Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Help, accidentally entered a hacked website!

This is a discussion on Help, accidentally entered a hacked website! within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hi, I accidentally clicked on a website (oakthreestudios.com/), this is what is says at the google search page: You'r website


Closed Thread
 
Thread Tools Search this Thread
Old 07-02-2017, 08:45 AM   #1
Registered Member
 
Join Date: Jul 2017
Posts: 5
OS: windows 10



Hi,

I accidentally clicked on a website (oakthreestudios.com/), this is what is says at the google search page:

You'r website hacked by Talleryrand Ayyildiz.org [ Ayyildiz.org //Talleryrand ] [ Hacked ]. I'M HERE I'M Talleryrand Tarihine bak. Trk Milletine karsı isyanın sonu ...

Any cause of concerns? Will my laptop be infected with virus? I close the website immediately but scanned my laptop using Trend Micro Max Security but it did not found anything suspicious? Can I take it that everything is okay?

Thank you so much, Im an IT noob so any advices are much appreciated.
mint123 is offline  
Sponsored Links
Advertisement
 
Old 07-02-2017, 08:51 AM   #2
Registered Member
 
Join Date: Jul 2017
Posts: 5
OS: windows 10



I followed the instructions as stated on this page: https://www.techsupportforum.com/foru...lp-305963.html


Here's the dds.txt content:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.953
Run by Huey Min at 23:41:41 on 2017-07-02
Microsoft Windows 10 Home 10.0.14393.0.1252.65.1033.18.8075.1369 [GMT 8:00]
.
AV: Trend Micro Maximum Security *Enabled/Updated* {6458A697-CD62-2062-F924-44AA7F87C1E7}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Trend Micro Maximum Security *Enabled/Updated* {DF394773-EB58-2FEC-C394-7FD804008B5A}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k NetworkService
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxCUIService.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe
C:\Windows\system32\Intel\DPTF\esif_uf.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiWatchDog.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHDCPSvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\ibtsiva.exe
C:\Windows\system32\CxAudMsg64.exe
C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe
C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
C:\Windows\system32\SAsrv.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k appmodel
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHeciSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Windows\TEMP\DPTF\esif_assist_64.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\svchost.exe -k UnistackSvcGroup
C:\Windows\system32\taskhostw.exe
C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\BhcMgr.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxEM.exe
C:\Windows\System32\InputMethod\CHS\ChsIME.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Windows\system32\SettingSyncHost.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files (x86)\ASUS\Giftbox\asusgiftbox.exe
C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe
C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
C:\Program Files\Trend Micro\UniClient\UiFrmWrk\uiSeAgnt.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\Huey Min\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Conexant\SAII\SmartAudio.exe
C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.12990.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41125.0_x64__8wekyb3d8bbwe\HxOutlook.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8241.41125.0_x64__8wekyb3d8bbwe\HxTsr.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\Windows\system32\browser_broker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\system32\AUDIODG.EXE
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\AMSP\module\20013\ChromeExt\chromeextension\TmopChromeMsgHost32.exe
C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\chrome_extension2\host\chrome_native_msg_host.exe
C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\chromeextension\NativeMessageHost\ToolbarNativeMsgHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uProxyOverride = localhost;*.local
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
BHO: Trend Micro Security Toolbar Helper: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
BHO: Trend Micro Network Filter Plugin: {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg32.dll
BHO: Trend Micro IE Protection: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
TB: Trend Micro Security Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
uRun: [OneDrive] "C:\Users\Huey Min\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRunOnce: [Application Restart #0] C:\Program Files\Trend Micro\TMIDS\tower\PwmTower.exe --user-data-dir="C:\Users\Huey Min\AppData\Local\DP_Tower_3.7" --js-flags=--expose-gc --user-data-dir="C:\Users\Huey Min\AppData\Local\DP_Tower_3.7" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp=tower_main --restore-last-session tower_main 49153 ti_bundle en-us
uRunOnce: [Application Restart #4] C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe --no-displaying-insecure-content --disable-devtools --user-data-dir="C:\Users\Huey Min\AppData\Local\ASUS GIFTBOX\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files (x86)\ASUS\Giftbox" --restore-last-session
uRunOnce: [Application Restart #1] C:\Program Files (x86)\ASUS\Giftbox\Asusgiftbox.exe --no-displaying-insecure-content --disable-devtools --user-data-dir="C:\Users\Huey Min\AppData\Local\ASUS GIFTBOX\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files (x86)\ASUS\Giftbox" --restore-last-session
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{36b599e2-2800-43cf-9a5a-aa8538e4642f} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{b3410cc0-3378-42f8-8152-135f5140755c} : DHCPNameServer = 40.53.1.13
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe32.dll
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg32.dll
Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-BHO: Trend Micro Security Toolbar Helper: {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
x64-BHO: Trend Micro Network Filter Plugin: {959A5673-7971-48e6-AF54-58F745AC4ABC} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg.dll
x64-BHO: Trend Micro IE Protection: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll
x64-TB: Trend Micro Security Toolbar: {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
x64-Run: [ShadowPlay] "C:\Windows\System32\rundll32.exe" C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Platinum] "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" 1
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.2.1026\9.2.1026\TmBpIe64.dll
x64-Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\5.0.1403\2.7.1088\TmopIEPlg.dll
x64-Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ToolbarIE.dll
x64-Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\plugin\ToolbarIE64\ProToolbarIMRatingActiveX.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2017-1-6 798728]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\Windows\System32\drivers\iorate.sys [2017-6-3 48992]
R0 TMEBC;TMEBC;C:\Windows\System32\drivers\TMEBC64.sys [2017-6-3 72504]
R0 volume;Volume driver;C:\Windows\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2016-11-10 199008]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2016-11-10 227328]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2015-5-9 20096]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2017-6-3 118992]
R1 tmumh;tmumh;C:\Windows\System32\drivers\TMUMH.sys [2017-6-3 113880]
R2 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2017-6-3 365576]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-4-3 83768]
R2 AsBhcService;ASUS Battery Health Charging Service;C:\Program Files (x86)\ASUS\ASUS Battery Health Charging\AsBhcSrv.exe [2016-10-21 114360]
R2 CDPSvc;Connected Devices Platform Service;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_252ddc6a;CDPUserSvc_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-5-13 4411592]
R2 clreg;Virtual Registry for Containers;C:\Windows\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\IntelCpHDCPSvc.exe [2017-4-7 480224]
R2 CxAudMsg;Conexant Audio Message Service;C:\Windows\System32\CxAudMsg64.exe [2017-5-13 207576]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\System32\Intel\DPTF\esif_uf.exe [2017-4-7 2210424]
R2 ibtsiva;Intel Bluetooth Service;C:\Windows\System32\ibtsiva --> C:\Windows\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_68bef4347a7593da\igfxCUIService.exe [2017-4-7 341984]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-12-20 196200]
R2 Kingsoft_WPS_UpdateService;WPS Office Update Service;C:\Program Files (x86)\Kingsoft\WPS Office\10.1.0.5644\wtoolex\wpsupdatesvr.exe [2016-11-10 133376]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\2.3.322.0\McCSPServiceHost.exe [2017-2-28 2054080]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-5-13 458176]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-5-13 427064]
R2 OneSyncSvc_252ddc6a;Sync Host_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 PEFService;Intel Security PEF Service;C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [2017-5-13 1105840]
R2 Platinum Host Service;Platinum Host Service;C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [2017-6-3 1145856]
R2 PwmSvc;Trend Micro Password Manager Central Control Service;C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [2017-6-3 2466304]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2017-5-13 389896]
R2 SAService;Conexant SmartAudio service;C:\Windows\System32\SASrv.exe [2017-5-13 416576]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 TeamViewer;TeamViewer 11;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-11-10 7032080]
R2 tiledatamodelsvc;Tile Data model server;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 tmusa;Trend Micro Osprey Driver;C:\Windows\System32\drivers\tmusa.sys [2017-6-3 131800]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\Windows\System32\drivers\wcifs.sys [2016-11-10 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\Windows\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WpnService;Windows Push Notifications System Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2016-12-27 3732896]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2016-11-15 29312]
R3 AsusHFilter;ASUS Patch;C:\Windows\System32\drivers\AsusHFilter.sys [2016-12-23 30200]
R3 AsusPTPDrv;ASUS Touch Service;C:\Windows\System32\drivers\AsusPTPFilter.sys [2017-3-9 99304]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\drivers\BthLEEnum.sys [2017-6-3 249856]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2017-4-7 67968]
R3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2017-4-7 355200]
R3 HIDSwitch;ASUS Wireless Radio Control;C:\Windows\System32\drivers\AsRadioControl.sys [2016-12-20 31120]
R3 iaLPSS2_I2C;iaLPSS2_I2C;C:\Windows\System32\drivers\iaLPSS2_I2C.sys [2016-10-27 184120]
R3 iaLPSS2_SPI;Intel(R) Serial IO SPI Driver v2;C:\Windows\System32\drivers\iaLPSS2_SPI.sys [2016-10-27 151352]
R3 iaLPSS2_UART2;Intel(R) Serial IO UART Driver v2;C:\Windows\System32\drivers\iaLPSS2_UART2.sys [2016-10-27 287032]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\Windows\System32\drivers\ibtusb.sys [2017-1-14 739584]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2017-4-7 820752]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit;C:\Windows\System32\drivers\Netwtw04.sys [2017-1-21 7923464]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2017-5-13 47672]
R3 nvvhci;NVVHCI Enumerator Service;C:\Windows\System32\drivers\nvvhci.sys [2017-5-13 59448]
R3 PimIndexMaintenanceSvc_252ddc6a;Contact Data_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2016-7-16 151904]
R3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 TimeBrokerSvc;Time Broker;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 tmeevw;tmeevw;C:\Windows\System32\drivers\tmeevw.sys [2017-6-3 143648]
R3 tmnciesc;tmnciesc;C:\Windows\System32\drivers\tmnciesc.sys [2017-6-3 561952]
R3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2016-7-16 28512]
R3 UnistoreSvc_252ddc6a;User Data Storage_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_252ddc6a;User Data Access_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2017-6-3 719872]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\drivers\WUDFRd.sys [2016-7-16 216064]
S0 tmel;tmel;C:\Windows\System32\drivers\tmel.sys [2017-6-3 39056]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S3 AcpiDev;ACPI Devices driver;C:\Windows\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\System32\drivers\AmUStor.sys [2016-6-15 90264]
S3 applockerfltr;Smartlocker Filter Driver;C:\Windows\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 bcmfn;bcmfn Service;C:\Windows\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2016-11-10 118272]
S3 cht4iscsi;cht4iscsi;C:\Windows\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\Windows\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 DcpSvc;DataCollectionPublishingService;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Windows Camera Frame Server;C:\Windows\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HvHost;HV Host Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\Windows\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\Windows\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-10-14 630048]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 megasas2i;megasas2i;C:\Windows\System32\drivers\MegaSas2i.sys [2016-11-10 64352]
S3 MessagingService_252ddc6a;MessagingService_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2016-12-27 268704]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\Windows\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-5-13 464440]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-5-13 464440]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-5-13 29240]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2017-6-23 260296]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\Windows\System32\drivers\scmbus.sys [2017-6-3 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\Windows\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2017-6-3 1312768]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2016-11-10 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2016-7-16 32096]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2016-7-16 287744]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\Windows\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\Windows\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\Windows\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-6-3 347320]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_252ddc6a;Windows Push Notifications User Service_252ddc6a;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 wpscloudsvr;WPS Office Cloud Service;C:\Program Files (x86)\Kingsoft\WPS Office\wpscloudsvr.exe [2016-11-10 162048]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2017-6-3 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2016-11-10 43520]
S4 shpamsvc;Shared PC Account Manager;C:\Windows\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService [2016-7-16 44496]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-06-23 04:21:54 572104 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2017-06-23 04:21:28 29896 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2017-06-23 04:04:00 260296 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2017-06-19 14:45:08 -------- d-----w- C:\Users\Huey Min\AppData\Local\CEF
2017-06-19 14:36:24 -------- d-----w- C:\Users\Huey Min\AppData\Local\Adobe
2017-06-17 10:13:05 1535696 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ClientTelemetry.dll
2017-06-15 18:14:41 -------- d-s---w- C:\Windows\UpdateAssistantV2
2017-06-12 16:21:44 -------- d-----w- C:\Users\Huey Min\AppData\Local\CrashDumps
2017-06-12 15:43:18 -------- d-----w- C:\Users\Huey Min\AppData\Local\Cyberlink
2017-06-11 03:21:46 -------- d-----w- C:\Users\Huey Min\AppData\Local\UNP
2017-06-10 16:50:04 -------- d---a-w- C:\Program Files\UNP
2017-06-10 16:50:04 -------- d-----w- C:\Windows\System32\UNP
2017-06-04 07:41:23 -------- d-----w- C:\Users\Huey Min\AppData\Local\Apple Computer
2017-06-04 07:41:08 -------- d---a-w- C:\Program Files\iTunes
2017-06-04 07:41:08 -------- d-----w- C:\Program Files\iPod
2017-06-04 07:40:45 -------- d-----w- C:\Users\Huey Min\AppData\Local\Apple
2017-06-04 07:40:39 -------- d---a-w- C:\Program Files\Bonjour
2017-06-04 07:40:39 -------- d---a-w- C:\Program Files (x86)\Bonjour
2017-06-03 15:55:55 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55D664DC-D494-3BEA-9F5F-4B1C2197DB33}\GapaEngine.dll
2017-06-03 15:52:56 -------- d-----w- C:\Program Files\Common Files\TmSentry
2017-06-03 15:49:22 -------- d-----w- C:\Windows\System32\MRT
2017-06-03 15:30:59 999424 ----a-w- C:\Windows\System32\TSWorkspace.dll
2017-06-03 15:29:59 1060352 ----a-w- C:\Windows\System32\AppContracts.dll
2017-06-03 15:22:51 -------- d-----w- C:\Users\Huey Min\AppData\Local\User Data
2017-06-03 15:22:50 -------- d-----w- C:\Users\Huey Min\AppData\Local\Chromium
2017-06-03 15:16:40 -------- d--h--w- C:\TMRescueDisk
2017-06-03 15:12:35 -------- d-----w- C:\Users\Huey Min\AppData\Roaming\Trend Micro
2017-06-03 15:12:34 -------- d-----w- C:\Users\Huey Min\AppData\Local\DP_Tower_3.7
2017-06-03 15:11:55 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\NisBackup\gapaengine.dll
2017-06-03 15:11:55 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3A2B93B0-02DC-49EA-B1E7-8D9C54E30CF2}\gapaengine.dll
2017-06-03 15:11:47 13020000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C84DF0F5-3B42-48E5-A755-12305C8793C5}\mpengine.dll
2017-06-03 15:11:39 565416 ------w- C:\Windows\System32\MpSigStub.exe
2017-06-03 15:11:13 -------- d-----w- C:\Users\Huey Min\AppData\Local\Trend Micro
2017-06-03 15:09:44 -------- d-----w- C:\ProgramData\Trend Micro
2017-06-03 15:09:13 120320 ----a-w- C:\Windows\SysWow64\poqexec.exe
2017-06-03 15:09:04 142848 ----a-w- C:\Windows\System32\poqexec.exe
2017-06-03 14:45:21 -------- d-----w- C:\Users\Huey Min\AppData\Local\Google
2017-06-03 14:36:30 717824 ----a-w- C:\Windows\System32\MSWB70804.dll
2017-06-03 14:36:30 526848 ----a-w- C:\Windows\SysWow64\MSWB70804.dll
2017-06-03 14:36:30 409600 ----a-w- C:\Windows\System32\NL7Lexicons0804.dll
2017-06-03 14:36:30 3430912 ----a-w- C:\Windows\System32\NL7Data0804.dll
2017-06-03 14:36:30 3361792 ----a-w- C:\Windows\SysWow64\NL7Data0804.dll
2017-06-03 14:36:30 2963968 ----a-w- C:\Windows\System32\NL7Models0804.dll
2017-06-03 14:33:26 -------- d-----w- C:\Users\Huey Min\AppData\Local\NetworkTiles
.
==================== Find3M ====================
.
2017-07-02 15:01:05 200 ----a-w- C:\Users\Huey Min\AppData\Roaming\sp_data.sys
2017-06-15 11:54:08 118272 ----a-w- C:\Windows\SysWow64\AppointmentActivation.dll
2017-06-03 15:10:17 59 ----a-w- C:\Windows\System32\SupportTool.exe.bat
2017-06-03 10:50:15 192856 ----a-w- C:\Windows\SysWow64\aepic.dll
2017-06-03 10:50:04 315744 ----a-w- C:\Windows\SysWow64\atmfd.dll
2017-06-03 10:16:14 279904 ----a-w- C:\Windows\System32\drivers\sdbus.sys
2017-06-03 10:14:28 379232 ----a-w- C:\Windows\System32\atmfd.dll
2017-06-03 10:14:27 629088 ----a-w- C:\Windows\System32\generaltel.dll
2017-06-03 10:14:27 1564512 ----a-w- C:\Windows\System32\appraiser.dll
2017-06-03 10:14:27 1214816 ----a-w- C:\Windows\System32\aeinv.dll
2017-06-03 10:14:26 96608 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2017-06-03 10:14:26 544096 ----a-w- C:\Windows\System32\devinv.dll
2017-06-03 10:14:26 334176 ----a-w- C:\Windows\System32\invagent.dll
2017-06-03 10:14:26 233824 ----a-w- C:\Windows\System32\aepic.dll
2017-06-03 10:14:26 136032 ----a-w- C:\Windows\System32\acmigration.dll
2017-06-03 10:14:25 136024 ----a-w- C:\Windows\System32\ImplatSetup.dll
2017-06-03 10:14:23 335712 ----a-w- C:\Windows\System32\dcntel.dll
2017-06-03 10:14:20 34648 ----a-w- C:\Windows\System32\DeviceCensus.exe
2017-06-03 10:11:29 1706488 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2017-06-03 10:11:25 128864 ----a-w- C:\Windows\System32\drivers\tm.sys
2017-06-03 10:09:08 2213760 ----a-w- C:\Windows\System32\KernelBase.dll
2017-06-03 10:08:10 7783256 ----a-w- C:\Windows\System32\ntoskrnl.exe
2017-06-03 1040 2048496 ----a-w- C:\Windows\SysWow64\CoreUIComponents.dll
2017-06-03 10:01:49 2681200 ----a-w- C:\Windows\System32\CoreUIComponents.dll
2017-06-03 09:59:51 764392 ----a-w- C:\Windows\System32\CoreMessaging.dll
2017-06-03 09:59:40 1181024 ----a-w- C:\Windows\System32\drivers\ndis.sys
2017-06-03 09:59:25 118112 ----a-w- C:\Windows\System32\drivers\tdx.sys
2017-06-03 09:58:13 340832 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2017-06-03 09:55:19 780640 ----a-w- C:\Windows\SysWow64\WWAHost.exe
2017-06-03 09:54:24 187232 ----a-w- C:\Windows\System32\drivers\dumpsd.sys
2017-06-03 09:53:07 404824 ----a-w- C:\Windows\System32\msv1_0.dll
2017-06-03 09:52:57 1021784 ----a-w- C:\Windows\SysWow64\AppxPackaging.dll
2017-06-03 09:52:38 111968 ----a-w- C:\Windows\SysWow64\NetSetupApi.dll
2017-06-03 09:52:31 607072 ----a-w- C:\Windows\SysWow64\NetSetupEngine.dll
2017-06-03 09:51:09 2187104 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2017-06-03 09:51:02 402272 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2017-06-03 09:50:35 857440 ----a-w- C:\Windows\System32\WWAHost.exe
2017-06-03 09:50:15 381792 ----a-w- C:\Windows\System32\drivers\USBXHCI.SYS
2017-06-03 09:49:28 624048 ----a-w- C:\Windows\System32\drivers\cng.sys
2017-06-03 09:49:27 509280 ----a-w- C:\Windows\System32\drivers\storport.sys
2017-06-03 09:48:48 1100128 ----a-w- C:\Windows\System32\hvix64.exe
2017-06-03 09:48:44 1112416 ----a-w- C:\Windows\System32\AppxPackaging.dll
2017-06-03 09:48:39 989024 ----a-w- C:\Windows\System32\hvax64.exe
2017-06-03 09:48:28 857952 ----a-w- C:\Windows\System32\NetSetupEngine.dll
2017-06-03 09:48:26 148832 ----a-w- C:\Windows\System32\NetSetupApi.dll
2017-06-03 09:44:54 1412640 ----a-w- C:\Windows\SysWow64\gdi32full.dll
2017-06-03 09:44:50 545944 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2017-06-03 09:44:34 1600624 ----a-w- C:\Windows\System32\sppobjs.dll
2017-06-03 09:40:36 1566552 ----a-w- C:\Windows\System32\gdi32full.dll
2017-06-03 09:40:33 628552 ----a-w- C:\Windows\System32\fontdrvhost.exe
2017-06-03 09:39:35 2532192 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2017-06-03 09:39:09 455520 ----a-w- C:\Windows\System32\securekernel.exe
2017-06-03 09:39:04 5686272 ----a-w- C:\Windows\SysWow64\Windows.Data.Pdf.dll
2017-06-03 09:33:14 95232 ----a-w- C:\Windows\SysWow64\UserDataTimeUtil.dll
2017-06-03 09:32:12 2560 ----a-w- C:\Windows\SysWow64\tzres.dll
2017-06-03 09:31:50 37376 ----a-w- C:\Windows\SysWow64\atmlib.dll
2017-06-03 09:31:14 224256 ----a-w- C:\Windows\SysWow64\ExSMime.dll
2017-06-03 09:28:56 232448 ----a-w- C:\Windows\SysWow64\edputil.dll
2017-06-03 09:28:32 285184 ----a-w- C:\Windows\SysWow64\Windows.UI.BlockedShutdown.dll
2017-06-03 09:26:16 231936 ----a-w- C:\Windows\SysWow64\Windows.ApplicationModel.LockScreen.dll
2017-06-03 09:26:00 100352 ----a-w- C:\Windows\SysWow64\AuthBrokerUI.dll
2017-06-03 09:23:57 306688 ----a-w- C:\Windows\SysWow64\ieproxy.dll
2017-06-03 09:22:56 364544 ----a-w- C:\Windows\SysWow64\NetSetupShim.dll
2017-06-03 09:22:53 181760 ----a-w- C:\Windows\SysWow64\tcpipcfg.dll
2017-06-03 09:22:36 327168 ----a-w- C:\Windows\SysWow64\netcorehc.dll
2017-06-03 09:22:29 7217152 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
2017-06-03 09:20:21 755712 ----a-w- C:\Windows\SysWow64\kerberos.dll
2017-06-03 09:19:49 1164288 ----a-w- C:\Windows\SysWow64\certutil.exe
2017-06-03 09:18:28 22569984 ----a-w- C:\Windows\System32\edgehtml.dll
2017-06-03 09:16:30 119808 ----a-w- C:\Windows\System32\UserDataTimeUtil.dll
2017-06-03 09:16:27 709120 ----a-w- C:\Windows\SysWow64\CPFilters.dll
2017-06-03 09:16:24 2560 ----a-w- C:\Windows\System32\tzres.dll
2017-06-03 09:15:41 18364928 ----a-w- C:\Windows\SysWow64\edgehtml.dll
2017-06-03 09:15:38 53248 ----a-w- C:\Windows\System32\musdialoghandlers.dll
2017-06-03 09:15:21 886272 ----a-w- C:\Windows\SysWow64\aadtb.dll
2017-06-03 09:15:20 41472 ----a-w- C:\Windows\System32\drivers\BasicRender.sys
2017-06-03 09:14:44 124416 ----a-w- C:\Windows\System32\mssprxy.dll
2017-06-03 09:14:35 45056 ----a-w- C:\Windows\System32\atmlib.dll
2017-06-03 09:14:18 98304 ----a-w- C:\Windows\System32\MusNotificationUx.exe
2017-06-03 09:14:01 238592 ----a-w- C:\Windows\System32\MusNotification.exe
2017-06-03 09:12:49 27136 ----a-w- C:\Windows\SysWow64\fdProxy.dll
2017-06-03 09:12:28 175104 ----a-w- C:\Windows\System32\wbem\netswitchteamcim.dll
2017-06-03 09:11:56 353792 ----a-w- C:\Windows\System32\cloudAP.dll
2017-06-03 09:10:54 117760 ----a-w- C:\Windows\System32\AuthBrokerUI.dll
2017-06-03 09:10:51 252928 ----a-w- C:\Windows\System32\edputil.dll
2017-06-03 09:10:19 261120 ----a-w- C:\Windows\System32\wbem\ndisimplatcim.dll
2017-06-03 09:10:06 418304 ----a-w- C:\Windows\System32\Windows.UI.BlockedShutdown.dll
2017-06-03 09:09:57 489472 ----a-w- C:\Windows\System32\NetSetupShim.dll
2017-06-03 09:09:50 337408 ----a-w- C:\Windows\System32\NetworkBindingEngineMigPlugin.dll
2017-06-03 09:09:13 441344 ----a-w- C:\Windows\System32\netcorehc.dll
2017-06-03 09:08:28 147456 ----a-w- C:\Windows\System32\winsrv.dll
2017-06-03 09:08:27 691200 ----a-w- C:\Windows\System32\ieproxy.dll
2017-06-03 09:08:25 1221120 ----a-w- C:\Windows\SysWow64\Windows.Media.Audio.dll
2017-06-03 09:08:24 324608 ----a-w- C:\Windows\System32\Windows.ApplicationModel.LockScreen.dll
2017-06-03 09:08:23 2643968 ----a-w- C:\Windows\SysWow64\tquery.dll
2017-06-03 09:07:55 552960 ----a-w- C:\Windows\System32\MusUpdateHandlers.dll
2017-06-03 09:07:32 456192 ----a-w- C:\Windows\System32\puiobj.dll
2017-06-03 09:07:14 255488 ----a-w- C:\Windows\System32\HNetCfgClient.dll
2017-06-03 0911 198144 ----a-w- C:\Windows\System32\dpapisrv.dll
2017-06-03 0906 3664384 ----a-w- C:\Windows\SysWow64\jscript9.dll
.
============= FINISH: 23:42:38.15 ===============
mint123 is offline  
Old 07-02-2017, 08:52 AM   #3
Registered Member
 
Join Date: Jul 2017
Posts: 5
OS: windows 10



Here's the attach.txt log.
Attached Files
File Type: txt attach.txt (5.7 KB, 10 views)
mint123 is offline  
Sponsored Links
Advertisement
 
Old 07-02-2017, 08:53 AM   #4
Registered Member
 
Join Date: Jul 2017
Posts: 5
OS: windows 10



Please help.. I'm not sure whether my laptop has been infected with any viruses from this dubious website, thank you so much!
mint123 is offline  
Old 07-02-2017, 02:27 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're already receiving help here:

https://www.bleepingcomputer.com/for...acked-website/
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Website query! Has anyone Used this website?
Hi everyone, I just want to find out. I just made a purchase from the following website and it's basically a multitask utilities disk that you can create in order to boot into windows if you are having problems. The chap on the website mentiones that some antivirus products recognise what's known...
Crashburn General Computer Security 9 04-02-2011 06:28 AM
Cannot access our own website or emails
Hi I came on here a few weeks ago with a related posting (see thread here: https://www.techsupportforum.com/forums/f31/solved-internet-phone-network-issues-542784.html). Very shortly after we thought it was (SOLVED), the issue is now very much (UNSOLVED)! We are now losing business due to...
truffle32 Networking Support 9 01-28-2011 07:06 AM
Lush website hack 'exposes credit card details'
Luxury cosmetics firm Lush has ditched its UK website in response to a sustained hacking attack which left users vulnerable to credit card fraud. The firm warns that credit card details submitted to the Lush.co.uk site between 4 October and 20 January may have been compromised by the assault by...
sjb007 Computer Security News 0 01-21-2011 10:59 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:02 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts