Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hi i had questions regarding possible key logging


  • This topic is locked This topic is locked
2 replies to this topic

#1 STOMPCATS

STOMPCATS

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 18 May 2016 - 03:51 AM

first time here at this site.  google referred me to you via my looking up of this line.

 

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

 

and a few other things....i ran the DDS.txt 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 
Run by BSTOMPED at 0:39:46 on 2016-05-18
Microsoft Windows 10 Pro  10.0.10586.0.1252.1.1033.18.8098.5135 [GMT -7:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Internet Security *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security *Enabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368}
.
============== Running Processes ===============
.
c:\PROGRA~2\AVG\Av\avgrsa.exe
C:\Program Files (x86)\AVG\Av\avgcsrva.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\DellTPad\HidMonitorSvc.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\Av\avgfwsa.exe
C:\WINDOWS\system32\BtwRSupportService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\SysWow64\WinFLService.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\AVG\Av\avgnsa.exe
C:\Program Files (x86)\AVG\Av\avgemca.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Users\BSTOMPED\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Users\BSTOMPED\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\Users\BSTOMPED\AppData\Roaming\BitTorrent\updates\7.9.6_42095\utorrentie.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\WINDOWS\System32\drivers\o2flash.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
C:\WINDOWS\system32\wwahost.exe
C:\Program Files\WindowsApps\Microsoft.BingNews_4.9.51.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.exe
C:\Program Files\WindowsApps\Microsoft.Office.OneNote_17.6965.57691.0_x64__8wekyb3d8bbwe\onenoteim.exe
C:\WINDOWS\system32\taskeng.exe
C:\Users\BSTOMPED\AppData\Local\Google\Update\GoogleUpdate.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mStart Page = about:blank
uRun: [BitTorrent] "C:\Users\BSTOMPED\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [Google Update] "C:\Users\BSTOMPED\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRunOnce: [Uninstall C:\Users\BSTOMPED\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\BSTOMPED\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
mRun: [DBPrompt] "C:\WINDOWS\ptservice.exe"
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: DSCAutomationHostEnabled = dword:2
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6}\051636966696360294E6E6 : DHCPNameServer = 192.168.3.1 75.75.75.75 75.75.76.76
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6}\14C616D65646160284F64756C623 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6}\341607279602D4F64756C6 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6}\876696E696479777966696 : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{bf434e3f-b3b1-45b5-ac31-5e53a56f14a6}\876696E696479777966696 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{d774f147-29b4-42bd-8314-3f0eafbbe572} : DHCPNameServer = 8.8.8.8
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages =  ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-Run: [Apoint] "C:\Program Files\DellTPad\Apoint.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\BSTOMPED\AppData\Roaming\Mozilla\Firefox\Profiles\7f4u86f2.default\
FF - prefs.js: browser.startup.homepage - hxxps://sports.yahoo.com/fantasy/
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\BSTOMPED\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll
FF - plugin: C:\Users\BSTOMPED\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\BSTOMPED\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\WINDOWS\System32\drivers\avgidsha.sys [2016-1-26 272304]
R0 Avgloga;AVG Logging Driver;C:\WINDOWS\System32\drivers\avgloga.sys [2016-2-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\WINDOWS\System32\drivers\avgmfx64.sys [2016-3-29 248576]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\WINDOWS\System32\drivers\avgrkx64.sys [2015-12-4 51968]
R0 avguniva;AVG Universal Driver;C:\WINDOWS\System32\drivers\avguniva.sys [2016-3-8 71936]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2014-2-26 670568]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\WINDOWS\System32\drivers\stdcfltn.sys [2016-2-23 23216]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-10-30 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-10-30 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-10-30 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-10-30 218624]
R1 Avgdiska;AVG Disk Driver;C:\WINDOWS\System32\drivers\avgdiska.sys [2016-2-16 162592]
R1 Avgfwfd;AVG network filter service;C:\WINDOWS\System32\drivers\avgfwd6a.sys [2015-8-29 97208]
R1 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\System32\drivers\avgidsdrivera.sys [2016-3-8 307456]
R1 Avgldx64;AVG AVI Loader Driver;C:\WINDOWS\System32\drivers\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver;C:\WINDOWS\System32\drivers\avgwfpa.sys [2015-12-16 315840]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-5-10 87552]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-10-30 8192]
R2 ApHidMonitorService;Alps HID Monitor Service;C:\Program Files\DellTPad\HidMonitorSvc.exe [2015-6-25 96120]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 avgfws;AVG Firewall;C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2016-5-4 1999224]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-5-4 5155904]
R2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-4-22 1078544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-5-4 710232]
R2 BcmBtRSupport;Bluetooth Driver Management Service;C:\WINDOWS\System32\BtwRSupportService.exe [2015-10-29 2286864]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-10-30 43944]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2016-1-22 1045736]
R2 Credential Vault Host Storage;Credential Vault Host Storage;C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2016-1-22 39656]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-10-30 43944]
R2 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-5-13 416408]
R2 FLService;FLService;C:\Windows\syswow64\WinFLService.exe [2016-3-20 93032]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-8-4 16232]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-30 319096]
R2 LiveUpdateSvc;LiveUpdate;C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-4-15 2945312]
R2 NEWDRIVER;NEWDRIVER;C:\Windows\syswow64\WinVDEdrv6.sys [2016-3-20 197648]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-10-30 78848]
R2 SystemUsageReportSvc_WILLAMETTE;Intel® System Usage Report Service SystemUsageReportSvc_WILLAMETTE;C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [2016-3-9 118424]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R2 WinVDEDrv;WinVDEDrv;C:\Windows\syswow64\WinVDEdrv.sys [2016-3-20 225680]
R3 bcbtums;Bluetooth RAM Firmware Download USB Filter;C:\WINDOWS\System32\drivers\bcbtums.sys [2015-10-29 208184]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\WINDOWS\System32\drivers\CtClsFlt.sys [2016-2-29 172704]
R3 cvusbdrv;Dell ControlVault;C:\WINDOWS\System32\drivers\cvusbdrv.sys [2014-11-19 61568]
R3 DellRbtn;Airplane Mode Switch;C:\WINDOWS\System32\drivers\DellRbtn.sys [2015-8-11 19440]
R3 IntcDAud;Intel® Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-21 463112]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-26 38896]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-10-30 20480]
R3 NETwNe64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew01.sys [2015-10-30 3343872]
R3 O2FJ2RDR;O2FJ2RDR;C:\WINDOWS\System32\drivers\O2FJ2w7x64.sys [2013-8-16 195768]
R3 pneteth;PdaNet Broadband;C:\WINDOWS\System32\drivers\pneteth.sys [2016-2-28 15360]
R3 pnetmdm;PdaNet Modem;C:\WINDOWS\System32\drivers\pnetmdm64.sys [2016-2-28 17920]
R3 semav6msr64;semav6msr64;C:\WINDOWS\System32\drivers\semav6msr64.sys [2016-2-25 21984]
R3 ST_Accel;STMicroelectronics Accelerometer Service;C:\WINDOWS\System32\drivers\ST_Accel.sys [2015-7-2 146512]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-10-30 216064]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\WINDOWS\System32\drivers\avgboota.sys [2016-1-7 21632]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-10-30 43944]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-10-30 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 Andbus;LGE Android Platform Composite USB Device;C:\WINDOWS\System32\drivers\lgandbus64.sys [2012-3-2 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\WINDOWS\System32\drivers\lganddiag64.sys [2012-3-2 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\WINDOWS\System32\drivers\lgandgps64.sys [2012-3-2 27136]
S3 AndNetDiag;LGE AndroidNet USB Serial Port;C:\WINDOWS\System32\drivers\lgandnetdiag64.sys [2012-7-3 29184]
S3 AndNetDiag2;LGE AndroidNet For Diagnostics Port;C:\WINDOWS\System32\drivers\lgandnetdiag264.sys [2012-7-3 29184]
S3 AndNetGps;LGE AndroidNet USB GPS NMEA Port;C:\WINDOWS\System32\drivers\lgandnetgps64.sys [2012-7-3 28160]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-10-30 43944]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 AvgAMPS;AvgAMPS;C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-5-4 638968]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2015-10-30 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-10-30 9728]
S3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2015-10-30 165376]
S3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2015-10-30 36864]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-10-30 43944]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2016-4-13 245760]
S3 btwampfl;btwampfl;C:\WINDOWS\System32\drivers\btwampfl.sys [2015-10-29 223040]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-30 37376]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-12-12 117248]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-10-30 43944]
S3 dcdbas;System Management Driver;C:\WINDOWS\System32\drivers\dcdbas64.sys [2013-9-27 39480]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DDDriver;DDDriver;C:\WINDOWS\System32\drivers\DDDriver64Dcsa.sys [2015-2-26 23760]
S3 DellProf;DellProf;C:\WINDOWS\System32\drivers\DellProf.sys [2016-1-5 24240]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2015-12-8 129152]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-10-30 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-10-30 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-10-30 50016]
S3 HtcVCom32;HTC Diagnostic Port;C:\WINDOWS\System32\drivers\HtcVComV64.sys [2015-3-20 121800]
S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2015-10-30 81408]
S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-10-30 38128]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-10-30 113152]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-10-30 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-10-30 424800]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2016-2-25 169752]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-10-30 117760]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-6-26 50160]
S3 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-10-30 46432]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-10-30 26624]
S3 kiox_ff_driver;Kionix freefall detection service;C:\WINDOWS\System32\drivers\kiox_ff_driver.sys [2015-6-15 41456]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-10-30 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-10-30 99168]
S3 LVRS64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem134.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2016-2-21 192216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-10-30 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-10-30 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-10-30 43944]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-10-30 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-10-30 58720]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S3 qcusbser-forge;Forge USB Device for Legacy Serial Communication;C:\WINDOWS\System32\drivers\qcusbser.sys [2015-6-17 247872]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-10-30 930656]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-10-30 1297408]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-10-30 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-10-30 43944]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-12-8 221824]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-10-30 79200]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-10-30 34144]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2015-10-30 290304]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-5-10 63488]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-10-30 46592]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-10-30 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-10-30 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-4-13 258912]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-10-30 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-5-10 131424]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-10-30 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-10-30 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-10-30 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 UsbGps;LGE Mobile USB GPS NMEA Port;C:\WINDOWS\System32\drivers\lgx64gps.sys [2012-3-2 27136]
S3 USER_ESRV_SVC_WILLAMETTE;User Energy Server Service WILLAMETTE;C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-5-13 416408]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-10-30 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-10-30 43944]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-10-30 43944]
S3 wbfcvusbdrv;WBF Control Vault;C:\WINDOWS\System32\drivers\wbfcvusbdrv.sys [2016-1-22 17536]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-4-13 694784]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-10-30 118112]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-10-30 364464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-10-30 43944]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-10-30 26976]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2016-1-28 350720]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-10-30 59232]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-10-30 43944]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-3-1 238592]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-10-30 43944]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-4-13 26112]
S4 CDPSvc;Connected Device Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-10-30 43944]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2016-05-16 06:04:58 -------- d-----w- C:\ProgramData\Comodo Downloader
2016-05-16 06:04:22 -------- d-----w- C:\ProgramData\Shared Space
2016-05-16 06:04:22 -------- d-----w- C:\ProgramData\Comodo
2016-05-14 11:33:29 -------- d-----w- C:\Users\BSTOMPED\AppData\Local\CrashDumps
2016-05-14 10:07:26 -------- d-----w- C:\Users\BSTOMPED\AppData\Roaming\TechSmith
2016-05-14 10:04:58 -------- d-----w- C:\Users\BSTOMPED\AppData\Local\TechSmith
2016-05-12 03:22:58 -------- d-----w- C:\ProgramData\YTD Video Downloader
2016-05-04 11:54:31 7680 ----a-w- C:\WINDOWS\SysWow64\DBService.exe
2016-05-04 11:54:31 315236 ----a-w- C:\WINDOWS\ptservice.exe
2016-05-04 11:54:31 30752 ----a-w- C:\WINDOWS\SysWow64\WinDBdrv.sys
2016-05-04 11:54:31 -------- d-----w- C:\ProgramData\USB Block
2016-05-04 11:54:23 946176 ----a-w- C:\WINDOWS\SysWow64\htmlayout.dll
2016-05-04 11:54:23 248320 ----a-w- C:\WINDOWS\SysWow64\DBLayer.dll
2016-05-04 11:54:22 -------- d-----w- C:\Program Files (x86)\USB Block
2016-05-04 11:00:47 -------- d---a-w- C:\Program Files\Bonjour
2016-05-04 11:00:47 -------- d---a-w- C:\Program Files (x86)\Bonjour
2016-05-04 04:43:35 -------- d-----r- C:\Users\BSTOMPED\iCloudDrive
2016-05-04 04:27:12 -------- d-----w- C:\Users\BSTOMPED\AppData\Local\Apple Inc
2016-04-29 14:11:42 -------- d-----w- C:\Users\BSTOMPED\Intel
2016-04-25 05:54:55 -------- d-----w- C:\WINDOWS\Downloaded Installations
.
==================== Find3M  ====================
.
2016-05-14 02:38:23 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2016-05-11 19:57:55 621568 ----a-w- C:\WINDOWS\SysWow64\rdvgogl32.dll
2016-05-11 19:57:14 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-05-11 19:57:14 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-05-06 04:53:48 95072 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys
2016-05-06 04:05:35 241664 ----a-w- C:\WINDOWS\SysWow64\cryptngc.dll
2016-05-06 04:03:20 649216 ----a-w- C:\WINDOWS\System32\ngcsvc.dll
2016-05-06 03:53:21 351232 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll
2016-05-06 03:49:14 289792 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll
2016-05-06 03:44:10 582656 ----a-w- C:\WINDOWS\System32\ngccredprov.dll
2016-05-06 03:43:46 320000 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-05-06 03:23:53 76288 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll
2016-05-04 23:58:32 71936 ----a-w- C:\WINDOWS\System32\drivers\avguniva.sys
2016-04-30 06:42:19 1387520 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2016-04-30 06:31:37 3591168 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-04-25 07:35:58 221824 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2016-04-25 07:35:52 129152 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2016-04-23 06:12:45 294592 ----a-w- C:\WINDOWS\System32\invagent.dll
2016-04-23 06:12:45 190144 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2016-04-23 06:12:45 1401024 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-04-23 06:12:45 1184960 ----a-w- C:\WINDOWS\System32\aeinv.dll
2016-04-23 06:12:44 92352 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-04-23 06:12:44 713920 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-04-23 06:12:44 514752 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-04-23 06:12:44 46784 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2016-04-23 05:28:43 1542816 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-04-23 05:28:40 1557768 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-04-23 05:26:12 707608 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2016-04-23 05:24:45 7474528 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-04-23 05:24:41 1997328 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-04-23 05:24:37 99680 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2016-04-23 05:24:37 638816 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2016-04-23 05:24:28 1819208 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-04-23 05:24:16 335712 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys
2016-04-23 05:24:13 754664 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-04-23 05:22:15 1161120 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2016-04-23 05:13:12 306832 ----a-w- C:\WINDOWS\SysWow64\wlanapi.dll
2016-04-23 05:13:01 84832 ----a-w- C:\WINDOWS\SysWow64\NetSetupApi.dll
2016-04-23 05:13:01 502104 ----a-w- C:\WINDOWS\SysWow64\NetSetupEngine.dll
2016-04-23 05:12:48 413536 ----a-w- C:\WINDOWS\System32\wifitask.exe
2016-04-23 05:12:42 451928 ----a-w- C:\WINDOWS\SysWow64\MFCaptureEngine.dll
2016-04-23 05:12:33 925064 ----a-w- C:\WINDOWS\SysWow64\mfplat.dll
2016-04-23 05:11:52 390496 ----a-w- C:\WINDOWS\System32\wlanapi.dll
2016-04-23 05:11:44 696672 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2016-04-23 05:11:43 115040 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2016-04-23 05:11:30 1092464 ----a-w- C:\WINDOWS\System32\mfplat.dll
2016-04-23 05:11:27 498960 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll
2016-04-23 05:11:14 131424 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys
2016-04-23 05:10:41 330072 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2016-04-23 05:09:39 255168 ----a-w- C:\WINDOWS\SysWow64\LockAppHost.exe
2016-04-23 05:09:36 465760 ----a-w- C:\WINDOWS\SysWow64\SettingSyncHost.exe
2016-04-23 05:09:27 5240960 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2016-04-23 05:09:18 569744 ----a-w- C:\WINDOWS\SysWow64\SHCore.dll
2016-04-23 05:09:18 4074160 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2016-04-23 05:09:00 565600 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe
2016-04-23 05:09:00 303216 ----a-w- C:\WINDOWS\System32\LockAppHost.exe
2016-04-23 05:08:45 6605504 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2016-04-23 05:08:41 725776 ----a-w- C:\WINDOWS\System32\SHCore.dll
2016-04-23 05:08:40 4515256 ----a-w- C:\WINDOWS\explorer.exe
2016-04-23 05:07:38 183904 ----a-w- C:\WINDOWS\SysWow64\rsaenh.dll
2016-04-23 05:07:34 1536088 ----a-w- C:\WINDOWS\SysWow64\crypt32.dll
2016-04-23 05:07:26 204048 ----a-w- C:\WINDOWS\System32\rsaenh.dll
2016-04-23 05:07:19 1848072 ----a-w- C:\WINDOWS\System32\crypt32.dll
2016-04-23 05:06:57 291360 ----a-w- C:\WINDOWS\System32\wininit.exe
2016-04-23 05:02:02 188256 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll
2016-04-23 05:01:54 217440 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll
2016-04-23 05:01:25 619296 ----a-w- C:\WINDOWS\System32\d3d10level9.dll
2016-04-23 05:01:25 1996640 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-04-23 05:01:17 650304 ----a-w- C:\WINDOWS\System32\dxgi.dll
2016-04-23 05:01:15 393568 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-04-23 05:01:13 513368 ----a-w- C:\WINDOWS\SysWow64\d3d10level9.dll
2016-04-23 05:01:11 577368 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-04-23 05:01:10 522176 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2016-04-23 05:00:52 1776768 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-04-23 05:00:45 550656 ----a-w- C:\WINDOWS\System32\directmanipulation.dll
2016-04-23 05:00:45 1399224 ----a-w- C:\WINDOWS\System32\user32.dll
2016-04-23 05:00:43 1594920 ----a-w- C:\WINDOWS\System32\gdi32.dll
2016-04-23 05:00:43 1522152 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-04-23 05:00:40 453472 ----a-w- C:\WINDOWS\SysWow64\directmanipulation.dll
2016-04-23 05:00:35 1337240 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2016-04-23 05:00:29 58208 ----a-w- C:\WINDOWS\System32\dwminit.dll
2016-04-23 05:00:29 1372304 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-04-23 04:56:52 534872 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2016-04-23 04:39:37 89088 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2016-04-23 04:35:38 66560 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2016-04-23 04:34:30 59392 ----a-w- C:\WINDOWS\System32\hmkd.dll
2016-04-23 04:34:19 67072 ----a-w- C:\WINDOWS\System32\drivers\usbser.sys
2016-04-23 04:33:59 63488 ----a-w- C:\WINDOWS\System32\drivers\UcmCx.sys
2016-04-23 04:33:58 65536 ----a-w- C:\WINDOWS\System32\drivers\UMDF\UcmCx.dll
2016-04-23 04:33:47 38400 ----a-w- C:\WINDOWS\System32\ByteCodeGenerator.exe
2016-04-23 04:33:36 89600 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll
2016-04-23 04:33:16 63488 ----a-w- C:\WINDOWS\System32\wshbth.dll
2016-04-23 04:32:22 134656 ----a-w- C:\WINDOWS\System32\wificonnapi.dll
2016-04-23 04:32:11 28672 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2016-04-23 04:32:01 69632 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll
2016-04-23 04:31:17 50176 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll
2016-04-23 04:31:08 74752 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2016-04-23 04:31:00 13018112 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2016-04-23 04:30:57 87552 ----a-w- C:\WINDOWS\System32\drivers\UMDF\WUDFUsbccidDriver.dll
2016-04-23 04:30:51 50176 ----a-w- C:\WINDOWS\SysWow64\MosHostClient.dll
.
============= FINISH:  0:39:59.75 ===============
 
 
Attached File  attach.zip   3.15KB   0 downloads
 
 
thank you in advance for any help or advise or tidbits of info in advance.  i really appreciate anyone spending some time on this.  Thank you.
 
STOMPCATS
B Schnell 

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,215 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:34 AM

Posted 18 May 2016 - 08:48 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I need more information.

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,215 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:34 AM

Posted 24 May 2016 - 07:38 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users