Tech Support banner

Status
Not open for further replies.
1 - 10 of 10 Posts

·
Registered
Joined
·
36 Posts
Laptop seems to run faster with better internet such as loading applications and loading speed in games. It runs agonizingly slower when on slower wifi which shouldn't be a problem in most cases right? I moved homes and have experienced different internet here although it is 100 mbps, I am getting slow run times on my laptop. It was noticeably faster back at my old home and I am wondering if it has to do with viruses. I also get popup notifications of "prizes" and such in my bottom-right corner and am not sure if it's dangerous or not.

I do not have access to a boot cd or install software.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.608 BrowserJavaVersion: 11.121.2
Run by John Kim at 13:13:34 on 2018-01-21
Microsoft Windows 10 Home 10.0.15063.0.1252.1.1033.18.6090.2562 [GMT -8:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\WINDOWS\system32\ibtsiva.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\windows\SysWOW64\UMonit64.exe
C:\Windows\RTFTrack.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\John Kim\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\System32\InstallAgentUserBroker.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\WINDOWS\system32\svchost.exe -k defragsvc
svchost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
C:\WINDOWS\system32\backgroundTaskHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -s NgcCtnrSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s XblAuthManager
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [OneDrive] "C:\Users\John Kim\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Spotify] "C:\Users\John Kim\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 209.18.47.62 209.18.47.61
TCP: Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4} : DHCPNameServer = 209.18.47.62 209.18.47.61
TCP: Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4}\46C696E6B6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4}\D6F5D616368696E616 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{7599bbc2-779f-4566-a1fe-677c7a5ad54c} : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-Run: [RtHDVBg_LENOVO_DOLBYDRAGON] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
x64-Run: [RtHDVBg_LENOVO_MICPKEY] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
x64-Run: [RtsFT] RTFTrack.exe
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.0 fr.a2dfp.net
Hosts: 0.0.0.0 m.fr.a2dfp.net
Hosts: 0.0.0.0 mfr.a2dfp.net
Hosts: 0.0.0.0 ad.a8.net
Hosts: 0.0.0.0 asy.a8ww.net
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John Kim\AppData\Roaming\Mozilla\Firefox\Profiles\fxzq9272.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search?trackid=sp-006
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\John Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\John Kim\AppData\Roaming\raidcall\plugins\nprcplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 LHDmgr;LHDmgr;C:\WINDOWS\System32\drivers\LhdX64.sys [2014-3-7 39008]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-3-15 309272]
R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2016-7-11 32088]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2014-6-9 993608]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswsp.sys [2014-6-9 548928]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-9-15 669872]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-9-4 2257016]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2014-6-9 126600]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2014-6-9 162528]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-3-15 262736]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_1449085;Connected Devices Platform User Service_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-11-16 1165368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-3-7 131544]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-6-26 155448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-7 169432]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-5-21 419304]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\WINDOWS\System32\drivers\LMIInfo.sys [2017-4-3 30432]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2015-5-29 81088]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-9-18 6234056]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-2-16 458176]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-25 1881144]
R2 OneSyncSvc_1449085;Sync Host_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-10-10 336320]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-1-20 255096]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-7-11 142752]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_1449085;Windows Push Notifications User Service_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-7-8 35600]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-3-15 7147320]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-8-8 97280]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2016-12-12 230656]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-9-27 130248]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2017-11-8 253880]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-3-18 3485696]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-4-7 56384]
R3 PimIndexMaintenanceSvc_1449085;Contact Data_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 rtsuvc;Lenovo EasyCamera;C:\WINDOWS\System32\drivers\rtsuvc.sys [2014-3-7 8876248]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-2-2 51320]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 UnistoreSvc_1449085;User Data Storage_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 UserDataSvc_1449085;User Data Access_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2017-3-18 24576]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2017-4-7 2522680]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2014-6-9 38296]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-12 39424]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_1449085;DevicesFlow_1449085;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-7-22 131712]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-8-12 177376]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_1449085;MessagingService_1449085;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-5-17 118784]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\System32\GameMon.des -service --> C:\WINDOWS\System32\GameMon.des -service [?]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-25 28216]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-3-18 891904]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-9-12 165504]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-11-21 95640]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-9-12 104960]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-8-8 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-15 757248]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-3-18 342264]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;LPA Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 wsvd;wsvd;C:\WINDOWS\System32\drivers\wsvd.sys [2014-3-7 102376]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-6-10 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xhunter1;xhunter1;C:\Windows\xhunter1.sys [2016-7-29 36808]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2017-3-18 98816]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-01-18 01:45:48 -------- d---a-w- C:\Program Files\rempl
2018-01-12 02:32:17 -------- d--h--w- C:\$WINDOWS.~BT
.
==================== Find3M ====================
.
2018-01-17 21:35:50 253880 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-01-17 01:40:05 129365736 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2017-12-21 04:35:51 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-12-21 04:35:51 177648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-12-21 00:30:07 114688 ----a-w- C:\WINDOWS\System32\LMIRfsClientNP.dll
2017-12-21 00:30:06 109024 ----a-w- C:\WINDOWS\System32\LMIinit.dll
2017-12-16 03:58:37 77432 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2017-11-30 03:33:13 1015704 ----a-w- C:\WINDOWS\System32\hvax64.exe
2017-11-30 03:33:11 1144728 ----a-w- C:\WINDOWS\System32\hvix64.exe
2017-11-30 03:33:06 38808 ----a-w- C:\WINDOWS\System32\OOBEUpdater.exe
2017-11-30 03:29:34 8319384 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-11-30 03:24:40 870896 ----a-w- C:\WINDOWS\System32\winhttp.dll
2017-11-30 03:23:56 7910960 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-11-30 03:23:54 1194248 ----a-w- C:\WINDOWS\System32\mfnetcore.dll
2017-11-30 02:59:10 23678464 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-11-30 02:58:41 702032 ----a-w- C:\WINDOWS\SysWow64\winhttp.dll
2017-11-30 02:58:02 6763128 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2017-11-30 02:57:45 1123968 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2017-11-30 02:45:42 119808 ----a-w- C:\WINDOWS\System32\UserDataTimeUtil.dll
2017-11-30 02:45:01 2560 ----a-w- C:\WINDOWS\System32\tzres.dll
2017-11-30 02:44:32 171008 ----a-w- C:\WINDOWS\System32\itss.dll
2017-11-30 02:44:25 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-11-30 02:44:23 42496 ----a-w- C:\WINDOWS\System32\drivers\vwifimp.sys
2017-11-30 02:43:57 95232 ----a-w- C:\WINDOWS\SysWow64\UserDataTimeUtil.dll
2017-11-30 02:43:47 20511232 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2017-11-30 02:43:17 2560 ----a-w- C:\WINDOWS\SysWow64\tzres.dll
2017-11-30 02:43:07 164352 ----a-w- C:\WINDOWS\System32\wscript.exe
2017-11-30 02:42:50 148992 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2017-11-30 02:42:45 80896 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2017-11-30 02:42:43 164352 ----a-w- C:\WINDOWS\System32\cscript.exe
2017-11-30 02:42:41 304640 ----a-w- C:\WINDOWS\System32\dusmsvc.dll
2017-11-30 02:42:24 1878016 ----a-w- C:\WINDOWS\System32\AzureSettingSyncProvider.dll
2017-11-30 02:42:20 100864 ----a-w- C:\WINDOWS\SysWow64\msscript.ocx
2017-11-30 02:42:14 560640 ----a-w- C:\WINDOWS\System32\iprtrmgr.dll
2017-11-30 02:41:58 414720 ----a-w- C:\WINDOWS\System32\provhandlers.dll
2017-11-30 02:41:44 222208 ----a-w- C:\WINDOWS\System32\scrobj.dll
2017-11-30 02:41:32 527360 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
2017-11-30 02:41:28 146944 ----a-w- C:\WINDOWS\SysWow64\wscript.exe
2017-11-30 02:40:50 143360 ----a-w- C:\WINDOWS\SysWow64\cscript.exe
2017-11-30 02:40:33 528384 ----a-w- C:\WINDOWS\SysWow64\iprtrmgr.dll
2017-11-30 02:40:12 585216 ----a-w- C:\WINDOWS\System32\vbscript.dll
2017-11-30 02:40:03 206336 ----a-w- C:\WINDOWS\SysWow64\scrobj.dll
2017-11-30 02:39:25 925696 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2017-11-30 02:39:25 3206656 ----a-w- C:\WINDOWS\System32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-11-30 02:39:13 2809344 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2017-11-30 02:38:43 636416 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2017-11-30 02:38:32 8195584 ----a-w- C:\WINDOWS\System32\Chakra.dll
2017-11-30 02:38:29 497152 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2017-11-30 02:38:20 684544 ----a-w- C:\WINDOWS\System32\usocore.dll
2017-11-30 02:38:11 1248768 ----a-w- C:\WINDOWS\SysWow64\AzureSettingSyncProvider.dll
2017-11-30 02:37:58 6252544 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2017-11-30 02:37:42 2859520 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2017-11-30 02:37:17 1293824 ----a-w- C:\WINDOWS\System32\aadtb.dll
2017-11-30 02:37:03 3306496 ----a-w- C:\WINDOWS\System32\wininet.dll
2017-11-30 02:36:58 5557760 ----a-w- C:\WINDOWS\System32\dbgeng.dll
2017-11-30 02:36:56 1398784 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2017-11-30 02:36:45 4726784 ----a-w- C:\WINDOWS\System32\jscript9.dll
2017-11-30 02:36:37 1019904 ----a-w- C:\WINDOWS\SysWow64\aadtb.dll
2017-11-30 02:36:34 3652096 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2017-11-30 02:34:58 4559360 ----a-w- C:\WINDOWS\SysWow64\dbgeng.dll
2017-11-22 18:32:10 114688 ----a-w- C:\WINDOWS\System32\LMIRfsClientNP.dll.000.bak
2017-11-17 09:41:36 503704 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2017-11-17 09:39:55 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-11-17 09:39:22 643200 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2017-11-17 09:31:01 223640 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2017-11-17 09:03:16 3668992 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-11-17 09:00:17 2953216 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2017-11-17 08:59:05 64512 ----a-w- C:\WINDOWS\System32\winsrv.dll
2017-11-17 08:56:32 757248 ----a-w- C:\WINDOWS\System32\drivers\WdiWiFi.sys
2017-11-02 05:20:36 543640 ----a-w- C:\WINDOWS\System32\securekernel.exe
2017-11-02 05:20:27 965016 ----a-w- C:\WINDOWS\System32\hvloader.efi
2017-11-02 05:20:21 469568 ----a-w- C:\WINDOWS\System32\wow64win.dll
2017-11-02 05:16:53 2398696 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-11-02 05:16:26 2327448 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2017-11-02 05:15:10 1239448 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2017-11-02 05:14:58 667040 ----a-w- C:\WINDOWS\System32\ci.dll
2017-11-02 05:13:39 1345600 ----a-w- C:\WINDOWS\System32\user32.dll
2017-11-02 05:13:36 2443672 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-11-02 05:13:22 95640 ----a-w- C:\WINDOWS\System32\drivers\stornvme.sys
2017-11-02 05:13:10 212888 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2017-11-02 05:13:01 546712 ----a-w- C:\WINDOWS\System32\drivers\storport.sys
2017-11-02 05:12:58 727336 ----a-w- C:\WINDOWS\System32\wer.dll
2017-11-02 05:12:55 430848 ----a-w- C:\WINDOWS\System32\bcryptprimitives.dll
2017-11-02 05:12:55 412752 ----a-w- C:\WINDOWS\System32\Faultrep.dll
2017-11-02 05:12:39 144248 ----a-w- C:\WINDOWS\System32\WerFaultSecure.exe
2017-11-02 05:12:38 319384 ----a-w- C:\WINDOWS\System32\WerFault.exe
2017-11-02 05:12:35 714648 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2017-11-02 05:12:04 38808 ----a-w- C:\WINDOWS\System32\drivers\Diskdump.sys
2017-11-02 05:12:03 654976 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2017-11-02 05:10:59 6557520 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2017-11-02 05:05:48 187800 ----a-w- C:\WINDOWS\System32\wermgr.exe
2017-11-02 05:04:20 1292360 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2017-11-02 04:49:55 1838848 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2017-11-02 04:45:57 283544 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe
2017-11-02 04:45:41 133896 ----a-w- C:\WINDOWS\SysWow64\WerFaultSecure.exe
2017-11-02 04:45:36 362144 ----a-w- C:\WINDOWS\SysWow64\Faultrep.dll
2017-11-02 04:45:25 613136 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2017-11-02 04:45:18 172952 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2017-11-02 04:45:17 354360 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2017-11-02 04:44:52 519680 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
.
============= FINISH: 13:15:21.57 ===============
 

Attachments

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I'm not seeing any sign of infection.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan
  • Once the Scan is done, select Clean
  • Once done it will ask to reboot, please allow the reboot.
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\AdwCleaner[C#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
 

·
Registered
Joined
·
36 Posts
Discussion Starter #3
Hi, thanks for replying. Adwcleaner detected some threats but they don't seem to be big.



# AdwCleaner 7.0.7.0 - Logfile created on Tue Jan 23 17:16:15 2018
# Updated on 2018/18/01 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\Default\AppData\Local\Pokki
Deleted: C:\Users\Default User\AppData\Local\Pokki
Deleted: C:\Users\Public\Pokki


***** [ Files ] *****

Deleted: C:\Users\John Kim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Pokki Menu.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{E7F854F8-D688-41EB-AF58-A77FEB0A4531}C:\users\john kim\appdata\local\popcorn time community\nw.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{1B94C2F0-F48B-46D9-A48A-D948E939F031}C:\users\john kim\appdata\local\popcorn time community\nw.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{9FFB018A-D79E-4103-BD2B-D2F7E9B83997}C:\users\john kim\appdata\local\popcorn time offical\node-webkit\popcorn time.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{90892C62-8C4F-4164-813B-8BD724E50629}C:\users\john kim\appdata\local\popcorn time offical\node-webkit\popcorn time.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{18760A4B-8A79-4028-B03C-CA02DBC893E6}C:\users\john kim\appdata\local\popcorn time community\nw.exe
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{8A7B7A78-F968-401E-BC35-415C0D813C84}C:\users\john kim\appdata\local\popcorn time community\nw.exe
Deleted: [Key] - HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\StormAlertsApp
Deleted: [Key] - HKCU\Software\StormAlertsApp
Deleted: [Key] - HKLM\SOFTWARE\MaxPower
Deleted: [Key] - HKCU\Software\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{593D67B9-3A50-EBAA-17BE-61A5EC986A22}
Deleted: [Value] - HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Pokki
Deleted: [Key] - HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\tstamptoken
Deleted: [Key] - HKCU\Software\tstamptoken
Deleted: [Key] - HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [3563 B] - [2018/1/23 17:15:5]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21.01.2018
Ran by John Kim (administrator) on JOHN (23-01-2018 09:22:11)
Running from C:\Users\John Kim\Desktop
Loaded Profiles: John Kim (Available Profiles: John Kim)
Platform: Windows 10 Home Version 1703 15063.786 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
() C:\Windows\SysWOW64\UMonit64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(hxxp://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Spotify Ltd) C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13886208 2015-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-05-21] (Realtek Semiconductor)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17111056 2014-03-07] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [193008 2014-03-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [423424 2017-04-03] (LogMeIn, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-15] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [1053144 2017-06-06] (DivX, LLC)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\...\Run: [Spotify Web Helper] => C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-03-11] (Spotify Ltd)
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\...\Run: [Spotify] => C:\Users\John Kim\AppData\Roaming\Spotify\Spotify.exe [6987376 2017-03-11] (Spotify Ltd)
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3102496 2017-10-30] (Valve Corporation)
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4}: [DhcpNameServer] 209.18.47.62 209.18.47.61
Tcpip\..\Interfaces\{7599bbc2-779f-4566-a1fe-677c7a5ad54c}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3656025934-1805325345-282951442-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> DefaultScope {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-16] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: fxzq9272.default
FF ProfilePath: C:\Users\John Kim\AppData\Roaming\Mozilla\Firefox\Profiles\fxzq9272.default [2016-06-03]
FF Homepage: Mozilla\Firefox\Profiles\fxzq9272.default -> hxxps://www.google.com/?trackid=sp-006
FF NewTab: Mozilla\Firefox\Profiles\fxzq9272.default -> about:newtab
FF SearchPlugin: C:\Users\John Kim\AppData\Roaming\Mozilla\Firefox\Profiles\fxzq9272.default\searchplugins\google-avast.xml [2016-02-23]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-07-11] [Legacy]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-07-11] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Plugin: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2017-06-05] (DivX, LLC)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @Java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-16] (Oracle Corporation)
FF Plugin-x32: @Java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @Nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @Raidcall.en/RCplugin -> C:\Users\John Kim\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-17] (Google Inc.)
FF Plugin-x32: @Videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3656025934-1805325345-282951442-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\John Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default [2018-01-23]
CHR Extension: (Docs) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-29]
CHR Extension: (YouTube) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Google Search) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (ICE Quick Stream) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpioikmjnfipgphjldakcaocbbpnfabl [2017-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-12-09]
CHR Extension: (Avast Online Security) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\John Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-09]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-15] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-15] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-06-14] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [184064 2016-12-12] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-08] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [155448 2013-09-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [419304 2017-12-20] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [525288 2017-12-20] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-05-21] (LogMeIn, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-06-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-14] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255096 2016-01-20] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-19] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [309272 2017-03-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [189768 2017-03-15] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334600 2017-03-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [48528 2017-03-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-03-15] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32088 2017-03-15] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [126600 2017-03-15] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [100640 2017-03-15] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-03-15] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [993608 2017-03-15] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [548928 2017-03-23] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [162528 2017-03-15] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [337592 2017-03-15] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R2 LMIInfo; C:\WINDOWS\system32\drivers\LMIInfo.sys [30432 2017-01-11] (LogMeIn, Inc.)
S4 LMIRfsClientNP; no ImagePath
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-23] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvltwu.inf_amd64_0221ce4ec0827f74\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-13] (NVIDIA Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51320 2016-01-20] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-07-30] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-23 09:22 - 2018-01-23 09:22 - 000023882 _____ C:\Users\John Kim\Desktop\FRST.txt
2018-01-23 09:21 - 2018-01-23 09:21 - 002393088 _____ (Farbar) C:\Users\John Kim\Desktop\FRST64.exe
2018-01-23 09:20 - 2018-01-23 09:20 - 002393088 _____ (Farbar) C:\Users\John Kim\Desktop\Unconfirmed 518734.crdownload
2018-01-23 09:19 - 2018-01-23 09:19 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2018-01-23 09:13 - 2018-01-23 09:16 - 000000000 ____D C:\AdwCleaner
2018-01-23 09:13 - 2018-01-23 09:13 - 008206624 _____ (Malwarebytes) C:\Users\John Kim\Desktop\AdwCleaner.exe
2018-01-22 12:01 - 2018-01-22 12:01 - 000000000 ____D C:\Users\John Kim\AppData\Local\D2731F.tmpd
2018-01-22 12:01 - 2018-01-22 12:01 - 000000000 _____ C:\Users\John Kim\AppData\Local\D2731F.tmp
2018-01-21 13:15 - 2018-01-21 13:15 - 000528280 _____ C:\Users\John Kim\Desktop\attach.txt
2018-01-21 13:15 - 2018-01-21 13:15 - 000045230 _____ C:\Users\John Kim\Desktop\dds.txt
2018-01-21 13:12 - 2018-01-21 13:12 - 000688992 ____R (Swearware) C:\Users\John Kim\Desktop\dds.scr
2018-01-17 17:45 - 2018-01-17 17:55 - 000000000 ____D C:\Program Files\rempl
2018-01-11 18:32 - 2018-01-11 18:33 - 000000000 ___HD C:\$WINDOWS.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-01-23 09:22 - 2015-11-21 12:13 - 000000000 ____D C:\FRST
2018-01-23 09:20 - 2015-06-22 08:26 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-01-23 09:18 - 2017-05-17 11:55 - 002520664 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-23 09:17 - 2017-11-08 15:01 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-23 09:17 - 2017-05-17 12:19 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-23 09:17 - 2016-09-12 03:13 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-23 09:17 - 2015-05-29 21:22 - 000001072 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2018-01-23 09:16 - 2017-05-17 12:01 - 000000000 ____D C:\Users\John Kim
2018-01-23 09:16 - 2017-03-18 03:40 - 001572864 _____ C:\WINDOWS\system32\config\BBI
2018-01-23 09:14 - 2017-05-17 12:19 - 000004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5200A860-A67C-42FB-B70A-E819A4714641}
2018-01-23 09:11 - 2017-05-17 11:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-23 09:11 - 2015-05-29 21:20 - 000000000 ____D C:\ProgramData\LogMeIn
2018-01-22 18:19 - 2017-06-21 14:18 - 000002488 _____ C:\Users\John Kim\Desktop\Warcraft III - TFT.lnk
2018-01-22 18:04 - 2015-07-07 08:13 - 000000000 ____D C:\Users\John Kim\AppData\Local\TSVNCache
2018-01-22 14:40 - 2017-03-18 12:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-22 12:05 - 2017-03-18 13:01 - 000000000 ____D C:\WINDOWS\INF
2018-01-22 12:01 - 2015-12-29 22:42 - 000000000 ____D C:\Users\John Kim\Desktop\Diablo II
2018-01-22 10:36 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-22 10:33 - 2015-04-26 14:13 - 000000000 ____D C:\Users\John Kim\AppData\Local\Adobe
2018-01-18 16:49 - 2017-05-16 20:40 - 000000000 ___DC C:\WINDOWS\Panther
2018-01-18 16:21 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-01-17 13:49 - 2016-01-08 11:21 - 000000000 ____D C:\Users\John Kim\AppData\Local\Battle.net
2018-01-17 13:41 - 2017-05-17 12:16 - 001513850 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-17 13:39 - 2016-01-08 11:21 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-01-17 13:01 - 2014-08-25 18:42 - 000000000 ____D C:\Program Files (x86)\Diablo III
2018-01-17 12:57 - 2016-06-17 19:33 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-01-17 12:15 - 2015-01-20 22:30 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-01-16 17:50 - 2014-06-12 14:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-16 17:40 - 2017-10-10 11:26 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-16 17:38 - 2014-06-12 14:28 - 129365736 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-09 18:01 - 2017-03-18 13:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-01-09 18:00 - 2015-08-08 15:35 - 000002283 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-09 18:00 - 2015-08-08 15:35 - 000002271 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-01-08 16:32 - 2017-03-18 03:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-08 16:25 - 2017-03-18 13:03 - 000000000 ____D C:\WINDOWS\Registration
2018-01-08 16:24 - 2017-05-17 12:27 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-01-08 16:24 - 2017-05-17 12:27 - 000011433 _____ C:\WINDOWS\diagerr.xml

==================== Files in the root of some directories =======

2017-05-08 08:39 - 2014-11-05 08:51 - 001654869 _____ (Dynu Systems Inc.) C:\ProgramData\DynuEncrypt.dll
2016-02-23 17:10 - 2017-06-11 23:31 - 000000024 _____ () C:\Users\John Kim\7A1920D61156ABC05A60135AEFE8BC67.dat
2016-02-24 08:59 - 2016-02-25 13:02 - 000000024 _____ () C:\Users\John Kim\C5998D8FBE90B7D10A4A006650E2B7A9.dat
2017-06-11 23:36 - 2017-06-12 16:06 - 000000024 _____ () C:\Users\John Kim\D94CAEC6BBCB5B40066FADF295158C57.dat
2015-05-31 14:02 - 2017-11-04 08:21 - 000001456 _____ () C:\Users\John Kim\AppData\Local\Adobe Save for Web 13.0 Prefs
2018-01-22 12:01 - 2018-01-22 12:01 - 000000000 _____ () C:\Users\John Kim\AppData\Local\D2731F.tmp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-01-22 15:23

==================== End of FRST.txt ============================
 

Attachments

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Hello h34n. Yeah, not much here.

------------------------------------------------------

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate.

Please stay with me until given the 'all clear' even if symptoms seemingly abate.

Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by a helper.

------------------------------------------------------

If there are any personal files, pics, etc. on your computer you cannot live without, back them up now just as a precaution.

http://windows.microsoft.com/en-us/windows-10/getstarted-back-up-your-files

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    Task: {DD290961-86E2-42B2-B631-566348BF5FB6} - \WPD\SqmUpload_S-1-5-21-3656025934-1805325345-282951442-1002 -> No File <==== ATTENTION
    HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> DefaultScope {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
    SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
    S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-07-30] (Wellbia.com Co., Ltd.)
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.
NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------
 

·
Registered
Joined
·
36 Posts
Discussion Starter #5
Fix result of Farbar Recovery Scan Tool (x64) Version: 21.01.2018
Ran by John Kim (23-01-2018 17:03:57) Run:1
Running from C:\Users\John Kim\Desktop
Loaded Profiles: John Kim (Available Profiles: John Kim)
Boot Mode: Normal
==============================================

fixlist content:
*****************
start
createrestorepoint:
Task: {DD290961-86E2-42B2-B631-566348BF5FB6} - \WPD\SqmUpload_S-1-5-21-3656025934-1805325345-282951442-1002 -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> DefaultScope {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
SearchScopes: HKU\S-1-5-21-3656025934-1805325345-282951442-1002 -> {A55F4D66-FF70-4AFD-BA74-871F669C8BA0} URL =
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2016-07-30] (Wellbia.com Co., Ltd.)
EmptyTemp:
end
*****************

Restore point was successfully created.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD290961-86E2-42B2-B631-566348BF5FB6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD290961-86E2-42B2-B631-566348BF5FB6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3656025934-1805325345-282951442-1002" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-3656025934-1805325345-282951442-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-3656025934-1805325345-282951442-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A55F4D66-FF70-4AFD-BA74-871F669C8BA0}" => removed successfully
HKLM\Software\Classes\CLSID\{A55F4D66-FF70-4AFD-BA74-871F669C8BA0} => key not found
"HKLM\System\CurrentControlSet\Services\xhunter1" => removed successfully
xhunter1 => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 162551444 B
Java, Flash, Steam htmlcache => 277444109 B
Windows/system/drivers => 371834147 B
Edge => 31484 B
Chrome => 832281888 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 46832 B
NetworkService => 11280 B
John Kim => 2184615721 B

RecycleBin => 0 B
EmptyTemp: => 3.6 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:08:12 ====
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Hello again, h34n. Any improvement?

------------------------------------------------------

I see you have P2P software ( BitTorrent ) installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It may be contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

A reference for the risk of these programs is here and here

I would strongly recommend that you uninstall it. You can do so via Programs and Features(right-click the Windows "logo" button > Programs and Features).

------------------------------------------------------

Your Java is out of date.

Java 8 Update 121 can be updated from the Java Control Panel(right-click the Windows "logo" button > Control Panel > (View by: Small or Large icons)) and click the Java icon(looks like a coffee cup) > Update Tab > Update Now. An update should begin; follow the prompts.

Make sure you untick the box next to whatever free program they prompt you to install, unless you want it. Also, let Java remove older versions if prompted.
  • After the install is complete, go back to your Control Panel(right-click the Windows "logo" button > Control Panel > > (Programs) ) and click the Java icon. (looks like a coffee cup)
    • On the General tab, under Temporary Internet Files, click the Settings button.
    • Next, click on the Delete Files button.
    • There are two options checked in the window to clear the cache - Leave BOTH Checked
      • Cached Applications and Applets
      • Trace and Log Files
    • Click OK on Delete Temporary Files Window.
      Note: This deletes ALL the Downloaded Cached Applications and Applets from the CACHE
    • Click OK to leave the Temporary Files Window.
    • Click OK to leave the Java Control Panel.
------------------------------------------------------

Please run this online scan to help look for remnants.

Go here and click 'SCAN NOW' under 'ESET Online Scanner' to check for remnants.
  • You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
  • Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
  • Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
  • At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
  • When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
  • Tick the option Enable detection of potentially unwanted applications
  • Click on Advanced settings
  • Make sure that the option Clean threats automatically is unticked.
  • Ensure these options are ticked:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
  • Click Scan
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Please copy/paste the contents of the log in your next reply.
  • To close ESET Online Scanner, select Do not clean then Finish
------------------------------------------------------
 

·
Registered
Joined
·
36 Posts
Discussion Starter #7
Hi, i updated my java to update 161 and the ESET scanner didn't find any threats so i assume i don't need to post anything?
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
Hello again, h34n. Yes, that's true.

------------------------------------------------------

It appears your problems are beyond malware, if you still have problems.

I suggest you seek expert advice in our Windows 10 Support Forum

Let them know you were here first, and were cleared of malware.

------------------------------------------------------

Your logs appear clean. You should be good to go.

------------------------------------------------------
  • Press the Windows "logo" key and "R" key then type cleanmgr into the Run box and click OK.
  • If prompted, select your hard drive(usually C:\) then click 'OK'.
  • You should see the scanning screenshot for a few seconds.
  • Click 'Clean up system files'
  • If prompted by UAC, then click 'Yes'.
  • If prompted, select your hard drive(usually C:\) then click 'OK'.
  • You should see the scanning screenshot again, for a few seconds up to a few minutes.
  • Click on the 'More Options' tab, and click on the 'Clean up' button under the 'System Restore and Shadow Copies' section.
  • Click/tap on the 'Delete' button in the confirm deletion window, then press 'OK'.
  • Click/tap on the 'Delete files' button in the confirm deletion window.
This will remove all but the most recent System Restore Point.

------------------------------------------------------

Please re-enable your antivirus program and any other antispyware programs disabled earlier if you haven't already.

Run AdwCleaner and go File > Uninstall > Yes

------------------------------------------------------

Press the Windows "logo" key and "R" key then copy/paste the following single-line command into the Run box and click OK:

cmd /c rd /s /q "C:\FRST"

A DOS window will open and close again, this is normal.

------------------------------------------------------

You can safely delete any tools downloaded or any logs, files, and any shortcuts on your desktop that were created during this fix.

Keep MBAM, update and run a Scan('Threat Scan' by default, or 'Scan Now' under the Dashboard tab) weekly.

Empty your Recycle Bin if it does not do so automatically.

------------------------------------------------------

SPYWARE PREVENTION
In light of your recent problem, I'm sure you'd like to avoid any future infections. Please read this well written article:
To help protect your computer in the future I recommend that you get the following free programs if you do not already have them:
  • WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware, or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:
    • Green to go
    • Yellow for caution
    • Red to stop
    WOT has an add-on available for IE, Firefox, and Chrome.
  • MVPS HOSTS FILE replaces your current HOSTS file with one that will restrict known ad sites from serving you unsolicited advertisements. It basically prevents your computer from connecting to those sites by redirecting them to 0.0.0.0, which is the IP of your local computer. See guide for Windows 8/Windows 10 here
Keep your antivirus program and antispyware programs updated and scan with them on a regular basis.

Please respond to this thread one more time so we can mark this thread as resolved.
 

·
Security Team , Moderator, Analyst , Rangemaster,
Joined
·
29,790 Posts
You're very welcome! Glad to have helped.
 
1 - 10 of 10 Posts
Status
Not open for further replies.
Top