:29 PM, Error: Service Control Manager [7031] - The User Data Access_33a01 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 3:46:29 PM, Error: Service Control Manager [7031] - The Sync Host_33a01 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 3:46:29 PM, Error: Service Control Manager [7031] - The Contact Data_33a01 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 10:05:52 PM, Error: Service Control Manager [7031] - The User Data Storage_3d722 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 10:05:52 PM, Error: Service Control Manager [7031] - The User Data Access_3d722 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 10:05:52 PM, Error: Service Control Manager [7031] - The Sync Host_3d722 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
12/17/2015 10:05:52 PM, Error: Service Control Manager [7031] - The Contact Data_3d722 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
.
==== End Of File ===========================
Back to top
View user's profile Send private message
Cypher
Moderator


Joined: 05 Jul 2009
Last Visit: 07 May 2017
Posts: 5041
Location: Land Of The Leprechauns

PostPosted: Sun Dec 27, 2015 3:08 am    Post subject: Reply with quote

Duplicate post again therefore closed.
http://spywarewarrior.com/viewtopic.php?t=35405
_________________
Admin/Teacher at Malware Removal University
Member of UNITE
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   This topic is locked: you cannot edit posts or make replies.    Spyware Warrior Forum Index -> Help with spyware removal All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group