Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Possible stealth crypto miner?

This is a discussion on Possible stealth crypto miner? within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Hello, having issues with GPU utilization, I'll be cruising along just fine and then suddenly my computer will grind to


Closed Thread
 
Thread Tools Search this Thread
Old 03-28-2018, 06:53 PM   #1
Registered Member
 
darklordryu's Avatar
 
Join Date: Jul 2006
Location: Boston
Posts: 296
OS: Winders 7

My System

Send a message via AIM to darklordryu

Hello, having issues with GPU utilization, I'll be cruising along just fine and then suddenly my computer will grind to a halt. I'll take a look at task manager and see 70-99% GPU usage from (real) client server runtime process. If I reboot it usually calms down for a bit. When it's happening, my temp spikes up. This just started a few days ago, when some other silliness started happening with windows sticky corners...

Also noticed through msinfo I'm only showing 10gb available ram out of the 16 installed

Win 10, 64 bit, nvidia titan x hybrid, drivers up to date, clean uninstall and reinstall. Ive checked for viruses but haven't been able to find anything (malwarebytes and roguekiller)

Any insight would be much appreciated

DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.16299.15 BrowserJavaVersion: 11.111.2
Run by Silent Hill at 21:44:52 on 2018-03-28
Microsoft Windows 10 Pro 10.0.16299.0.1252.1.1033.18.16329.10575 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k networkservice -s TermService
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s UmRdpService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SessionEnv
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\SysWOW64\atashost.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
C:\Program Files (x86)\Take Control Viewer\TeamViewer_Service.exe
C:\WINDOWS\SysWOW64\vmnat.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\SysWOW64\vmnetdhcp.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSvcm.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
C:\WINDOWS\system32\SettingSyncHost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Silent Hill\AppData\Local\Take Control Viewer\TakeControlRDLdr.exe
C:\Users\Silent Hill\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Silent Hill\AppData\Local\Take Control Viewer\TakeControlRDViewer.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\mspaint.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
svchost.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uSearch Bar = Google
uSearch Page = Google
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
uRun: [Discord] C:\Users\Silent Hill\AppData\Local\Discord\app-0.0.300\Discord.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [GoToAssist Remote Support Expert] "C:\Users\Silent Hill\AppData\Local\GoToAssist Remote Support Expert\1575\g2ax_start.exe" "/Trigger RunAtLogon"
uRun: [TakeControlViewerPreLoad] "C:\Users\Silent Hill\AppData\Local\Take Control Viewer\TakeControlRDLdr.exe"
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Lync] "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe" /fromrunkey
uRun: [com.squirrel.Teams.Teams] C:\Users\Silent Hill\AppData\Local\Microsoft\Teams\Update.exe --processStart "Teams.exe" --process-start-args "--system-initiated"
uRun: [OneDrive] "C:\Users\Silent Hill\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\Users\Silent Hill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: EnableSmartScreen = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b} : NameServer = 8.8.8.8
TCP: Interfaces\{341c9155-40b1-4797-a397-7627f1cf46c7} : NameServer = 8.8.8.8
TCP: Interfaces\{3d1f375e-0e5e-4a72-b85d-4701d7f8c2c3} : NameServer = 8.8.8.8
TCP: Interfaces\{de9dd525-6bd2-4e99-8aef-8abb7805dd13} : NameServer = 8.8.8.8
TCP: Interfaces\{de9dd525-6bd2-4e99-8aef-8abb7805dd13} : DHCPNameServer = 209.18.47.62 209.18.47.61
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = "" msoidssp
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\65.0.3325.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 127.0.0.1 spywareinfo.com*-*This website is for sale!*-*spywareinfo Resources and Information.
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2017-9-29 293272]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 vsock;vSockets Driver;C:\WINDOWS\System32\drivers\vsock.sys [2017-8-3 75512]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-1-24 59800]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2018-3-18 76200]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 MpKsl00597ba9;MpKsl00597ba9;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A693F506-99B1-48ED-824C-2B23B7512198}\MpKsl00597ba9.sys [2018-3-28 58120]
R2 atashost;WebEx Service Host for Support Center;C:\Windows\SysWOW64\atashost.exe [2018-2-13 159288]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_59548;Connected Devices Platform User Service_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-2-14 385536]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2018-3-6 7761584]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2017-6-29 3418024]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-5-27 419248]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2017-10-19 225400]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MbamChameleon.sys [2018-3-18 193248]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-3-18 6440736]
R2 msoidsvc;Microsoft Online Services Sign-in Assistant;C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE [2012-5-17 2079520]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-2 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-6-22 464272]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-1-27 469952]
R2 OneSyncSvc_59548;Sync Host_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2017-8-10 1776864]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2017-8-10 2131760]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2017-8-10 233936]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-3-14 519152]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\Take Control Viewer\TeamViewer_Service.exe [2016-6-29 10885360]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 VMUSBArbService;VMware USB Arbitration Service;C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2016-3-10 907968]
R2 VMwareHostd;VMware Workstation Server;C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [2016-4-14 12471368]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-3-14 147872]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_59548;Windows Push Notifications User Service_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
R3 ladfGSS;Logitech USB Surround Filter Driver (LGS);C:\WINDOWS\System32\drivers\ladfGSS.sys [2016-9-29 45192]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2016-9-29 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\WINDOWS\System32\drivers\LGJoyXlCore.sys [2016-9-29 67736]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2018-3-18 109800]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2018-3-28 45960]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-3-18 253664]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2018-3-26 101600]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-11-4 59240]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-1-18 58816]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-3-1 129568]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18022-0\NisSrv.exe [2018-3-1 356152]
S1 SRepairDrv;SRepairDrv;C:\Windows\GJFix\SRepairDrv [2016-2-7 151864]
S1 XQHDrv;BigNox Service;C:\WINDOWS\System32\drivers\XQHDrv.sys [2017-1-16 253384]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 QQRepair38a;QQRepair38a;C:\Windows\GJFix\QQRepair38a [2018-3-28 129504]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2017-9-29 126872]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2017-9-29 158616]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2017-9-29 143768]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2017-9-29 48688]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-1-8 1467912]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 DevicesFlowUserSvc_59548;DevicesFlow_59548;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-4-7 122160]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-23 774784]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 gfiark;gfiark;C:\WINDOWS\System32\drivers\gfiark.sys [2017-7-19 40584]
S3 gfiutil;gfiutil;C:\WINDOWS\System32\drivers\gfiutil.sys [2017-7-19 32400]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2016-9-29 26008]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_59548;MessagingService_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-3-14 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\System32\GameMon.des -service --> C:\WINDOWS\System32\GameMon.des -service [?]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-2 522688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-3-28 31168]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PimIndexMaintenanceSvc_59548;Contact Data_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_59548;PrintWorkflow_59548;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-1-24 4329952]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-3-14 956416]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-4-7 214832]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-3-14 103328]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-3-14 45472]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-1-24 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-3-14 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UnistoreSvc_59548;User Data Storage_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-1-24 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 UserDataSvc_59548;User Data Access_59548;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-3-14 75264]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-3-14 770048]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-2-14 225792]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2017-9-29 25088]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xhunter1;xhunter1;C:\Windows\xhunter1.sys [2016-3-3 47096]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-2-27 2257016]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-2-14 819096]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2017-9-29 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2017-9-29 1190400]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-03-29 00:25:20 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A693F506-99B1-48ED-824C-2B23B7512198}\MpKsl00597ba9.sys
2018-03-29 00:18:26 14453336 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A693F506-99B1-48ED-824C-2B23B7512198}\mpengine.dll
2018-03-29 00:14:36 -------- d--h--w- C:\OneDriveTemp
2018-03-29 00:14:21 45960 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2018-03-29 00:14:10 -------- d-----w- C:\ProgramData\TXQMPC
2018-03-28 23:21:12 -------- d-----w- C:\Users\Silent Hill\AppData\Roaming\Process Hacker 2
2018-03-28 23:17:23 28272 ----a-w- C:\WINDOWS\System32\drivers\TrueSight.sys
2018-03-28 23:15:47 -------- d-----w- C:\ProgramData\RogueKiller
2018-03-28 23:13:10 -------- d-----w- C:\Program Files\RogueKiller
2018-03-28 23:00:17 -------- d-----w- C:\Program Files\Process Hacker 2
2018-03-28 20:45:36 138120 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-03-28 20:45:28 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-03-28 18:16:02 14453336 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-03-26 18:31:50 101600 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2018-03-23 17:09:09 -------- d-----w- C:\Users\Silent Hill\AppData\Roaming\EasyAntiCheat
2018-03-23 17:08:32 -------- d-----w- C:\Users\Silent Hill\AppData\Roaming\Fatshark
2018-03-23 17:08:32 -------- d-----w- C:\Program Files (x86)\EasyAntiCheat
2018-03-21 22:59:00 1094320 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E8592C00-2F1A-4B6D-A7F0-6F090FE7EBC0}\gapaengine.dll
2018-03-20 22:45:11 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2018-03-18 14:10:24 193248 ----a-w- C:\WINDOWS\System32\drivers\MbamChameleon.sys
2018-03-18 14:10:24 109800 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
2018-03-18 14:10:18 253664 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-03-18 14:10:09 76200 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-03-06 15:36:29 -------- d-----w- C:\Program Files\Microsoft Office 15
2018-03-03 12:12:52 455856 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-03-03 12:10:48 28336 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-03-03 12:03:10 213680 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
.
==================== Find3M ====================
.
2018-03-25 16:15:34 625504 ----a-w- C:\WINDOWS\System32\NvIFROpenGL.dll
2018-03-25 16:15:32 516024 ----a-w- C:\WINDOWS\SysWow64\NvIFROpenGL.dll
2018-03-25 16:15:30 998424 ----a-w- C:\WINDOWS\System32\NvIFR64.dll
2018-03-25 16:15:26 950016 ----a-w- C:\WINDOWS\SysWow64\NvIFR.dll
2018-03-25 16:14:42 1138720 ----a-w- C:\WINDOWS\System32\NvFBC64.dll
2018-03-25 16:14:38 1065888 ----a-w- C:\WINDOWS\SysWow64\NvFBC.dll
2018-03-25 16:14:36 1683712 ----a-w- C:\WINDOWS\System32\nvdispgenco6439135.dll
2018-03-25 16:14:34 1985112 ----a-w- C:\WINDOWS\System32\nvdispco6439135.dll
2018-03-25 16:14:24 749312 ----a-w- C:\WINDOWS\System32\nvDecMFTMjpeg.dll
2018-03-25 16:14:22 608344 ----a-w- C:\WINDOWS\SysWow64\nvDecMFTMjpeg.dll
2018-03-25 16:14:16 4318112 ----a-w- C:\WINDOWS\System32\nvcuvid.dll
2018-03-25 16:14:14 3719096 ----a-w- C:\WINDOWS\SysWow64\nvcuvid.dll
2018-03-25 16:13:58 40278608 ----a-w- C:\WINDOWS\System32\nvcompiler.dll
2018-03-25 16:13:50 35188992 ----a-w- C:\WINDOWS\SysWow64\nvcompiler.dll
2018-03-25 16:12:56 473960 ----a-w- C:\WINDOWS\System32\drivers\NVIDIA Corporation\Drs\dbInstaller.exe
2018-03-25 16:10:06 13571520 ----a-w- C:\WINDOWS\System32\nvptxJitCompiler.dll
2018-03-25 16:10:00 11132384 ----a-w- C:\WINDOWS\SysWow64\nvptxJitCompiler.dll
2018-03-25 16:09:54 19855144 ----a-w- C:\WINDOWS\System32\nvopencl.dll
2018-03-25 16:09:48 16496776 ----a-w- C:\WINDOWS\SysWow64\nvopencl.dll
2018-03-25 16:09:40 633040 ----a-w- C:\WINDOWS\System32\nvmcumd.dll
2018-03-25 16:09:28 1153744 ----a-w- C:\WINDOWS\System32\nvfatbinaryLoader.dll
2018-03-25 16:09:24 902096 ----a-w- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
2018-03-25 16:09:22 811808 ----a-w- C:\WINDOWS\System32\nvEncodeAPI64.dll
2018-03-25 16:09:18 650232 ----a-w- C:\WINDOWS\SysWow64\nvEncodeAPI.dll
2018-03-25 16:09:16 1355216 ----a-w- C:\WINDOWS\System32\nvEncMFThevc.dll
2018-03-25 16:09:14 1067560 ----a-w- C:\WINDOWS\SysWow64\nvEncMFThevc.dll
2018-03-25 16:09:10 1346128 ----a-w- C:\WINDOWS\System32\nvEncMFTH264.dll
2018-03-25 16:09:08 1061352 ----a-w- C:\WINDOWS\SysWow64\nvEncMFTH264.dll
2018-03-25 16:08:28 12967056 ----a-w- C:\WINDOWS\System32\nvcuda.dll
2018-03-25 16:08:24 11001504 ----a-w- C:\WINDOWS\SysWow64\nvcuda.dll
2018-03-25 16:08:20 4633920 ----a-w- C:\WINDOWS\System32\nvapi64.dll
2018-03-25 16:08:16 3939624 ----a-w- C:\WINDOWS\SysWow64\nvapi.dll
2018-03-24 01:19:20 58816 ----a-w- C:\WINDOWS\System32\drivers\nvvhci.sys
2018-03-23 23:50:31 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2018-03-23 23:02:21 5952392 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2018-03-23 23:02:21 2596320 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2018-03-23 23:02:19 83072 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2018-03-23 23:02:19 633224 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2018-03-23 23:02:19 451040 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2018-03-23 23:02:19 1767824 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2018-03-23 23:02:19 123840 ----a-w- C:\WINDOWS\System32\nvshext.dll
2018-03-21 11:22:32 8114212 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2018-03-14 13:05:49 2480064 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2018-03-14 13:05:49 2137024 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2018-03-14 13:05:48 1310144 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2018-03-14 12:44:54 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-03-14 04:19:24 130364688 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-03-14 04:18:38 140800 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-03-14 04:18:38 106496 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2018-03-05 06:18:28 189784 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2018-03-05 06:18:28 152408 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2018-03-02 21:09:11 834552 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-03-02 21:09:11 179704 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-03-02 03:36:30 17085440 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-03-02 03:02:48 37888 ----a-w- C:\WINDOWS\System32\SpectrumSyncClient.dll
2018-03-02 03:01:11 640000 ----a-w- C:\WINDOWS\System32\HeadTrackerStorage.dll
2018-03-02 03:00:47 230912 ----a-w- C:\WINDOWS\System32\HoloShellRuntime.dll
2018-03-02 03:00:43 248320 ----a-w- C:\WINDOWS\System32\svf.dll
2018-03-02 03:00:05 329728 ----a-w- C:\WINDOWS\System32\Windows.Internal.Feedback.Analog.dll
2018-03-02 02:59:44 956416 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-03-01 20:28:57 181760 ----a-w- C:\WINDOWS\SysWow64\HoloShellRuntime.dll
2018-03-01 11:22:41 46072 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-03-01 11:22:41 288296 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-03-01 11:22:41 129568 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-03-01 07:50:57 270744 ----a-w- C:\WINDOWS\System32\acmigration.dll
2018-03-01 07:49:36 389536 ----a-w- C:\WINDOWS\System32\invagent.dll
2018-03-01 07:48:13 664472 ----a-w- C:\WINDOWS\System32\aeinv.dll
2018-03-01 07:47:37 35224 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2018-03-01 07:47:09 749464 ----a-w- C:\WINDOWS\System32\generaltel.dll
2018-03-01 07:46:56 609176 ----a-w- C:\WINDOWS\System32\devinv.dll
2018-03-01 07:46:38 138144 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2018-03-01 07:46:27 2003352 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2018-03-01 07:46:09 1568664 ----a-w- C:\WINDOWS\System32\appraiser.dll
2018-03-01 07:45:12 70040 ----a-w- C:\WINDOWS\System32\win32appinventorycsp.dll
2018-03-01 07:40:10 2514936 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2018-03-01 07:40:01 461720 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-03-01 07:40:01 273304 ----a-w- C:\WINDOWS\System32\aepic.dll
2018-03-01 07:37:00 7831760 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-03-01 07:31:11 8602520 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-03-01 07:30:56 264040 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-03-01 07:30:52 540064 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-03-01 07:29:31 733592 ----a-w- C:\WINDOWS\System32\drivers\acpi.sys
2018-03-01 07:27:48 1173576 ----a-w- C:\WINDOWS\System32\rpcrt4.dll
2018-03-01 07:26:21 170912 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-03-01 07:25:34 377752 ----a-w- C:\WINDOWS\System32\drivers\msrpc.sys
2018-03-01 07:23:29 749976 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2018-03-01 07:19:40 710768 ----a-w- C:\WINDOWS\System32\MSVideoDSP.dll
2018-03-01 07:17:39 519152 ----a-w- C:\WINDOWS\System32\SecurityHealthService.exe
2018-03-01 07:17:39 408984 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2018-03-01 07:15:28 2574232 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-03-01 07:14:53 5105664 ----a-w- C:\WINDOWS\System32\AuthFWSnapin.dll
2018-03-01 07:14:51 128928 ----a-w- C:\WINDOWS\System32\offlinelsa.dll
2018-03-01 07:14:49 356952 ----a-w- C:\WINDOWS\System32\wintrust.dll
2018-03-01 07:14:45 147872 ----a-w- C:\WINDOWS\System32\drivers\wcifs.sys
2018-03-01 07:14:37 7384576 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-03-01 07:14:32 7675784 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-03-01 07:14:13 1694224 ----a-w- C:\WINDOWS\System32\winmde.dll
2018-03-01 07:12:41 250264 ----a-w- C:\WINDOWS\System32\offlinesam.dll
2018-03-01 07:12:38 677272 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-03-01 07:12:07 189344 ----a-w- C:\WINDOWS\System32\SecurityHealthAgent.dll
.
============= FINISH: 21:45:19.11 ===============
darklordryu is offline  
Sponsored Links
Advertisement
 
Old 03-31-2018, 02:36 PM   #2
Registered Member
 
darklordryu's Avatar
 
Join Date: Jul 2006
Location: Boston
Posts: 296
OS: Winders 7

My System

Send a message via AIM to darklordryu

can disregard,im no longer able to get into the pc through the video card anymore. I opened it up and some rubber strips inside melted onto the board and messed it all up. heres to hoping nvidia is cool about honoring warrantys
darklordryu is offline  
Old 04-01-2018, 05:59 PM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Thanks for letting us know.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
VPN issues CISCO
Hello all. I recently switched providers and I am having trouble accessing the internet network from VPN. Any suggestions?
mrw5641 Networking Support 146 11-20-2015 10:06 AM
Cisco ASA 5505 IPSEC tunnel
have to sites with 5505 IPSEC tunnel will come up but no traffic will come across. need some fresh eyes to see what I'm not. Site A interface Vlan1 nameif inside security-level 100 ip address 192.168.10.1 255.255.255.0 ! interface Vlan2 nameif outside
Brockland Protocols and Routing 0 09-11-2014 05:58 AM
ASA 5505, Help Please!
I have been fighting with this ASA 5505 for a few weeks now. I am trying to integrate this firewall to replace a sonicwall. I attempted to make the transition this morning and everything worked great UNTIL I tried to VPN. I can establish a connection but I am unable to ping anything within...
gbailey Security and Firewalls 0 12-13-2012 11:15 AM
Cisco Site - TO - Site VPN -- issue
Dear All; I have problem with the Lan-to-Lan VPN tunnel. the VPN working fines since 9 months ago without any problems. Suddenly got the problem! In last two days we faced problem the VPN down. in first time the problem in phase-2.. but after that in phase-1... in latest no data packet...
mazenkl Security and Firewalls 1 02-15-2012 07:01 AM
users unable to access the internet
Hello all, I am new to the whole ASA thing, so sorry for the newbe questions. We have a remote site that is connected via VPN tunnel. The site have an IP change and I have to change the ASA. I was able to reconnect the sites and seems to be working well. However no one at the remote site can...
KingCasull Security and Firewalls 0 02-17-2011 05:40 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 07:08 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts