Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Annoying trojan that can't be scanned?

This is a discussion on Annoying trojan that can't be scanned? within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Howdy, I'm running Windows 10 Pro 64-bit and it has been in otherwise good condition. My sister and friend stayed


Closed Thread
 
Thread Tools Search this Thread
Old 01-15-2016, 06:19 AM   #1
Registered Member
 
Join Date: Sep 2007
Posts: 15
OS: Windows 7 Ultimate 64 bit



Howdy,

I'm running Windows 10 Pro 64-bit and it has been in otherwise good condition.

My sister and friend stayed over for 2 weeks and now I've got an issue;

It started out with random clicking and keyboard presses. I thought maybe my mouse was dying or a driver was causing issues.

Then, in the middle of a game, something about raining desctruction down started typing out into my in-game chat.

I scanned with MalwareBytes Anti-Malware and got nothing. I slapped on Zone Alarm hoping that would solve it and it seemed to, for a time.

The next evening, I got the usual misclick spam and left a prompt blinking in the URL bar to allow him to converse. I was creeped out shortly thereafter by getting a message about "the moronic leaders of Australia" or something (I killed my switch instantly).

I re-scanned with MBAM, then M$' defender. Nothing. Tried checking firewall and cleared everything. Seemed to work.

Day 3 - It starts happening again in the evening. I've downloaded and run Kapersky free, Avast (both full startup scan and regular scans), Avira and also Norton Power Eraser (I just went for anything that anyone recommended at this point lol).

Now, here's where I'm not sure if it's a bug or not; Avast did a network scan and seemed to believe "the DNS was compromised". I'm using the "get DNS from ISP" option on the router, but I also tried changing it to 8.8.8.8 and it still claimed the DNS was compromised.

So I swapped out another router (fresh out of the box from Optus) and did a refresh of windows (though I kept my files, just replaced the windows stuff). Since that, Avast has stopped giving network errors (though it seems I've gotten a different version both times).

Since then, I've not noticed any loss of controls yet, but it's also outside of the usual time window so I might not expect to see any until tomorrow, maybe in the afternoon / evening. On top of that, my internet connection went FUBAR earlier. Almost like I was being DDoS'd, except that Perf Monitor was claiming the bandwidth was being used on my PC somehow.


Here's the DDS log file:


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16384
Run by surfe at 1:05:28 on 2016-01-16
Microsoft Windows 10 Pro 10.0.10240.0.1252.1.1033.18.16311.14090 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\AMD\CNext\CNext\cnext.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files (x86)\Razer\Razer Cortex\main.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uLocal Page = %11%\blank.htm
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [OneDrive] "C:\Users\surfe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Games SSD\Steam\steam.exe" -silent
uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
mRun: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
mRun: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3510d6f0-e93b-4178-b86b-53d670725703} : DHCPNameServer = 192.168.0.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-16 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2016-1-16 273784]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 ngvss;ngvss;C:\WINDOWS\System32\drivers\ngvss.sys [2016-1-16 147088]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-7-10 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-16 1055560]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2016-1-16 451040]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R1 nm3;Microsoft Network Monitor 3 Driver;C:\WINDOWS\System32\drivers\nm3.sys [2010-6-9 46392]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-17 254992]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-16 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-16 97648]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-16 155304]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-1-16 226440]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-30 328608]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-9-24 188072]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [2016-1-15 129168]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2016-1-15 37184]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-1-16 310904]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2015-10-19 96272]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-1-16 5561368]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-7-30 47008]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-27 39480]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2015-7-21 49880]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-7-21 200920]
R3 SSMO3v2Filter;MMO3v2 Mouse;C:\WINDOWS\System32\drivers\MO3v2Driver.sys [2010-11-22 23040]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UHSfiltv;UHSfiltv;C:\WINDOWS\System32\drivers\UHSfiltv.sys [2015-8-10 32264]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-7-29 40720]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-6-27 50232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-7-10 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 rzbtendpt;Razer Bluetooth End Point;C:\WINDOWS\System32\drivers\rzbtendpt.sys [2015-7-21 49880]
S3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-7-21 42200]
S3 rzhnet;Razer Inc. External Display Driver;C:\WINDOWS\System32\drivers\rzhnet.sys [2015-7-21 29912]
S3 rzjstk;Razer Virtual Joystick Driver;C:\WINDOWS\System32\drivers\rzjstk.sys [2015-7-21 36568]
S3 rzkeypadendpt;Razer Keypad Endpoint;C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [2015-7-21 43736]
S3 rzmpos;rzmpos;C:\WINDOWS\System32\drivers\rzmpos.sys [2015-7-21 46808]
S3 rzp1endpt;Razer platform 1 end point;C:\WINDOWS\System32\drivers\rzp1endpt.sys [2015-7-21 50392]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-7-21 42200]
S3 rzvmouse;Razer Virtual Mouse;C:\WINDOWS\System32\drivers\rzvmouse.sys [2015-7-21 42200]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-7-10 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 ssdevfactory;SteelSeries Device Factory Service;C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-10-3 40568]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-7-10 78688]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-7-10 45056]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-7-10 685056]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-7-10 95744]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2016-01-16 04:28:59 851456 ----a-w- C:\WINDOWS\System32\comdlg32.dll
2016-01-15 13:57:22 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-DV1A4A7_surfe_HistoryPrediction.bin
2016-01-15 13:13:11 147088 ----a-w- C:\WINDOWS\System32\drivers\ngvss.sys
2016-01-15 13:04:34 97648 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2016-01-15 13:03:35 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2016-01-15 13:03:35 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2016-01-15 13:03:35 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2016-01-15 13:03:35 273784 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2016-01-15 13:03:35 155304 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2016-01-15 13:03:34 43112 ----a-w- C:\WINDOWS\avastSS.scr
2016-01-15 13:03:29 1055560 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2016-01-15 12:16:16 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-01-15 12:12:59 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-01-15 09:51:46 144 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-15 09:48:33 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2016-01-15 09:42:03 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-16 19:45:42 162784 ----a-w- C:\WINDOWS\System32\atiuxp64.dll
2015-12-16 19:45:42 143080 ----a-w- C:\WINDOWS\SysWow64\atiuxpag.dll
2015-12-16 19:45:40 8168856 ----a-w- C:\WINDOWS\SysWow64\atiumdva.dll
2015-12-16 19:45:28 9158496 ----a-w- C:\WINDOWS\SysWow64\atiumdag.dll
2015-12-16 19:45:18 9105552 ----a-w- C:\WINDOWS\System32\atiumd6a.dll
2015-12-16 19:45:10 10919104 ----a-w- C:\WINDOWS\System32\atiumd64.dll
2015-12-16 19:45:00 112392 ----a-w- C:\WINDOWS\SysWow64\atiu9pag.dll
2015-12-16 19:44:58 130616 ----a-w- C:\WINDOWS\System32\atiu9p64.dll
2015-12-16 19:44:56 88032 ----a-w- C:\WINDOWS\System32\atimpc64.dll
2015-12-16 19:44:56 81200 ----a-w- C:\WINDOWS\SysWow64\atimpc32.dll
2015-12-16 19:44:54 13313544 ----a-w- C:\WINDOWS\System32\atidxx64.dll
2015-12-16 19:44:42 11011560 ----a-w- C:\WINDOWS\SysWow64\atidxx32.dll
2015-12-16 19:44:32 1519232 ----a-w- C:\WINDOWS\System32\aticfx64.dll
2015-12-16 19:44:28 1249664 ----a-w- C:\WINDOWS\SysWow64\aticfx32.dll
2015-12-16 19:44:10 8426376 ----a-w- C:\WINDOWS\SysWow64\amdxc32.dll
2015-12-16 19:44:02 88032 ----a-w- C:\WINDOWS\System32\amdpcom64.dll
2015-12-16 19:44:00 81200 ----a-w- C:\WINDOWS\SysWow64\amdpcom32.dll
2015-12-16 19:44:00 471344 ----a-w- C:\WINDOWS\System32\amdmiracast.dll
2015-12-16 19:43:56 151968 ----a-w- C:\WINDOWS\System32\amdhcp64.dll
2015-12-16 19:43:56 138416 ----a-w- C:\WINDOWS\SysWow64\amdhcp32.dll
2015-12-16 19:43:48 128568 ----a-w- C:\WINDOWS\System32\amdave64.dll
2015-12-16 19:43:48 120200 ----a-w- C:\WINDOWS\SysWow64\amdave32.dll
2015-12-16 19:41:18 97808 ----a-w- C:\WINDOWS\SysWow64\mantleaxl32.dll
2015-12-16 19:41:18 104976 ----a-w- C:\WINDOWS\System32\mantleaxl64.dll
2015-12-16 19:41:16 136208 ----a-w- C:\WINDOWS\System32\mantle64.dll
2015-12-16 19:41:14 203792 ----a-w- C:\WINDOWS\System32\hsa-thunk64.dll
2015-12-16 19:41:14 122384 ----a-w- C:\WINDOWS\SysWow64\mantle32.dll
2015-12-16 19:41:12 183312 ----a-w- C:\WINDOWS\SysWow64\hsa-thunk.dll
2015-12-16 19:41:08 232464 ----a-w- C:\WINDOWS\System32\dgtrayicon.exe
2015-12-16 19:41:06 874000 ----a-w- C:\WINDOWS\System32\coinst_15.30.dll
2015-12-16 19:41:06 12816 ----a-w- C:\WINDOWS\SysWow64\detoured.dll
2015-12-16 19:41:06 12816 ----a-w- C:\WINDOWS\System32\detoured.dll
2015-12-16 19:41:02 243728 ----a-w- C:\WINDOWS\System32\clinfo.exe
2015-12-16 19:37:32 199696 ----a-w- C:\WINDOWS\System32\atitmm64.dll
2015-12-16 19:37:30 97808 ----a-w- C:\WINDOWS\System32\atisamu64.dll
2015-12-16 19:37:26 89616 ----a-w- C:\WINDOWS\SysWow64\atisamu32.dll
2015-12-16 19:37:24 25848848 ----a-w- C:\WINDOWS\SysWow64\atioglxx.dll
2015-12-16 19:35:16 341520 ----a-w- C:\WINDOWS\System32\ATIODE.exe
2015-12-16 19:34:50 59920 ----a-w- C:\WINDOWS\System32\ATIODCLI.exe
2015-12-16 19:34:22 31385616 ----a-w- C:\WINDOWS\System32\atio6axx.dll
2015-12-16 19:32:02 40464 ----a-w- C:\WINDOWS\System32\atimuixx.dll
2015-12-16 19:31:38 679952 ----a-w- C:\WINDOWS\System32\drivers\atikmpag.sys
2015-12-16 19:31:14 23969808 ----a-w- C:\WINDOWS\System32\drivers\atikmdag.sys
2015-12-16 19:29:52 78864 ----a-w- C:\WINDOWS\SysWow64\atiglpxx.dll
2015-12-16 19:29:52 78864 ----a-w- C:\WINDOWS\System32\atiglpxx.dll
2015-12-16 19:29:50 151056 ----a-w- C:\WINDOWS\SysWow64\atigktxx.dll
2015-12-16 19:29:48 84504 ----a-w- C:\WINDOWS\System32\atig6pxx.dll
2015-12-16 19:29:48 166416 ----a-w- C:\WINDOWS\System32\atig6txx.dll
2015-12-16 19:29:38 254992 ----a-w- C:\WINDOWS\System32\atiesrxx.exe
2015-12-16 19:29:16 561168 ----a-w- C:\WINDOWS\System32\atieclxx.exe
2015-12-16 19:28:56 171032 ----a-w- C:\WINDOWS\System32\atieah64.exe
2015-12-16 19:28:56 154128 ----a-w- C:\WINDOWS\SysWow64\atieah32.exe
2015-12-16 19:28:54 451088 ----a-w- C:\WINDOWS\System32\atidemgy.dll
2015-12-16 19:28:36 71184 ----a-w- C:\WINDOWS\System32\aticalrt64.dll
2015-12-16 19:28:14 60944 ----a-w- C:\WINDOWS\SysWow64\aticalrt.dll
2015-12-16 19:27:52 15720464 ----a-w- C:\WINDOWS\System32\aticaldd64.dll
2015-12-16 19:27:20 14310928 ----a-w- C:\WINDOWS\SysWow64\aticaldd.dll
2015-12-16 19:26:12 64528 ----a-w- C:\WINDOWS\System32\aticalcl64.dll
2015-12-16 19:26:10 57872 ----a-w- C:\WINDOWS\SysWow64\aticalcl.dll
2015-12-16 19:26:08 375824 ----a-w- C:\WINDOWS\System32\atiapfxx.exe
2015-12-16 19:25:26 950288 ----a-w- C:\WINDOWS\SysWow64\atiadlxy.dll
2015-12-16 19:25:26 950288 ----a-w- C:\WINDOWS\SysWow64\atiadlxx.dll
2015-12-16 19:25:22 1281552 ----a-w- C:\WINDOWS\System32\atiadlxx.dll
2015-12-16 19:25:20 52240 ----a-w- C:\WINDOWS\System32\drivers\ati2erec.dll
2015-12-16 19:25:02 49992720 ----a-w- C:\WINDOWS\System32\amdocl64.dll
2015-12-16 19:22:22 27605008 ----a-w- C:\WINDOWS\System32\amdocl12cl64.dll
2015-12-16 19:21:20 22357008 ----a-w- C:\WINDOWS\SysWow64\amdocl12cl.dll
2015-12-16 19:20:32 41519120 ----a-w- C:\WINDOWS\SysWow64\amdocl.dll
2015-12-16 19:19:06 59408 ----a-w- C:\WINDOWS\System32\amdmmcl6.dll
2015-12-16 19:19:04 48144 ----a-w- C:\WINDOWS\SysWow64\amdmmcl.dll
2015-12-16 19:17:14 6651920 ----a-w- C:\WINDOWS\System32\amdmantle64.dll
2015-12-16 19:16:20 5232656 ----a-w- C:\WINDOWS\SysWow64\amdmantle32.dll
2015-12-16 19:15:26 686608 ----a-w- C:\WINDOWS\System32\amdlvr64.dll
2015-12-16 19:15:22 571408 ----a-w- C:\WINDOWS\SysWow64\amdlvr32.dll
2015-12-16 19:13:50 213520 ----a-w- C:\WINDOWS\System32\amdgfxinfo64.dll
2015-12-16 19:13:50 143376 ----a-w- C:\WINDOWS\System32\amdhdl64.dll
2015-12-16 19:13:50 132112 ----a-w- C:\WINDOWS\SysWow64\amdhdl32.dll
2015-12-16 19:13:48 198672 ----a-w- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
2015-12-16 19:13:46 305392 ----a-w- C:\WINDOWS\System32\drivers\amdacpksd.sys
2015-12-16 19:13:44 73744 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2015-12-16 19:13:44 68112 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2015-12-16 18:07:46 10339016 ----a-w- C:\WINDOWS\System32\amdxc64.dll
2015-11-26 00:55:44 51688 ----a-w- C:\WINDOWS\System32\drivers\spfdrv.sys
2015-11-13 21:00:40 1804680 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
.
============= FINISH: 1:05:41.18 ===============


Please help me, Tech Support Forum... You're my only hope! I REALLY need to be stable for Diablo 3's ladder ;) Oh, and I guess it would be nice to not have everything stolen too.
Attached Files
File Type: txt attach.txt (7.6 KB, 19 views)
WirlWind is offline  
Sponsored Links
Advertisement
 
Old 01-23-2016, 07:18 PM   #2
Registered Member
 
Join Date: Sep 2007
Posts: 15
OS: Windows 7 Ultimate 64 bit



Bump and update:

Since reinstalling Windows 10 (revert to default that's built in), I've not had any instances of my mouse moving around or typing.

I also changed the router over at that time and, again, no issues have seemed to pop up. However, my connection has been quite slow, with the router itself going inaccessible at random times.
WirlWind is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Malware/trojan help
Hello, My computer is running considerably slower than normal. Additionally, the computer appears to be infected by the trojan Cryptowall. Thanks in advance for your help. FYI I do not have a boot CD (or CD drive) easily accessible. Here is my DDS log: DDS (Ver_2012-11-20.01) -...
challett Resolved HJT Threads 25 12-15-2014 08:43 AM
can't install or uninstall programs
I've tried to install my printer software but when it gets to the last phase of the installation process it says 'unable to install software' I tried to download and install AVG 2012 and the same thing it got to the last step and said set up error: general internal error: additional message:MSI...
reedkwize1 Virus/Trojan/Spyware Help 59 11-10-2011 04:40 PM
Laptop barely works, can't access task manager
No access to a Windows install disc or a boot CD Computer takes way too long to start. Takes way too long to restart and shut down. The internet shuts off after a couple of hours and I have to restart the computer. Pop-up keeps appearing even when a web page isn't open....
BalloonBottle Resolved HJT Threads 21 07-25-2011 02:36 PM
Malware/popup/redirects
Hi Recently my machines been running very slow (Win XP, SP 4), then recently on Mozilla 4.0 new tabs started appearing. I found a folder in Documents and Settings/Network Service/Local Settings which was 'temp' which had lots of jpgs/html/javascript, like these were the dodgy HTML pages...
psj3809 Resolved HJT Threads 48 04-14-2011 01:45 PM
url redirects plus some other spurious behavior
Was unable to complete an Amazon transaction yesterday -- checkout pages wouldn't load without repeated attempts. Then found that search engine results were being redirected. Tried System Restore to several different known-clean restore points -- all failed. Have also noticed these intermittent...
tooleyweeds Resolved HJT Threads 14 04-13-2011 11:42 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 08:20 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts