Annoying trojan that can't be scanned?

Howdy,

I'm running Windows 10 Pro 64-bit and it has been in otherwise good condition.

My sister and friend stayed over for 2 weeks and now I've got an issue;

It started out with random clicking and keyboard presses. I thought maybe my mouse was dying or a driver was causing issues.

Then, in the middle of a game, something about raining desctruction down started typing out into my in-game chat.

I scanned with MalwareBytes Anti-Malware and got nothing. I slapped on Zone Alarm hoping that would solve it and it seemed to, for a time.

The next evening, I got the usual misclick spam and left a prompt blinking in the URL bar to allow him to converse. I was creeped out shortly thereafter by getting a message about "the moronic leaders of Australia" or something (I killed my switch instantly).

I re-scanned with MBAM, then M$' defender. Nothing. Tried checking firewall and cleared everything. Seemed to work.

Day 3 - It starts happening again in the evening. I've downloaded and run Kapersky free, Avast (both full startup scan and regular scans), Avira and also Norton Power Eraser (I just went for anything that anyone recommended at this point lol).

Now, here's where I'm not sure if it's a bug or not; Avast did a network scan and seemed to believe "the DNS was compromised". I'm using the "get DNS from ISP" option on the router, but I also tried changing it to 8.8.8.8 and it still claimed the DNS was compromised.

So I swapped out another router (fresh out of the box from Optus) and did a refresh of windows (though I kept my files, just replaced the windows stuff). Since that, Avast has stopped giving network errors (though it seems I've gotten a different version both times).

Since then, I've not noticed any loss of controls yet, but it's also outside of the usual time window so I might not expect to see any until tomorrow, maybe in the afternoon / evening. On top of that, my internet connection went FUBAR earlier. Almost like I was being DDoS'd, except that Perf Monitor was claiming the bandwidth was being used on my PC somehow.


Here's the DDS log file:


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16384
Run by surfe at 1:05:28 on 2016-01-16
Microsoft Windows 10 Pro 10.0.10240.0.1252.1.1033.18.16311.14090 [GMT 11:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall *Enabled* {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
C:\WINDOWS\system32\taskeng.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\AMD\CNext\CNext\cnext.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files (x86)\Razer\Razer Cortex\main.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uLocal Page = %11%\blank.htm
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [OneDrive] "C:\Users\surfe\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Games SSD\Steam\steam.exe" -silent
uRun: [FreeAC] C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
mRun: [RazerCortex] C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe -autorun
mRun: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] "C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{3510d6f0-e93b-4178-b86b-53d670725703} : DHCPNameServer = 192.168.0.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\syswow64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\WINDOWS\System32\drivers\aswRvrt.sys [2016-1-16 65224]
R0 aswVmm;avast! VM Monitor;C:\WINDOWS\System32\drivers\aswVmm.sys [2016-1-16 273784]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 ngvss;ngvss;C:\WINDOWS\System32\drivers\ngvss.sys [2016-1-16 147088]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-7-10 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2016-1-16 1055560]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2016-1-16 451040]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-7-10 8192]
R1 nm3;Microsoft Network Monitor 3 Driver;C:\WINDOWS\System32\drivers\nm3.sys [2010-6-9 46392]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-17 254992]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 aswHwid;avast! HardwareID;C:\WINDOWS\System32\drivers\aswHwid.sys [2016-1-16 28656]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2016-1-16 97648]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2016-1-16 155304]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2016-1-16 226440]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-7-30 328608]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2015-9-24 188072]
R2 RzKLService;RzKLService;C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [2016-1-15 129168]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2016-1-15 37184]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2016-1-16 310904]
R2 ZAPrivacyService;ZoneAlarm Privacy Service;C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [2015-10-19 96272]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2016-1-16 5561368]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-7-30 47008]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-6-27 39480]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-7-10 587264]
R3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2015-7-21 49880]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-7-21 200920]
R3 SSMO3v2Filter;MMO3v2 Mouse;C:\WINDOWS\System32\drivers\MO3v2Driver.sys [2010-11-22 23040]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UHSfiltv;UHSfiltv;C:\WINDOWS\System32\drivers\UHSfiltv.sys [2015-8-10 32264]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-7-29 40720]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-7-10 32256]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-6-27 50232]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-7-10 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 rzbtendpt;Razer Bluetooth End Point;C:\WINDOWS\System32\drivers\rzbtendpt.sys [2015-7-21 49880]
S3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-7-21 42200]
S3 rzhnet;Razer Inc. External Display Driver;C:\WINDOWS\System32\drivers\rzhnet.sys [2015-7-21 29912]
S3 rzjstk;Razer Virtual Joystick Driver;C:\WINDOWS\System32\drivers\rzjstk.sys [2015-7-21 36568]
S3 rzkeypadendpt;Razer Keypad Endpoint;C:\WINDOWS\System32\drivers\rzkeypadendpt.sys [2015-7-21 43736]
S3 rzmpos;rzmpos;C:\WINDOWS\System32\drivers\rzmpos.sys [2015-7-21 46808]
S3 rzp1endpt;Razer platform 1 end point;C:\WINDOWS\System32\drivers\rzp1endpt.sys [2015-7-21 50392]
S3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-7-21 42200]
S3 rzvmouse;Razer Virtual Mouse;C:\WINDOWS\System32\drivers\rzvmouse.sys [2015-7-21 42200]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-7-10 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 ssdevfactory;SteelSeries Device Factory Service;C:\WINDOWS\System32\drivers\ssdevfactory.sys [2015-10-3 40568]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-7-10 78688]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-7-10 45056]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2014-8-15 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-7-10 685056]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-7-10 95744]
.
=============== Created Last 30 ================
.
.
==================== Find3M ====================
.
2016-01-16 04:28:59 851456 ----a-w- C:\WINDOWS\System32\comdlg32.dll
2016-01-15 13:57:22 16148 ----a-w- C:\WINDOWS\System32\DESKTOP-DV1A4A7_surfe_HistoryPrediction.bin
2016-01-15 13:13:11 147088 ----a-w- C:\WINDOWS\System32\drivers\ngvss.sys
2016-01-15 13:04:34 97648 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2016-01-15 13:03:35 93528 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2016-01-15 13:03:35 65224 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2016-01-15 13:03:35 28656 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2016-01-15 13:03:35 273784 ----a-w- C:\WINDOWS\System32\drivers\aswVmm.sys
2016-01-15 13:03:35 155304 ----a-w- C:\WINDOWS\System32\drivers\aswStm.sys
2016-01-15 13:03:34 43112 ----a-w- C:\WINDOWS\avastSS.scr
2016-01-15 13:03:29 1055560 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2016-01-15 12:16:16 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-01-15 12:12:59 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-01-15 09:51:46 144 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-15 09:48:33 0 ----a-w- C:\WINDOWS\ativpsrm.bin
2016-01-15 09:42:03 451 ----a-w- C:\WINDOWS\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-16 19:45:42 162784 ----a-w- C:\WINDOWS\System32\atiuxp64.dll
2015-12-16 19:45:42 143080 ----a-w- C:\WINDOWS\SysWow64\atiuxpag.dll
2015-12-16 19:45:40 8168856 ----a-w- C:\WINDOWS\SysWow64\atiumdva.dll
2015-12-16 19:45:28 9158496 ----a-w- C:\WINDOWS\SysWow64\atiumdag.dll
2015-12-16 19:45:18 9105552 ----a-w- C:\WINDOWS\System32\atiumd6a.dll
2015-12-16 19:45:10 10919104 ----a-w- C:\WINDOWS\System32\atiumd64.dll
2015-12-16 19:45:00 112392 ----a-w- C:\WINDOWS\SysWow64\atiu9pag.dll
2015-12-16 19:44:58 130616 ----a-w- C:\WINDOWS\System32\atiu9p64.dll
2015-12-16 19:44:56 88032 ----a-w- C:\WINDOWS\System32\atimpc64.dll
2015-12-16 19:44:56 81200 ----a-w- C:\WINDOWS\SysWow64\atimpc32.dll
2015-12-16 19:44:54 13313544 ----a-w- C:\WINDOWS\System32\atidxx64.dll
2015-12-16 19:44:42 11011560 ----a-w- C:\WINDOWS\SysWow64\atidxx32.dll
2015-12-16 19:44:32 1519232 ----a-w- C:\WINDOWS\System32\aticfx64.dll
2015-12-16 19:44:28 1249664 ----a-w- C:\WINDOWS\SysWow64\aticfx32.dll
2015-12-16 19:44:10 8426376 ----a-w- C:\WINDOWS\SysWow64\amdxc32.dll
2015-12-16 19:44:02 88032 ----a-w- C:\WINDOWS\System32\amdpcom64.dll
2015-12-16 19:44:00 81200 ----a-w- C:\WINDOWS\SysWow64\amdpcom32.dll
2015-12-16 19:44:00 471344 ----a-w- C:\WINDOWS\System32\amdmiracast.dll
2015-12-16 19:43:56 151968 ----a-w- C:\WINDOWS\System32\amdhcp64.dll
2015-12-16 19:43:56 138416 ----a-w- C:\WINDOWS\SysWow64\amdhcp32.dll
2015-12-16 19:43:48 128568 ----a-w- C:\WINDOWS\System32\amdave64.dll
2015-12-16 19:43:48 120200 ----a-w- C:\WINDOWS\SysWow64\amdave32.dll
2015-12-16 19:41:18 97808 ----a-w- C:\WINDOWS\SysWow64\mantleaxl32.dll
2015-12-16 19:41:18 104976 ----a-w- C:\WINDOWS\System32\mantleaxl64.dll
2015-12-16 19:41:16 136208 ----a-w- C:\WINDOWS\System32\mantle64.dll
2015-12-16 19:41:14 203792 ----a-w- C:\WINDOWS\System32\hsa-thunk64.dll
2015-12-16 19:41:14 122384 ----a-w- C:\WINDOWS\SysWow64\mantle32.dll
2015-12-16 19:41:12 183312 ----a-w- C:\WINDOWS\SysWow64\hsa-thunk.dll
2015-12-16 19:41:08 232464 ----a-w- C:\WINDOWS\System32\dgtrayicon.exe
2015-12-16 19:41:06 874000 ----a-w- C:\WINDOWS\System32\coinst_15.30.dll
2015-12-16 19:41:06 12816 ----a-w- C:\WINDOWS\SysWow64\detoured.dll
2015-12-16 19:41:06 12816 ----a-w- C:\WINDOWS\System32\detoured.dll
2015-12-16 19:41:02 243728 ----a-w- C:\WINDOWS\System32\clinfo.exe
2015-12-16 19:37:32 199696 ----a-w- C:\WINDOWS\System32\atitmm64.dll
2015-12-16 19:37:30 97808 ----a-w- C:\WINDOWS\System32\atisamu64.dll
2015-12-16 19:37:26 89616 ----a-w- C:\WINDOWS\SysWow64\atisamu32.dll
2015-12-16 19:37:24 25848848 ----a-w- C:\WINDOWS\SysWow64\atioglxx.dll
2015-12-16 19:35:16 341520 ----a-w- C:\WINDOWS\System32\ATIODE.exe
2015-12-16 19:34:50 59920 ----a-w- C:\WINDOWS\System32\ATIODCLI.exe
2015-12-16 19:34:22 31385616 ----a-w- C:\WINDOWS\System32\atio6axx.dll
2015-12-16 19:32:02 40464 ----a-w- C:\WINDOWS\System32\atimuixx.dll
2015-12-16 19:31:38 679952 ----a-w- C:\WINDOWS\System32\drivers\atikmpag.sys
2015-12-16 19:31:14 23969808 ----a-w- C:\WINDOWS\System32\drivers\atikmdag.sys
2015-12-16 19:29:52 78864 ----a-w- C:\WINDOWS\SysWow64\atiglpxx.dll
2015-12-16 19:29:52 78864 ----a-w- C:\WINDOWS\System32\atiglpxx.dll
2015-12-16 19:29:50 151056 ----a-w- C:\WINDOWS\SysWow64\atigktxx.dll
2015-12-16 19:29:48 84504 ----a-w- C:\WINDOWS\System32\atig6pxx.dll
2015-12-16 19:29:48 166416 ----a-w- C:\WINDOWS\System32\atig6txx.dll
2015-12-16 19:29:38 254992 ----a-w- C:\WINDOWS\System32\atiesrxx.exe
2015-12-16 19:29:16 561168 ----a-w- C:\WINDOWS\System32\atieclxx.exe
2015-12-16 19:28:56 171032 ----a-w- C:\WINDOWS\System32\atieah64.exe
2015-12-16 19:28:56 154128 ----a-w- C:\WINDOWS\SysWow64\atieah32.exe
2015-12-16 19:28:54 451088 ----a-w- C:\WINDOWS\System32\atidemgy.dll
2015-12-16 19:28:36 71184 ----a-w- C:\WINDOWS\System32\aticalrt64.dll
2015-12-16 19:28:14 60944 ----a-w- C:\WINDOWS\SysWow64\aticalrt.dll
2015-12-16 19:27:52 15720464 ----a-w- C:\WINDOWS\System32\aticaldd64.dll
2015-12-16 19:27:20 14310928 ----a-w- C:\WINDOWS\SysWow64\aticaldd.dll
2015-12-16 19:26:12 64528 ----a-w- C:\WINDOWS\System32\aticalcl64.dll
2015-12-16 19:26:10 57872 ----a-w- C:\WINDOWS\SysWow64\aticalcl.dll
2015-12-16 19:26:08 375824 ----a-w- C:\WINDOWS\System32\atiapfxx.exe
2015-12-16 19:25:26 950288 ----a-w- C:\WINDOWS\SysWow64\atiadlxy.dll
2015-12-16 19:25:26 950288 ----a-w- C:\WINDOWS\SysWow64\atiadlxx.dll
2015-12-16 19:25:22 1281552 ----a-w- C:\WINDOWS\System32\atiadlxx.dll
2015-12-16 19:25:20 52240 ----a-w- C:\WINDOWS\System32\drivers\ati2erec.dll
2015-12-16 19:25:02 49992720 ----a-w- C:\WINDOWS\System32\amdocl64.dll
2015-12-16 19:22:22 27605008 ----a-w- C:\WINDOWS\System32\amdocl12cl64.dll
2015-12-16 19:21:20 22357008 ----a-w- C:\WINDOWS\SysWow64\amdocl12cl.dll
2015-12-16 19:20:32 41519120 ----a-w- C:\WINDOWS\SysWow64\amdocl.dll
2015-12-16 19:19:06 59408 ----a-w- C:\WINDOWS\System32\amdmmcl6.dll
2015-12-16 19:19:04 48144 ----a-w- C:\WINDOWS\SysWow64\amdmmcl.dll
2015-12-16 19:17:14 6651920 ----a-w- C:\WINDOWS\System32\amdmantle64.dll
2015-12-16 19:16:20 5232656 ----a-w- C:\WINDOWS\SysWow64\amdmantle32.dll
2015-12-16 19:15:26 686608 ----a-w- C:\WINDOWS\System32\amdlvr64.dll
2015-12-16 19:15:22 571408 ----a-w- C:\WINDOWS\SysWow64\amdlvr32.dll
2015-12-16 19:13:50 213520 ----a-w- C:\WINDOWS\System32\amdgfxinfo64.dll
2015-12-16 19:13:50 143376 ----a-w- C:\WINDOWS\System32\amdhdl64.dll
2015-12-16 19:13:50 132112 ----a-w- C:\WINDOWS\SysWow64\amdhdl32.dll
2015-12-16 19:13:48 198672 ----a-w- C:\WINDOWS\SysWow64\amdgfxinfo32.dll
2015-12-16 19:13:46 305392 ----a-w- C:\WINDOWS\System32\drivers\amdacpksd.sys
2015-12-16 19:13:44 73744 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2015-12-16 19:13:44 68112 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2015-12-16 18:07:46 10339016 ----a-w- C:\WINDOWS\System32\amdxc64.dll
2015-11-26 00:55:44 51688 ----a-w- C:\WINDOWS\System32\drivers\spfdrv.sys
2015-11-13 21:00:40 1804680 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
.
============= FINISH: 1:05:41.18 ===============


Please help me, Tech Support Forum... You're my only hope! I REALLY need to be stable for Diablo 3's ladder ;) Oh, and I guess it would be nice to not have everything stolen too.

Attached Files

attach.txt (7.6 KB)