Jump to content

NeverLucky

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

Reputation

0 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. NeverLucky
    I have done Malwarebytes scan, it says no threat found. Addition.txt FRST.txt
  2. NeverLucky
    Hello, I have gotten obvious adware not long ago, and decided to reinstall windows. Although now after reinstalling I can't seem to find any sign of malicious activity, I would like to make sure I don't have some kind of rootkit running. I have ran a gmer scan, and at it yields a detection. I cannot do a full scan, since it will always crash at Trace I/O. If left excluded, no threats are found. Malwarebytes anti0rootkit detects nothing. I would love some help! DDS logs: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.17134.1 Run by jack at 8:23:23 on 2018-07-10 Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8144.6106 [GMT -7:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay C:\Windows\system32\fontdrvhost.exe C:\Windows\system32\svchost.exe -k DcomLaunch -p C:\Windows\system32\fontdrvhost.exe c:\windows\system32\svchost.exe -k rpcss -p c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM C:\Windows\system32\dwm.exe c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc c:\windows\system32\svchost.exe -k localservice -p -s EventSystem c:\windows\system32\svchost.exe -k netsvcs -p -s Themes C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe c:\windows\system32\svchost.exe -k netsvcs -p -s SENS c:\windows\system32\svchost.exe -k localservice -p -s nsi c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp c:\windows\system32\svchost.exe -k localservice -p -s FontCache C:\Windows\system32\svchost.exe -k LocalService -p c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache c:\windows\system32\svchost.exe -k localservice -p -s netprofm c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc c:\windows\system32\svchost.exe -k appmodel -p -s camsvc C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc C:\Windows\System32\spoolsv.exe c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager C:\Windows\System32\svchost.exe -k utcsvc -p c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost svchost.exe c:\windows\system32\svchost.exe -k netsvcs -p c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe c:\windows\system32\sihost.exe c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService c:\windows\system32\taskhostw.exe c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService C:\Windows\system32\ctfmon.exe C:\Windows\Explorer.EXE c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\smartscreen.exe C:\Windows\system32\ApplicationFrameHost.exe C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.21365.0_x64__8wekyb3d8bbwe\HxTsr.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe C:\Windows\system32\browser_broker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Windows Defender\MSASCuiL.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Users\jack\AppData\Local\Microsoft\OneDrive\OneDrive.exe c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc c:\windows\system32\svchost.exe -k unistacksvcgroup c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo C:\Windows\system32\AUDIODG.EXE C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService C:\Windows\system32\svchost.exe -k netsvcs -p -s gpsvc C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uLocal Page = %11%\blank.htm uRun: [OneDrive] "C:\Users\jack\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background mPolicies-System: DSCAutomationHostEnabled = dword:2 mPolicies-System: EnableFullTrustStartupTasks = dword:2 mPolicies-System: EnableUwpStartupTasks = dword:2 mPolicies-System: SupportFullTrustStartupTasks = dword:1 mPolicies-System: SupportUwpStartupTasks = dword:1 TCP: NameServer = 192.168.1.1 TCP: Interfaces\{07210df3-ae29-4dfb-8c04-6c0692e1b45b} : DHCPNameServer = 192.168.1.1 Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll SSODL: WebCheck - <orphaned> LSA: Security Packages = "" CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2 x64-mPolicies-System: EnableUwpStartupTasks = dword:2 x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1 x64-mPolicies-System: SupportUwpStartupTasks = dword:1 x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll x64-SSODL: WebCheck - <orphaned> x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll . ============= SERVICES / DRIVERS =============== . R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2018-4-11 177192] R0 iorate;Disk I/O Rate Filter Driver;C:\Windows\System32\drivers\iorate.sys [2018-4-11 58272] R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\Windows\System32\drivers\SgrmAgent.sys [2018-4-11 63896] R0 volume;Volume driver;C:\Windows\System32\drivers\volume.sys [2018-4-11 16288] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472] R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2018-4-11 209816] R1 afunix;afunix;C:\Windows\System32\drivers\afunix.sys [2018-4-11 39424] R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2018-4-11 254464] R1 bam;Background Activity Moderator Driver;C:\Windows\System32\drivers\bam.sys [2018-4-11 60320] R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2018-7-10 152184] R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2018-4-11 55808] R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2018-4-11 8192] R1 MpKsl9e8228a4;MpKsl9e8228a4;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl9e8228a4.sys [2018-7-10 58120] R2 CDPSvc;Connected Devices Platform Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R2 CDPUserSvc_41042;Connected Devices Platform User Service_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 CldFlt;Windows Cloud Files Filter Driver;C:\Windows\System32\drivers\cldflt.sys [2018-4-11 414208] R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288] R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc -p [2018-4-11 51288] R2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] R2 DusmSvc;Data Usage;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2018-7-10 190696] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-7-10 6541008] R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-7-10 462968] R2 OneSyncSvc_41042;Sync Host_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 SecurityHealthService;Windows Defender Security Center Service;C:\Windows\System32\SecurityHealthService.exe [2018-4-11 761440] R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\Windows\System32\SgrmBroker.exe [2018-4-11 163336] R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2018-4-11 82432] R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 wcifs;Windows Container Isolation;C:\Windows\System32\drivers\wcifs.sys [2018-4-11 151960] R2 WpnService;Windows Push Notifications System Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 WpnUserService_41042;Windows Push Notifications User Service_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx -p [2018-4-11 51288] R3 camsvc;Capability Access Manager Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2018-7-10 112872] R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2018-7-10 44768] R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2018-7-10 253664] R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2018-7-10 103656] R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992] R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2018-4-11 604160] R3 SEMgrSvc;Payments and NFC/SE Manager;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] R3 sshid;SteelSeries HID Service;C:\Windows\System32\drivers\sshid.sys [2018-6-29 47944] R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 TimeBrokerSvc;Time Broker;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R3 TokenBroker;Web Account Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2018-4-11 44032] R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616] S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] S3 AcpiDev;ACPI Devices driver;C:\Windows\System32\drivers\AcpiDev.sys [2018-4-11 20480] S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2018-4-11 1135520] S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 applockerfltr;Smartlocker Filter Driver;C:\Windows\System32\drivers\applockerfltr.sys [2018-4-11 18432] S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288] S3 BcastDVRUserService_41042;GameDVR and Broadcast User Service_41042;C:\Windows\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288] S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2018-4-11 9728] S3 bindflt;Windows Bind Filter Driver;C:\Windows\System32\drivers\bindflt.sys [2018-4-11 92056] S3 BluetoothUserService_41042;Bluetooth User Support Service_41042;C:\Windows\System32\svchost.exe -k BthAppGroup [2018-4-11 51288] S3 BTAGService;Bluetooth Audio Gateway Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 BthAvctpSvc;AVCTP service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\Windows\System32\drivers\bttflt.sys [2018-4-11 38304] S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2018-4-11 39936] S3 CAD;Charge Arbitration Driver;C:\Windows\System32\drivers\CAD.sys [2018-4-11 60320] S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2018-4-11 123392] S3 cht4iscsi;cht4iscsi;C:\Windows\System32\drivers\cht4sx64.sys [2018-4-11 321432] S3 cht4vbd;Chelsio Virtual Bus Driver;C:\Windows\System32\drivers\cht4vx64.sys [2018-4-11 1836952] S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx -p [2018-4-11 51288] S3 DevicePickerUserSvc_41042;DevicePicker_41042;C:\Windows\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevicesFlowUserSvc_41042;DevicesFlow_41042;C:\Windows\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624] S3 diagsvc;Diagnostic Execution Service;C:\Windows\System32\svchost.exe -k diagnostics [2018-4-11 51288] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 embeddedmode;Embedded Mode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 FrameServer;Windows Camera Frame Server;C:\Windows\System32\svchost.exe -k Camera [2018-4-11 51288] S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2018-4-11 20992] S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2018-4-11 50592] S3 HvHost;HV Host Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\Windows\System32\drivers\mshwnclx.sys [2018-4-11 27136] S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iagpio.sys [2018-4-11 36864] S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2018-4-11 91648] S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360] S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576] S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520] S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152] S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\Windows\System32\drivers\iaStorAVC.sys [2018-4-11 885144] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2018-4-11 526232] S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\Windows\System32\drivers\IndirectKmd.sys [2018-4-11 38912] S3 InstallService;Microsoft Store Install Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 IPT;IPT;C:\Windows\System32\drivers\ipt.sys [2018-4-11 32256] S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 ItSas35i;ItSas35i;C:\Windows\System32\drivers\ItSas35i.sys [2018-4-11 145816] S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2018-4-11 124312] S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2018-4-11 128408] S3 LxpSvc;Language Experience Service;C:\Windows\System32\svchost.exe -k netsvcs [2018-4-11 51288] S3 mausbhost;MA-USB Host Controller Driver;C:\Windows\System32\drivers\mausbhost.sys [2018-4-11 505240] S3 mausbip;MA-USB IP Filter Driver;C:\Windows\System32\drivers\mausbip.sys [2018-4-11 56736] S3 megasas2i;megasas2i;C:\Windows\System32\drivers\MegaSas2i.sys [2018-4-11 75160] S3 megasas35i;megasas35i;C:\Windows\System32\drivers\megasas35i.sys [2018-4-11 82328] S3 MessagingService_41042;MessagingService_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2018-4-11 842648] S3 NaturalAuthentication;Natural Authentication;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2018-4-11 108952] S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\Windows\System32\drivers\NetAdapterCx.sys [2018-4-11 175104] S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc.sys [2018-4-11 197632] S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 nvdimm;Microsoft NVDIMM device driver;C:\Windows\System32\drivers\nvdimm.sys [2018-4-11 104448] S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2018-4-11 58776] S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2018-4-11 61848] S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 PimIndexMaintenanceSvc_41042;Contact Data_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 PNPMEM;Microsoft Memory Module Driver;C:\Windows\System32\drivers\pnpmem.sys [2018-4-11 16896] S3 PrintWorkflowUserSvc_41042;PrintWorkflow_41042;C:\Windows\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288] S3 PushToInstall;Windows PushToInstall Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 Ramdisk;Windows RAM Disk Driver;C:\Windows\System32\drivers\ramdisk.sys [2018-4-11 39840] S3 ReFS;ReFS;C:\Windows\System32\drivers\refs.sys [2018-4-11 1921944] S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2018-4-11 945560] S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k rdxgroup [2018-4-11 51288] S3 rhproxy;Resource Hub proxy driver;C:\Windows\System32\drivers\rhproxy.sys [2018-4-11 104448] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288] S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\Windows\System32\drivers\scmbus.sys [2018-4-11 128416] S3 SDFRd;SDF Reflector;C:\Windows\System32\drivers\SDFRd.sys [2018-4-11 33176] S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2018-4-11 1273344] S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2018-4-11 154528] S3 SharedRealitySvc;Spatial Data Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2018-4-11 51288] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\Windows\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752] S3 spectrum;Windows Perception Service;C:\Windows\System32\Spectrum.exe [2018-4-11 976384] S3 ssh-agent;OpenSSH Authentication Agent;C:\Windows\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616] S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2018-4-11 105376] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2018-4-11 48544] S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2018-4-11 303616] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2018-4-11 128512] S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\Windows\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2018-4-11 57856] S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2018-4-11 45056] S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2018-4-11 29080] S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2018-4-11 282008] S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2018-4-11 98200] S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2018-4-11 144288] S3 UnistoreSvc_41042;User Data Storage_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2018-4-11 29088] S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2018-4-11 67992] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2018-4-11 28064] S3 UserDataSvc_41042;User Data Access_41042;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 VacSvc;Volumetric Audio Compositor Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2018-4-11 35328] S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\Windows\System32\drivers\vmgid.sys [2018-4-11 10240] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 WaaSMedicSvc;Windows Update Medic Service;C:\Windows\System32\svchost.exe -k wusvcs -p [2018-4-11 51288] S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 WarpJITSvc;WarpJITSvc;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 wcnfs;Windows Container Name Virtualization;C:\Windows\System32\drivers\wcnfs.sys [2018-4-11 82944] S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2018-4-11 781824] S3 WdmCompanionFilter;WdmCompanionFilter;C:\Windows\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288] S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2018-4-11 32152] S3 WinNat;Windows NAT Driver;C:\Windows\System32\drivers\winnat.sys [2018-4-11 227840] S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2018-4-11 64920] S3 wisvc;Windows Insider Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 wlpasvc;Local Profile Assistant Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 WpcMonSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalService [2018-4-11 51288] S3 xbgm;Xbox Game Monitoring;C:\Windows\System32\xbgmsvc.exe [2018-4-11 59512] S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2018-4-11 292864] S3 XboxGipSvc;Xbox Accessory Management Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2018-4-11 46592] S4 hvcrash;hvcrash;C:\Windows\System32\drivers\hvcrash.sys [2018-4-11 33184] S4 shpamsvc;Shared PC Account Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice] . =============== Created Last 30 ================ . 2018-07-10 22:56:47 -------- d-----w- C:\Windows\Panther 2018-07-10 22:00:48 -------- d-----w- C:\Windows\System32\wbem\MOF\good 2018-07-10 22:00:48 -------- d-----w- C:\Windows\System32\wbem\MOF\bad 2018-07-10 22:00:43 -------- d-sh--we C:\ProgramData\Documents 2018-07-10 22:00:43 -------- d-sh--we C:\Documents and Settings 2018-07-10 21:59:47 -------- d-sh--w- C:\Recovery 2018-07-10 21:59:41 -------- d-----w- C:\ProgramData\USOShared 2018-07-10 21:57:39 -------- d-----w- C:\Windows\System32\drivers\wd 2018-07-10 21:57:38 -------- d-----w- C:\Windows\System32\wbem\MOF 2018-07-10 21:57:20 -------- d-----w- C:\Windows\System32\SleepStudy 2018-07-10 21:57:20 -------- d-----w- C:\Windows\ServiceProfiles 2018-07-10 21:57:19 -------- d-s---w- C:\Windows\System32\Microsoft 2018-07-10 15:21:27 14756216 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4C88C5FF-9BFD-4D03-AF46-53D38143CC50}\mpengine.dll 2018-07-10 15:01:47 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl9e8228a4.sys 2018-07-10 14:51:02 255928 ----a-w- C:\Windows\System32\drivers\7341D396.sys 2018-07-10 14:37:06 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Default\MpKsl939bd3fc.sys 2018-07-10 14:21:25 255928 ----a-w- C:\Windows\System32\drivers\5657E315.sys 2018-07-10 14:21:03 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2018-07-10 14:18:25 44768 ----a-w- C:\Windows\System32\drivers\mbam.sys 2018-07-10 14:18:23 190696 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys 2018-07-10 14:18:23 112872 ----a-w- C:\Windows\System32\drivers\farflt.sys 2018-07-10 14:18:23 103656 ----a-w- C:\Windows\System32\drivers\mwac.sys 2018-07-10 14:18:15 253664 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys 2018-07-10 14:18:08 152184 ----a-w- C:\Windows\System32\drivers\mbae64.sys 2018-07-10 14:18:04 -------- d-----w- C:\ProgramData\Malwarebytes 2018-07-10 14:18:04 -------- d-----w- C:\Program Files\Malwarebytes 2018-07-10 14:18:01 -------- d-----w- C:\Users\jack\AppData\Local\Programs 2018-07-10 13:32:27 -------- d-----w- C:\Users\jack\AppData\Roaming\uTorrent 2018-07-10 13:23:37 -------- d-----w- C:\Users\jack\AppData\Local\D3DSCache 2018-07-10 13:20:58 -------- d-----w- C:\Program Files\NVIDIA Corporation 2018-07-10 13:20:58 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation 2018-07-10 13:20:56 -------- d-----w- C:\Users\jack\AppData\Local\Comms 2018-07-10 13:19:28 -------- d-----w- C:\Users\jack\AppData\Roaming\Wireshark 2018-07-10 13:19:14 -------- d-----w- C:\Program Files (x86)\WinPcap 2018-07-10 13:19:01 -------- d-----w- C:\ProgramData\Package Cache 2018-07-10 13:18:52 -------- d-----w- C:\Program Files\Wireshark 2018-07-10 13:12:36 -------- d-----w- C:\Windows\SysWow64\RTCOM 2018-07-10 13:12:36 -------- d-----w- C:\Program Files\Realtek 2018-07-10 13:05:25 -------- d-----r- C:\Users\jack\OneDrive 2018-07-10 13:05:13 -------- d-----w- C:\Users\jack\AppData\Local\PlaceholderTileLogoFolder 2018-07-10 13:05:05 -------- d-----w- C:\ProgramData\Microsoft OneDrive 2018-07-10 13:04:50 -------- d-----w- C:\Windows\System32\wbem\Performance 2018-07-10 13:02:39 2752000 ----a-w- C:\Windows\SysWow64\PrintConfig.dll 2018-06-29 18:47:22 47944 ----a-w- C:\Windows\System32\drivers\sshid.sys . ==================== Find3M ==================== . 2018-04-12 09:14:26 6656 ----a-w- C:\Windows\SysWow64\drivers\en-US\ndiscap.sys.mui 2018-04-12 09:14:23 11776 ----a-w- C:\Windows\SysWow64\drivers\en-US\NdisImPlatform.sys.mui 2018-04-12 09:14:19 3584 ----a-w- C:\Windows\SysWow64\drivers\en-US\wfplwfs.sys.mui 2018-04-11 23:36:40 208384 ----a-w- C:\Windows\SysWow64\msclmd.dll 2018-04-11 23:36:39 229376 ----a-w- C:\Windows\System32\msclmd.dll 2018-04-11 23:34:59 96256 ----a-w- C:\Windows\SysWow64\IdCtrls.dll 2018-04-11 23:33:58 956416 ----a-w- C:\Windows\System32\WebcamUi.dll 2018-04-11 21:04:40 118272 ----a-w- C:\Windows\SysWow64\poqexec.exe 2018-04-11 21:04:39 141312 ----a-w- C:\Windows\System32\poqexec.exe 2018-04-11 21:04:35 846744 ----a-w- C:\Windows\System32\SmiEngine.dll 2018-04-11 21:04:35 795032 ----a-w- C:\Windows\System32\NetSetupEngine.dll 2018-04-11 21:04:35 207872 ----a-w- C:\Windows\System32\PkgMgr.exe 2018-04-11 21:04:35 141728 ----a-w- C:\Windows\System32\NetSetupApi.dll 2018-04-11 21:04:35 131488 ----a-w- C:\Windows\System32\SSShim.dll 2018-04-11 21:04:35 110592 ----a-w- C:\Windows\System32\NetDriverInstall.dll 2018-04-11 21:04:34 244640 ----a-w- C:\Windows\System32\wdscore.dll . ============= FINISH: 8:24:00.32 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.