Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects

This is a discussion on Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. Been having problems recently with Openloader ads popping up every few seconds in my bottom right corner Having problems with


Closed Thread
 
Thread Tools Search this Thread
Old 10-11-2018, 04:47 PM   #1
Registered Member
 
Join Date: Jul 2009
Posts: 33
OS: Windows 7



Been having problems recently with Openloader ads popping up every few seconds in my bottom right corner

Having problems with slower internet in general

And my google chrome homepage keeps redirecting to this weird webpage involving PDFs

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by willz at 19:42:23 on 2018-10-11
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.7851.3532 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
C:\Program Files (x86)\Avira\Antivirus\sched.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\ProgramData\KMSAutoS\bin\KMSSS.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe
C:\WINDOWS\system32\valWBFPolicyService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPNUMLKD.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
c:\windows\system32\sihost.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\PROGRA~1\Lenovo\HOTKEY\DFRCTL.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\crashpad_handler.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1808.2461.0_x64__8wekyb3d8bbwe\Calculator.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\system32\svchost.exe -k devicesflow -s DevicesFlowUserSvc
c:\windows\system32\svchost.exe -k devicesflow -s DevicePickerUserSvc
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\LPlatSvc.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uDefault_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [OneDrive] "C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [uTorrent] "C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
uRun: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe"
uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mRun: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: FilterAdministratorToken = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9d2b6da9-4e1c-4d69-b0e3-a1acccb21c30} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{bd83ffd0-76de-4659-b900-e86cd64a0637} : DHCPNameServer = 10.1.5.55 10.1.5.51
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\6496F637D284A5354554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\679667967796C6C6 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: FilterAdministratorToken = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avdevprot;avdevprot;C:\WINDOWS\System32\drivers\avdevprot.sys [2017-12-4 69656]
R0 avusbflt;avusbflt;C:\WINDOWS\System32\drivers\avusbflt.sys [2017-12-4 38048]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2017-11-28 1455552]
R0 IntelHSWPcc;IntelHSWPcc;C:\WINDOWS\System32\drivers\IntelPcc.sys [2017-11-28 88256]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-10 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2017-12-4 44488]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 googledrivefs2506;googledrivefs2506;C:\WINDOWS\System32\drivers\googledrivefs2506.sys [2018-9-5 117616]
R1 googledrivefs2534;googledrivefs2534;C:\WINDOWS\System32\drivers\googledrivefs2534.sys [2018-9-25 119760]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 SMIDriverGen;Synaptics SMI Driver;C:\WINDOWS\System32\drivers\smi.sys [2017-11-28 40176]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2910696]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2704872]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-12-4 226000]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-12-4 226000]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-3-29 83768]
R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2017-12-4 179376]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-8-17 436848]
R2 AviraOptimizerHost;Avira Optimizer Host;C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-3-9 2940584]
R2 AviraPhantomVPN;Avira Phantom VPN;C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2018-8-14 338888]
R2 AviraUpdaterService;Avira Updater Service;C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2018-9-20 102816]
R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2017-12-4 88488]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_95cd1;Connected Devices Platform User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-12-4 9680472]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-11-23 382456]
R2 KMSEmulator;KMS-host Service;C:\ProgramData\KMSAutoS\bin\KMSSS.exe [2017-12-4 301056]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2017-12-5 119584]
R2 LPlatSvc;Lenovo Platform Service;C:\WINDOWS\System32\LPlatSvc.exe [2017-11-28 711248]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-9-16 6541008]
R2 OneSyncSvc_95cd1;Sync Host_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-9-1 333296]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-10-2 259176]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2017-12-5 135456]
R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2017-12-4 339968]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2017-11-28 86544]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization;C:\WINDOWS\System32\valWbioSyncSvc.exe [2017-11-28 56848]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_95cd1;Windows Push Notifications User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2018-4-11 198144]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2018-4-11 48640]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 CM3218x;CM3218x SPB Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
R3 CPLMACPI;Capella Micro CPLMACPI Sensor Filter;C:\WINDOWS\System32\drivers\CPLMACPI.sys [2017-11-28 28136]
R3 DevicePickerUserSvc_95cd1;DevicePicker_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 DevicesFlowUserSvc_95cd1;DevicesFlow_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-8-14 2291904]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-4 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-4 47672]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d64x64.sys [2014-3-14 457496]
R3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-11-28 231944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-10-8 259360]
R3 Microsoft_Bluetooth_AvrcpTransport;Microsoft Bluetooth Avrcp Transport Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-4-11 46592]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-10-17 3530176]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_95cd1;Contact Data_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-12-4 51296]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_95cd1;User Data Storage_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_95cd1;User Data Access_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-12-4 895056]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-12-4 1148568]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 AppleKmdfFilter;Apple KMDF Filter Driver;C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [2018-4-18 20640]
S3 AppleLowerFilter;Apple Lower Filter Driver;C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-4-18 35560]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 BcastDVRUserService_95cd1;GameDVR and Broadcast User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_95cd1;Bluetooth User Support Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_95cd1;CaptureService_95cd1;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 ETDSMBus;ETDSMBus;C:\WINDOWS\System32\drivers\ETDSMBus.sys [2017-11-28 32848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_95cd1;MessagingService_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\WINDOWS\System32\drivers\netaapl64.sys [2017-11-28 32352]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 phantomtap;Phantom TAP-Windows Adapter V9;C:\WINDOWS\System32\drivers\phantomtap.sys [2017-10-25 45056]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_95cd1;PrintWorkflow_95cd1;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-10 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-10 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-8-14 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-10 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-10 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-5-19 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-08 23:10:21 259360 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-09-26 07:08:52 215328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-09-26 07:08:50 474432 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-09-26 07:08:50 29976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-09-25 2305 119760 ----a-w- C:\WINDOWS\System32\drivers\googledrivefs2534.sys
2018-09-16 23:27:10 -------- d-----w- C:\Users\willz\AppData\Local\mbam
2018-09-16 23:26:33 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-09-16 23:26:26 -------- d-----w- C:\ProgramData\Malwarebytes
2018-09-16 23:26:26 -------- d-----w- C:\Program Files\Malwarebytes
2018-09-12 22:11:59 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
.
==================== Find3M ====================
.
2018-10-10 0344 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-02 20:13:10 835152 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-10-02 20:13:10 179792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-09-21 09:23:39 257848 ----a-w- C:\WINDOWS\System32\AppVFileSystemMetadata.dll
2018-09-21 09:01:45 171520 ----a-w- C:\WINDOWS\System32\itss.dll
2018-09-21 08:12:50 150016 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2018-09-21 04:14:11 661056 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2018-09-21 04:13:06 480568 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-09-21 04:12:09 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-09-21 04:11:36 753056 ----a-w- C:\WINDOWS\System32\evr.dll
2018-09-21 04:09:49 1062920 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-09-21 04:09:45 4790160 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-09-21 04:09:23 1427968 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll
2018-09-21 04:09:18 129088 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-09-21 04:08:40 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-09-21 04:08:37 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-09-21 04:08:19 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-09-21 04:08:15 1566720 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll
2018-09-21 04:08:11 1140672 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-09-21 04:08:09 1257864 ----a-w- C:\WINDOWS\System32\winload.exe
2018-09-21 04:08:07 1456720 ----a-w- C:\WINDOWS\System32\winload.efi
2018-09-21 04:08:06 261008 ----a-w- C:\WINDOWS\System32\mfps.dll
2018-09-21 04:08:00 982600 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-09-21 04:07:51 604664 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-09-21 03:58:23 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-09-21 03:57:26 2900992 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2018-09-21 03:57:00 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-09-21 03:56:11 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2018-09-21 03:54:30 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2018-09-21 03:53:32 1006080 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2018-09-21 03:43:38 1627136 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2018-09-21 03:42:00 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-09-21 03:41:32 3396096 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-09-21 03:40:03 2368000 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2018-09-21 03:39:56 625152 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-09-21 03:39:42 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-09-21 03:39:13 1535488 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2018-09-21 03:39:12 3320320 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2018-09-21 03:38:30 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-09-21 03:38:14 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-09-21 03:37:34 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-09-21 03:37:09 1211904 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2018-09-21 03:37:07 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-09-21 03:36:59 401920 ----a-w- C:\WINDOWS\System32\rascustom.dll
2018-09-21 03:36:52 1034240 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2018-09-21 03:36:38 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-09-21 03:36:33 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2018-09-20 09:40:54 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-09-20 09:37:39 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-09-20 09:23:59 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-09-20 09:19:32 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-09-20 09:18:29 327168 ----a-w- C:\WINDOWS\System32\rdpinit.exe
2018-09-20 09:18:20 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-09-20 09:17:56 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-09-20 09:17:55 2874368 ----a-w- C:\WINDOWS\System32\themeui.dll
2018-09-20 09:17:54 1856000 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-09-20 09:17:19 463872 ----a-w- C:\WINDOWS\System32\rdpshell.exe
2018-09-20 09:16:55 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-09-20 08:46:11 1454440 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-09-20 08:35:00 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-09-20 08:29:51 2891776 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-09-20 08:29:45 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-09-20 08:29:35 2824704 ----a-w- C:\WINDOWS\SysWow64\themeui.dll
2018-09-20 08:28:18 102400 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-09-20 06:43:22 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-09-20 05:52:58 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-09-20 04:29:23 1989232 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-09-20 04:29:04 6039368 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-09-20 04:29:04 1513032 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-09-20 04:29:02 357056 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-09-20 04:29:01 6569856 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-09-20 04:28:57 1129544 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-09-20 04:28:41 581792 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-09-20 04:28:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-09-20 04:21:37 22013440 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-09-20 04:17:07 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-09-20 04:13:48 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-09-20 04:12:39 269128 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-09-20 04:12:38 272200 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-09-20 04:11:43 74240 ----a-w- C:\WINDOWS\SysWow64\dtdump.exe
2018-09-20 04:11:37 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-09-20 04:11:24 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-09-20 04:11:19 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-09-20 04:11:03 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-09-20 04:10:57 1029432 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-09-20 04:10:53 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-09-20 04:10:48 1221128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-09-20 04:10:44 566800 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-09-20 04:10:44 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-09-20 04:10:31 500536 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-09-20 04:10:13 355840 ----a-w- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
2018-09-20 04:10:03 2719032 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-09-20 04:08:52 4191232 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2018-09-20 03:53:35 25851392 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-09-20 03:44:27 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-09-20 03:44:04 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-09-20 03:43:21 52736 ----a-w- C:\WINDOWS\System32\runexehelper.exe
2018-09-20 03:42:26 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-09-20 03:42:16 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-09-20 03:42:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
.
============= FINISH: 19:42:43.63 ===============
Attached Files
File Type: txt attach.txt (6.2 KB, 8 views)
aiemgahd is offline  
Sponsored Links
Advertisement
 
Old 10-11-2018, 09:00 PM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Are you running an illegal(pirated) copy of Windows, Office, or both?
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 10-12-2018, 05:54 AM   #3
Registered Member
 
Join Date: Jul 2009
Posts: 33
OS: Windows 7



My Windows is Legal, and my Office is illegal
aiemgahd is offline  
Sponsored Links
Advertisement
 
Old 10-13-2018, 09:58 PM   #4
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Rules forbid this forum from helping users with illegal softwares installed.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to get rid of pop up ads on google chrome
Do a Ctrl+Alt+Delete and start the Task Mananger. Find your browser and do an End Task to stop just Chrome. Assuming that you have virus scanned your PC and it is clean, the pop ups are caused by code on the original pages and there is little to nothing you can do. If you need multiple...
ajamanafinest Other Operating systems 2 07-30-2015 01:13 PM
Google is Now Blocking Crapware in Search Results, Ads, and Chrome
Google is Now Blocking Crapware in Search Results, Ads, and Chrome
JMH3143 Computer Security News 1 02-26-2015 02:24 PM
Prevent Google from displaying your Name, Image in Ads & Clear Synced data in Chrome
Prevent Google from displaying your Name, Image in Ads; Clear Synced data in Chrome
JMH3143 Computer Security News 0 10-25-2013 03:03 PM
Rootkit Issue
I recently downloaded two small utility programs and they both did their job. After I had, my default browser page became isearch.babylon and tried but failed to sort that. Then my superantispyware told me "A serious rootkit was detected on your machine" message and telling me I had to reboot to...
RayCee Resolved HJT Threads 19 10-04-2012 12:27 PM
Random Audio Ads (with Google Redirect/Jump)
First, thanks to all of the generous folks out there who assist ordinary guys like me with these nasty malware problems. It is sincerely appreciated. I've had a series of viruses in the past week or so. The first was a fake Virus Alert virus that changed the desktop, installed fake icons in the...
alaskan Resolved HJT Threads 11 03-10-2011 03:48 AM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 05:08 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts