Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 4/22/18
Scan Time: 9:46 AM
Log File: e1491cc0-463b-11e8-96ad-005056c00001.json
Administrator: Yes
-Software Information-
Version: 3.4.5.2467
Components Version: 1.0.342
Update Package Version: 1.0.4836
License: Trial
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Unimatrix0\UnimatrixZero
-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Cancelled
Objects Scanned: 365
Threats Detected: 1
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 1 min, 3 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 1
Rootkit.Agent.PUA, C:\Windows\System32\drivers\atoilpsv.sys, No Action By User, [382], [429857],0.0.0
Physical Sector: 0
(No malicious items detected)
(end)
I quarantined the PUA Agent. The virus is located inside a folder called ataepwm so I suspect that is involved somehow.
FRST.txt
Addition.txt