EN

The BullGuard products and services are part of NortonLifeLock Inc., a global leader in consumer Cyber Safety with a portofolio of brands including Norton, Avira and more. Learn more at NortonLifeLock.com

FORUMS

SEARCH FORUM

any infections??

Posted 4/20/2018 7:36 PM
#130000
User avatar

wafu Advanced member

Date Joined Nov 2016
Total Posts: 50
hi all, yesterday i re installed bullguard due to a slowing starting anti-virus plug-in, somehow i did not notice that there was no working firewall!! stating i had to upgrade my suscription to use the feature, i only noticed it late this afternoon so pc been without a firewall for best part of 4 hrs over yesterday & today, have ran scans & logs are below but is anything hiding??



Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 5:58:40 PM, on 20-Apr-18

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.16299.0371)





Boot mode: Normal



Running processes:

C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe

C:\Users\user\Desktop\dads stuff\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=

O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s

O4 - HKCU\..\Run: [OneDrive] "C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')

O9 - Extra button: Report to BullGuard - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\IE\BGAntiphishingIE.dll

O9 - Extra button: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\WINDOWS\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\WINDOWS\WindowsMobile\INetRepl.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BullGuard scanning service (BsScanner) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

O23 - Service: BullGuard Sentry Engine (BsSentry) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BsSentry.exe

O23 - Service: BullGuard update service (BsUpdate) - BullGuard Ltd. - C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)



--

Malwarebytes

www.malwarebytes.com



-Log Details-

Scan Date: 4/20/18

Scan Time: 6:19 PM

Log File: ffccba0e-44be-11e8-a537-001cc02e8281.json

Administrator: Yes



-Software Information-

Version: 3.4.5.2467

Components Version: 1.0.342

Update Package Version: 1.0.4816

License: Trial



-System Information-

OS: Windows 10 (Build 16299.371)

CPU: x64

File System: NTFS

User: sueian\user



-Scan Summary-

Scan Type: Threat Scan

Scan Initiated By: Manual

Result: Completed

Objects Scanned: 289410

Threats Detected: 0

(No malicious items detected)

Threats Quarantined: 0

(No malicious items detected)

Time Elapsed: 11 min, 28 sec



-Scan Options-

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Detect

PUM: Detect



-Scan Details-

Process: 0

(No malicious items detected)



Module: 0

(No malicious items detected)



Registry Key: 0

(No malicious items detected)



Registry Value: 0

(No malicious items detected)



Registry Data: 0

(No malicious items detected)



Data Stream: 0

(No malicious items detected)



Folder: 0

(No malicious items detected)



File: 0

(No malicious items detected)



Physical Sector: 0

(No malicious items detected)





(end)





(end)DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.16299.371

Run by user at 17:09:10 on 2018-04-20

Microsoft Windows 10 Pro  10.0.16299.0.1252.44.1033.18.4016.1382 [GMT 1:00]

.

AV: BullGuard Antivirus *Enabled/Updated* {13E9CAA5-762A-794E-2DA9-245D5622A105}

AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: BullGuard Antispyware *Enabled/Updated* {A8882B41-5010-76C0-1719-1F2F2DA5EBB8}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay

C:\WINDOWS\system32\fontdrvhost.exe

C:\WINDOWS\system32\fontdrvhost.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p

c:\windows\system32\svchost.exe -k rpcss -p

c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM

C:\WINDOWS\system32\dwm.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService

c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog

c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager

c:\windows\system32\svchost.exe -k localservice -p -s nsi

c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc

C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

c:\windows\system32\svchost.exe -k bullguard_main -s BsMain

C:\Windows\System32\WUDFHost.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain

c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s CscService

c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc

C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

c:\windows\system32\svchost.exe -k localservice -p -s netprofm

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder

c:\windows\system32\svchost.exe -k localservice -p -s FontCache

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p

c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p

c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc

c:\windows\system32\svchost.exe -k netsvcs

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc

C:\WINDOWS\System32\spoolsv.exe

c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation

c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt

c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

c:\windows\system32\svchost.exe -k bullguard -s BsFileScan

c:\windows\system32\svchost.exe -k bullguard_proxy -s BsMailProxy

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe

C:\Program Files\BullGuard Ltd\BullGuard\BsSentry.exe

C:\WINDOWS\System32\svchost.exe -k utcsvc -p

c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT

c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe

c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService

c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv

c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService

c:\windows\system32\sihost.exe

c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc

C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService

c:\windows\system32\taskhostw.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

C:\Windows\System32\RuntimeBroker.exe

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc

C:\Windows\System32\RuntimeBroker.exe

c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager

C:\WINDOWS\system32\SearchIndexer.exe

C:\Program Files\Windows Defender\MSASCuiL.exe

C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc

C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe

c:\windows\system32\svchost.exe -k windowsmobile -s RapiMgr

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k unistacksvcgroup

C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe

c:\program files\bullguard ltd\bullguard\BgGameMon.exe

C:\WINDOWS\system32\ApplicationFrameHost.exe

C:\Program Files\WindowsApps\Microsoft.WindowsStore_11803.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Windows\System32\RuntimeBroker.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc

C:\Windows\System32\SystemSettingsBroker.exe

c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18022.15810.1000_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\System32\smartscreen.exe

C:\WINDOWS\system32\AUDIODG.EXE

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc

C:\WINDOWS\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts

svchost.exe

C:\Users\user\Desktop\dads stuff\BullGuardDownloader.exe

C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uRun: [OneDrive] "C:\Users\user\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

mRun: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s

mPolicies-System: DSCAutomationHostEnabled = dword:2

mPolicies-System: EnableFullTrustStartupTasks = dword:2

mPolicies-System: EnableUwpStartupTasks = dword:2

mPolicies-System: SupportFullTrustStartupTasks = dword:1

mPolicies-System: SupportUwpStartupTasks = dword:1

IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Files32\Antiphishing\IE\BGAntiphishingIE.dll

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{06736DE9-2AE7-4D05-9C6C-F2261B88BF18} : DHCPNameServer = 192.168.2.1

Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

SSODL: WebCheck - <orphaned>

CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll

x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe

x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe

x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe

x64-Run: [Windows Mobile Device Center] C:\WINDOWS\WindowsMobile\wmdc.exe

x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

x64-Run: [BullGuard] "C:\Program Files\BullGuard Ltd\BullGuard\BullGuardTray.exe" -boot

x64-mPolicies-System: DSCAutomationHostEnabled = dword:2

x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2

x64-mPolicies-System: EnableUwpStartupTasks = dword:2

x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1

x64-mPolicies-System: SupportUwpStartupTasks = dword:1

x64-IE: {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - {27FD17FB-CF63-486b-B2BE-8D8781CBEA01} - c:\program files\bullguard ltd\bullguard\Antiphishing\IE\BGAntiphishingIE.dll

x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll

x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall

x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U

x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\qnh749iq.default\

FF - prefs.js: browser.startup.homepage - hxxp://192.168.2.1/index.htm

.

============= SERVICES / DRIVERS ===============

.

R0 BdNet;BullGuard Network Filter;C:\WINDOWS\System32\drivers\BdNet.sys [2017-8-25 155568]

R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]

R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]

R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2017-9-29 293272]

R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]

R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 71208]

R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]

R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]

R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 240640]

R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 59808]

R1 BdAgent;BullGuard Security Agent;C:\WINDOWS\System32\drivers\BdAgent.sys [2017-9-16 174744]

R1 BdSentry;BullGuard Security Engine;C:\WINDOWS\System32\drivers\BdSentry.sys [2017-12-18 86384]

R1 BdSpy;BdSpy;C:\WINDOWS\System32\drivers\BdSpy.sys [2017-8-25 94952]

R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2018-3-23 76192]

R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]

R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]

R1 MpKsla1673f2c;MpKsla1673f2c;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F363D5C7-4315-4674-8935-9827FFF25A7B}\MpKsla1673f2c.sys [2018-4-20 58120]

R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-3-14 83768]

R2 BsFileScan;BullGuard on-access service;C:\WINDOWS\System32\SvcHost.exe -k BullGuard [2017-9-29 48688]

R2 BsMailProxy;BullGuard e-mail monitoring service;C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Proxy [2017-9-29 48688]

R2 BsMain;BullGuard Main Service;C:\WINDOWS\System32\SvcHost.exe -k BullGuard_Main [2017-9-29 48688]

R2 BsScanner;BullGuard scanning service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [2018-4-19 316856]

R2 BsSentry;BullGuard Sentry Engine;C:\Program Files\BullGuard Ltd\BullGuard\BsSentry.exe [2018-4-19 454072]

R2 BsUpdate;BullGuard update service;C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [2018-4-19 471992]

R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

R2 CDPUserSvc_3ff5c;Connected Devices Platform User Service_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-2-16 385536]

R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]

R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]

R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]

R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MbamChameleon.sys [2018-4-11 193768]

R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-1-12 6479136]

R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-1-8 462968]

R2 OneSyncSvc_3ff5c;Sync Host_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-3-13 519152]

R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 79872]

R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 147872]

R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R2 WpnUserService_3ff5c;Windows Push Notifications User Service_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]

R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2018-4-11 112864]

R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2018-4-11 44768]

R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-4-11 253664]

R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2018-4-11 102112]

R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]

R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]

R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-4-13 60456]

R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17613.18039-0\NisSrv.exe [2018-4-13 4633248]

R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]

S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]

S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]

S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]

S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]

S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]

S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2017-9-29 126872]

S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2017-9-29 158616]

S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2017-9-29 143768]

S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]

S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2017-9-29 48688]

S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]

S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]

S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]

S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]

S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]

S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]

S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]

S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]

S3 DevicesFlowUserSvc_3ff5c;DevicesFlow_3ff5c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]

S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]

S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]

S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]

S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]

S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]

S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]

S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]

S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]

S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]

S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]

S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]

S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]

S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]

S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]

S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]

S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]

S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]

S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]

S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]

S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]

S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]

S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]

S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]

S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]

S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]

S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]

S3 MessagingService_3ff5c;MessagingService_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]

S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]

S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]

S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 192512]

S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]

S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]

S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]

S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 PimIndexMaintenanceSvc_3ff5c;Contact Data_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]

S3 PrintWorkflowUserSvc_3ff5c;PrintWorkflow_3ff5c;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]

S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]

S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]

S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]

S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]

S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]

S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]

S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]

S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]

S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-1-10 4329952]

S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]

S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]

S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 smbdirect;smbdirect;C:\WINDOWS\System32\drivers\smbdirect.sys [2017-9-29 151552]

S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]

S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]

S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-4-11 956416]

S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]

S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-3-9 103328]

S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-3-9 45472]

S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]

S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-1-10 114688]

S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]

S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-3-9 57344]

S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]

S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]

S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]

S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]

S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]

S3 UnistoreSvc_3ff5c;User Data Storage_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]

S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-1-10 60824]

S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]

S3 UserDataSvc_3ff5c;User Data Access_3ff5c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]

S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]

S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]

S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]

S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 75264]

S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-3-13 770048]

S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]

S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]

S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]

S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 225792]

S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]

S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]

S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]

S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]

S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-4-11 819104]

S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2017-9-29 40344]

S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2017-9-29 1190400]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]

.

=============== Created Last 30 ================

.

2018-04-20 16:01:02    --------    d-----w-    C:\Users\user\AppData\Local\AvgSetupLog

2018-04-20 16:01:02    --------    d-----w-    C:\Users\user\AppData\Local\Avg

2018-04-20 13:21:05    58120    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F363D5C7-4315-4674-8935-9827FFF25A7B}\MpKsla1673f2c.sys

2018-04-20 08:01:05    14575456    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F363D5C7-4315-4674-8935-9827FFF25A7B}\mpengine.dll

2018-04-19 18:34:05    171272    ----a-w-    C:\WINDOWS\System32\BgGamingMonitor.dll

2018-04-19 18:34:05    152208    ----a-w-    C:\WINDOWS\SysWow64\BgGamingMonitor.dll

2018-04-19 18:33:58    76728    ----a-w-    C:\WINDOWS\System32\BGLsp.dll

2018-04-19 18:33:58    61880    ----a-w-    C:\WINDOWS\SysWow64\BGLsp.dll

2018-04-19 18:23:33    --------    d-----w-    C:\Program Files\Common Files\AV

2018-04-19 18:20:27    --------    d-----w-    C:\Program Files\BullGuard Ltd

2018-04-19 18:01:42    14558320    ------w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll

2018-04-13 09:51:30    467040    ----a-w-    C:\WINDOWS\System32\drivers\Trufos.sys

2018-04-12 08:19:54    835064    ----a-w-    C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2018-04-12 08:19:54    179704    ----a-w-    C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2018-04-11 19:16:59    8031744    ----a-w-    C:\WINDOWS\System32\Windows.Data.Pdf.dll

2018-04-11 19:15:59    819104    ----a-w-    C:\WINDOWS\System32\AppVClient.exe

2018-04-11 19:14:59    8192    ----a-w-    C:\WINDOWS\System32\drivers\gpuenergydrv.sys

2018-04-11 05:43:51    44768    ----a-w-    C:\WINDOWS\System32\drivers\mbam.sys

2018-04-11 05:43:41    193768    ----a-w-    C:\WINDOWS\System32\drivers\MbamChameleon.sys

2018-04-11 05:43:41    112864    ----a-w-    C:\WINDOWS\System32\drivers\farflt.sys

2018-04-11 05:43:41    102112    ----a-w-    C:\WINDOWS\System32\drivers\mwac.sys

2018-04-11 05:43:31    253664    ----a-w-    C:\WINDOWS\System32\drivers\mbamswissarmy.sys

2018-03-31 04:04:35    --------    d-----w-    C:\Program Files\iPod

2018-03-31 04:03:40    --------    d-----w-    C:\Program Files\iTunes

2018-03-29 09:59:32    --------    d-----w-    C:\Users\user\.android

2018-03-23 15:41:34    76192    ----a-w-    C:\WINDOWS\System32\drivers\mbae64.sys

2018-03-22 09:05:13    1094320    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{40AA84A1-753E-494F-929A-8571EE64157E}\gapaengine.dll

.

==================== Find3M  ====================

.

2018-04-19 18:33:28    86384    ----a-w-    C:\WINDOWS\System32\drivers\BdSentry.sys

2018-04-13 09:40:42    60456    ----a-w-    C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys

2018-04-13 09:40:42    46072    ----a-w-    C:\WINDOWS\System32\drivers\wd\WdBoot.sys

2018-04-13 09:40:42    311848    ----a-w-    C:\WINDOWS\System32\drivers\wd\WdFilter.sys

2018-04-11 19:24:04    169472    ----a-w-    C:\WINDOWS\System32\wuuhosdeployment.dll

2018-04-11 18:23:54    136971704    -c--a-w-    C:\WINDOWS\System32\MRT-KB890830.exe

2018-03-30 12:34:45    956416    ----a-w-    C:\WINDOWS\System32\Spectrum.exe

2018-03-30 05:18:40    1092008    ----a-w-    C:\WINDOWS\System32\winresume.efi

2018-03-30 05:14:12    423320    ----a-w-    C:\WINDOWS\System32\invagent.dll

2018-03-30 05:12:57    75168    ----a-w-    C:\WINDOWS\System32\drivers\vpci.sys

2018-03-30 05:12:53    270208    ----a-w-    C:\WINDOWS\System32\LsaIso.exe

2018-03-30 05:12:49    599448    ----a-w-    C:\WINDOWS\System32\securekernel.exe

2018-03-30 05:10:17    924648    ----a-w-    C:\WINDOWS\System32\winresume.exe

2018-03-30 05:08:35    1415296    ----a-w-    C:\WINDOWS\System32\winload.efi

2018-03-30 05:08:33    137112    ----a-w-    C:\WINDOWS\System32\CompatTelRunner.exe

2018-03-30 05:08:26    2513920    ----a-w-    C:\WINDOWS\System32\KernelBase.dll

2018-03-30 05:08:10    1568160    ----a-w-    C:\WINDOWS\System32\appraiser.dll

2018-03-30 05:07:38    300448    ----a-w-    C:\WINDOWS\System32\acmigration.dll

2018-03-30 05:07:08    69528    ----a-w-    C:\WINDOWS\System32\win32appinventorycsp.dll

2018-03-30 05:06:25    166304    ----a-w-    C:\WINDOWS\System32\drivers\partmgr.sys

2018-03-30 05:06:23    53152    ----a-w-    C:\WINDOWS\System32\drivers\pcw.sys

2018-03-30 05:05:37    1056152    ----a-w-    C:\WINDOWS\System32\hvax64.exe

2018-03-30 05:05:30    1206688    ----a-w-    C:\WINDOWS\System32\hvix64.exe

2018-03-30 05:05:23    191824    ----a-w-    C:\WINDOWS\System32\skci.dll

2018-03-30 05:05:22    73120    ----a-w-    C:\WINDOWS\System32\drivers\hvservice.sys

2018-03-30 05:05:22    66720    ----a-w-    C:\WINDOWS\System32\iumcrypt.dll

2018-03-30 05:05:18    20888    ----a-w-    C:\WINDOWS\System32\kdhvcom.dll

2018-03-30 05:05:17    748448    ----a-w-    C:\WINDOWS\System32\generaltel.dll

2018-03-30 05:05:17    59808    ----a-w-    C:\WINDOWS\System32\hvhostsvc.dll

2018-03-30 05:05:17    35744    ----a-w-    C:\WINDOWS\System32\SDFHost.dll

2018-03-30 05:05:16    22208    ----a-w-    C:\WINDOWS\System32\IumSdk.dll

2018-03-30 05:05:15    22800    ----a-w-    C:\WINDOWS\System32\iumbase.dll

2018-03-30 05:05:11    15632    ----a-w-    C:\WINDOWS\System32\iumdll.dll

2018-03-30 05:04:47    608160    ----a-w-    C:\WINDOWS\System32\devinv.dll

2018-03-30 05:04:30    35224    ----a-w-    C:\WINDOWS\System32\DeviceCensus.exe

2018-03-30 05:04:22    2002336    ----a-w-    C:\WINDOWS\System32\aitstatic.exe

2018-03-30 05:02:23    128416    ----a-w-    C:\WINDOWS\System32\drivers\tm.sys

2018-03-30 05:01:49    8600480    ----a-w-    C:\WINDOWS\System32\ntoskrnl.exe

2018-03-30 05:01:38    649304    ----a-w-    C:\WINDOWS\System32\advapi32.dll

2018-03-30 05:01:36    1209760    ----a-w-    C:\WINDOWS\System32\winload.exe

2018-03-30 05:01:29    571288    ----a-w-    C:\WINDOWS\System32\drivers\spaceport.sys

2018-03-30 05:01:02    34208    ----a-w-    C:\WINDOWS\System32\drivers\fs_rec.sys

2018-03-30 05:00:30    94104    ----a-w-    C:\WINDOWS\System32\drivers\disk.sys

2018-03-30 05:00:27    2395040    ----a-w-    C:\WINDOWS\System32\drivers\ntfs.sys

2018-03-30 05:00:10    103320    ----a-w-    C:\WINDOWS\System32\drivers\mountmgr.sys

2018-03-30 04:59:13    82840    ----a-w-    C:\WINDOWS\System32\drivers\volmgr.sys

2018-03-30 04:59:12    398744    ----a-w-    C:\WINDOWS\System32\drivers\fltMgr.sys

2018-03-30 04:58:44    898216    ----a-w-    C:\WINDOWS\System32\CoreMessaging.dll

2018-03-30 04:58:42    39328    ----a-w-    C:\WINDOWS\System32\drivers\storvsc.sys

2018-03-30 04:58:16    129432    ----a-w-    C:\WINDOWS\System32\drivers\hvsocket.sys

2018-03-30 04:57:54    121248    ----a-w-    C:\WINDOWS\System32\drivers\tdx.sys

2018-03-30 04:57:53    1173576    ----a-w-    C:\WINDOWS\System32\rpcrt4.dll

2018-03-30 04:57:47    540064    ----a-w-    C:\WINDOWS\System32\pcasvc.dll

2018-03-30 04:57:44    109976    ----a-w-    C:\WINDOWS\System32\drivers\vmbus.sys

2018-03-30 04:57:23    711944    ----a-w-    C:\WINDOWS\System32\ci.dll

2018-03-30 04:57:03    31640    ----a-w-    C:\WINDOWS\System32\drivers\winhv.sys

2018-03-30 04:57:02    81304    ----a-w-    C:\WINDOWS\System32\drivers\vmbkmcl.sys

2018-03-30 04:56:15    18680    ----a-w-    C:\WINDOWS\System32\wshhyperv.dll

2018-03-30 04:55:50    367344    ----a-w-    C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll

2018-03-30 04:55:43    62880    ----a-w-    C:\WINDOWS\System32\drivers\fsdepends.sys

2018-03-30 04:54:22    2574240    ----a-w-    C:\WINDOWS\System32\drivers\dxgkrnl.sys

2018-03-30 04:54:20    749984    ----a-w-    C:\WINDOWS\System32\drivers\dxgmms2.sys

2018-03-30 04:54:18    408992    ----a-w-    C:\WINDOWS\System32\drivers\dxgmms1.sys

2018-03-30 04:54:09    645536    ----a-w-    C:\WINDOWS\System32\AppVPublishing.dll

2018-03-30 04:54:08    670112    ----a-w-    C:\WINDOWS\System32\AppVCatalog.dll

2018-03-30 04:54:04    461728    ----a-w-    C:\WINDOWS\System32\wifitask.exe

2018-03-30 04:53:59    831392    ----a-w-    C:\WINDOWS\System32\AppVOrchestration.dll

2018-03-30 04:53:57    7676304    ----a-w-    C:\WINDOWS\System32\windows.storage.dll

2018-03-30 04:53:57    40352    ----a-w-    C:\WINDOWS\System32\AppVClientPS.dll

2018-03-30 04:53:47    549552    ----a-w-    C:\WINDOWS\System32\WWanAPI.dll

2018-03-30 04:53:39    94080    ----a-w-    C:\WINDOWS\System32\wwapi.dll

2018-03-30 04:53:39    495008    ----a-w-    C:\WINDOWS\System32\TransportDSA.dll

2018-03-30 04:53:29    246176    ----a-w-    C:\WINDOWS\System32\browserbroker.dll

2018-03-30 04:53:08    2220952    ----a-w-    C:\WINDOWS\System32\AppVEntSubsystems64.dll

2018-03-30 04:53:06    712600    ----a-w-    C:\WINDOWS\System32\drivers\vhdmp.sys

2018-03-30 04:53:04    163744    ----a-w-    C:\WINDOWS\System32\drivers\wfplwfs.sys

2018-03-30 04:52:39    247480    ----a-w-    C:\WINDOWS\System32\logoncli.dll

2018-03-30 04:52:37    677280    ----a-w-    C:\WINDOWS\System32\drivers\cng.sys

2018-03-30 04:52:36    2457504    ----a-w-    C:\WINDOWS\System32\UpdateAgent.dll

2018-03-30 04:52:29    54688    ----a-w-    C:\WINDOWS\System32\drivers\vdrvroot.sys

2018-03-30 04:52:24    192416    ----a-w-    C:\WINDOWS\System32\drivers\appid.sys

2018-03-30 04:52:18    28520    ----a-w-    C:\WINDOWS\System32\vmbuspipe.dll

2018-03-30 04:52:14    47512    ----a-w-    C:\WINDOWS\System32\drivers\vmstorfl.sys

2018-03-30 04:52:05    727456    ----a-w-    C:\WINDOWS\System32\drivers\fvevol.sys

2018-03-30 04:52:04    282528    ----a-w-    C:\WINDOWS\System32\drivers\rdyboost.sys

2018-03-30 04:52:01    428960    ----a-w-    C:\WINDOWS\System32\drivers\rdbss.sys

2018-03-30 04:51:59    123800    ----a-w-    C:\WINDOWS\System32\drivers\mup.sys

2018-03-30 04:51:43    71208    ----a-w-    C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys

2018-03-30 04:51:38    125568    ----a-w-    C:\WINDOWS\System32\rmclient.dll

2018-03-30 04:51:33    902928    ----a-w-    C:\WINDOWS\System32\winhttp.dll

2018-03-30 04:51:27    147872    ----a-w-    C:\WINDOWS\System32\drivers\wcifs.sys

2018-03-30 04:50:40    57760    ----a-w-    C:\WINDOWS\System32\drivers\netbios.sys

2018-03-30 04:50:19    1336344    ----a-w-    C:\WINDOWS\System32\ole32.dll

2018-03-30 04:49:34    204184    ----a-w-    C:\WINDOWS\System32\basecsp.dll

2018-03-30 04:48:56    1628064    ----a-w-    C:\WINDOWS\System32\AppVIntegration.dll

2018-03-30 04:48:50    744856    ----a-w-    C:\WINDOWS\System32\AppVReporting.dll

2018-03-30 04:48:49    397720    ----a-w-    C:\WINDOWS\System32\AppVScripting.dll

2018-03-30 04:48:49    1420696    ----a-w-    C:\WINDOWS\System32\AppVEntSubsystemController.dll

2018-03-30 04:48:48    1778584    ----a-w-    C:\WINDOWS\System32\AppVEntVirtualization.dll

2018-03-30 04:48:47    813984    ----a-w-    C:\WINDOWS\System32\AppVEntStreamingManager.dll

.

============= FINISH: 17:11:28.53 ===============



.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 10 Pro

Boot Device: \Device\HarddiskVolume1

Install Date: 09-Jan-18 7:10:19 PM

System Uptime: 20-Apr-18 1:59:18 PM (4 hours ago)

.

Motherboard: Intel Corporation |  | DQ35MP

Processor: Intel(R) Core(TM)2 Quad CPU    Q6600  @ 2.40GHz | CPU1 | 2394/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 465 GiB total, 386.28 GiB free.

D: is CDROM ()

E: is Removable

F: is Removable

G: is Removable

H: is Removable

I: is Removable

.

==== Disabled Device Manager Items =============

.

Class GUID:

Description: PCI Serial Port

Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&1B

Manufacturer:

Name: PCI Serial Port

PNP Device ID: PCI\VEN_8086&DEV_29B7&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&1B

Service:

.

Class GUID:

Description: PCI Simple Communications Controller

Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&18

Manufacturer:

Name: PCI Simple Communications Controller

PNP Device ID: PCI\VEN_8086&DEV_29B4&SUBSYS_4F4A8086&REV_02\3&18D45AA6&0&18

Service:

.

==== System Restore Points ===================

.

RP16: 31-Mar-18 6:33:04 PM - Scheduled Checkpoint

RP17: 11-Apr-18 7:21:15 PM - Windows Update

RP18: 20-Apr-18 2:46:57 PM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

Adobe Acrobat Reader DC

Adobe Refresh Manager

Apple Application Support (32-bit)

Apple Application Support (64-bit)

Apple Mobile Device Support

Apple Software Update

Audacity 2.1.2

Bonjour

BullGuard Antivirus

Capture NX-D

Intel(R) Graphics Media Accelerator Driver

iTunes

Malwarebytes version 3.4.5.2467

Microsoft OneDrive

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005

Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005

Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005

Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005

Mozilla Firefox 59.0.2 (x64 en-US)

Mozilla Maintenance Service

Mozilla Thunderbird 52.7.0 (x86 en-GB)

Nikon Message Center 2

Nikon Transfer 2

NVIDIA 3D Vision Driver 388.13

NVIDIA Ansel

NVIDIA Control Panel 388.13

NVIDIA Display Container

NVIDIA Display Container LS

NVIDIA Display Session Container

NVIDIA Display Watchdog Plugin

NVIDIA Graphics Driver 388.13

NVIDIA Install Application

NVIDIA Stereoscopic 3D Driver

OpenOffice 4.1.5

Picture Control Utility 2

SpywareBlaster 5.5

ViewNX-i

Vulkan Run Time Libraries 1.0.61.0

Windows Mobile Device Center

.

==== Event Viewer Messages From Past Week ========

.

20-Apr-18 8:48:14 AM, Error: Service Control Manager [7023]  - The BsCache service terminated with the following error:  The specified module could not be found.

20-Apr-18 2:00:04 PM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

19-Apr-18 8:27:59 AM, Error: Microsoft-Windows-Kernel-Power [137]  - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.

14-Apr-18 7:50:19 PM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.

13-Apr-18 10:41:53 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows Defender antimalware platform - KB4052623 (Version 4.14.17613.18039).

.

==== End Of File ===========================



 
Posted 4/23/2018 9:25 AM
#130006
User avatar

Andreea-Luciana Ostache Advanced member

Date Joined Nov 2016
Total Posts: 892
Hello,

Your logs are clean.

Make sure that you add exceptions for BullGuard into Malwarebytes and vice-versa, if you are using the paid version of Malwarebytes.

If the issue with the Firewall persists, please contact the support department directly, to analyze your logs and see what's causing the problem.
Andreea-Luciana Ostache
Support Team Leader
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
Posted 4/23/2018 2:00 PM
#130007
User avatar

wafu Advanced member

Date Joined Nov 2016
Total Posts: 50
thanks Andreea for looking at the logs, & that its clean, at which i am very surprised, perhaps a glitch during install that showed a wrong firewall state?? & it was actually working all the time, will keep an eye on it



thanks again Andreea
Post a reply
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Saturday, July 2, 2022, 12:10 AM (GMT +2)
There are a total of 61,974 posts in 13,697 threads.
In the last 3 days there were 0 new threads and 0 reply posts.

Who's online

This forum has 38,684 registered members. Please welcome our newest member, james44.
19 Guest(s), 0 Registered Member(s) are currently online.