Struggling to rid laptop of Malware

Posted 3/7/2016 9:38 AM
#124381
User avatar

GazNicki Valued member

Date Joined Nov 2016
Total Posts: 16
My laptop became infected with Malware and I have been struggling to get rid of it. Just when I think it is gone, something else seems to appear. I'm hoping you can help me.

I currently have Avira running on my laptop, which so far has found nothing. Attached are the logs from MBam, DDS and HJT.

HJT Log
[code]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 09:17:57, on 07/03/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10240.16603)

FIREFOX: 43.0.4 (x86 en-GB)
Boot mode: Normal

Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Users\GHS Tech Admin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://g.uk.msn.com/HPCOM14/2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
O4 - HKLM\..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Run: [Avira SystrayStartTrigger] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\GHS Tech Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-18\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'Default user')
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: https://*.webcompanion.com
O17 - HKLM\System\CCS\Services\Tcpip\..\{44f5897a-86c9-478c-a576-eb0efcf65a75}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CCS\Services\Tcpip\..\{daacbaea-f0bf-4b67-a6e4-4cb489b5c76e}: NameServer = 8.8.8.8,8.8.4.4
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 8.8.8.8,8.8.8.4
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Unknown owner - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AppsiocE - Unknown owner - C:\ProgramData\\AppsiocE\\AppsiocE.exe (file missing)
O23 - Service: Avira Service Host (Avira.ServiceHost) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: BTDevManager - Unknown owner - C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
O23 - Service: CLARiCOM_Client - Zipher Limited - C:\Program Files (x86)\CLARICOM\Data\CLClient.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Absolute Software Agent Service (CtAgentService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DigitalPersona Authentication Service (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: HP Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\windows\SysWOW64\flcdlock.exe
O23 - Service: FMAudit Onsite (FMAuditOnsite) - ECi FMAudit - C:\Program Files (x86)\FMAuditOnsite\fmaonsite.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Hotkey Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Device Access Manager Usage Service (HpDamServiceHost) - Hewlett-Packard Development Company - c:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe
O23 - Service: HP File Sanitizer (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: @oem17.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\WINDOWS\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Smart Connect Technology Agent (ISCTAgent) - Unknown owner - c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: OpcEnum - OPC Foundation - C:\windows\SysWOW64\OpcEnum.exe
O23 - Service: panda_url_filtering Service (panda_url_filtering) - Visicom Media Inc. - C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 16226 bytes
[/code]

DDS Log
[code]DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.10240.16603
Run by Gaz at 9:14:10 on 2016-03-07
Microsoft Windows 10 Pro 10.0.10240.0.1252.44.1033.18.3968.1828 [GMT 0:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\igfxCUIService.exe
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\FMAuditOnsite\fmaonsite.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
C:\windows\system32\vcsFPService.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCardEngine.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\svchost.exe -k GPSvcGroup
C:\WINDOWS\system32\sihost.exe
svchost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
C:\Windows\RtsCM64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Defender\MpCmdRun.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uLocal Page = %11%\blank.htm
uSearch Bar = www.google.com
uSearch Page = www.google.com
BHO: HP File Sanitizer: {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\GHS Tech Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [YouCam Tray] "c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [HP File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [sun3]
mRunOnce: [{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}] "C:\ProgramData\Package Cache\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}\Avira.OE.Setup.Bundle.exe" /burn.log.append "C:\Users\GHSTEC~1\AppData\Local\Temp\Avira_Launcher_20160307091325.log" /burn.runonce
dRunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\ISCTSY~1.LNK - C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
Trusted Zone: localhost
Trusted Zone: webcompanion.com
TCP: NameServer = 8.8.8.8,8.8.8.4
TCP: NameServer = 192.168.10.1
TCP: Interfaces\{44f5897a-86c9-478c-a576-eb0efcf65a75} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{44f5897a-86c9-478c-a576-eb0efcf65a75} : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{c3c2bd6f-7629-455e-8b66-0233050d748c} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{d2909f12-6356-47a7-9f60-f14775f431bc} : DHCPNameServer = 82.163.142.70
TCP: Interfaces\{daacbaea-f0bf-4b67-a6e4-4cb489b5c76e} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{daacbaea-f0bf-4b67-a6e4-4cb489b5c76e} : DHCPNameServer = 192.168.10.1
TCP: Interfaces\{efd84354-b963-4d8a-8041-d60d6dd2d468} : DHCPNameServer = 82.163.142.70
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck -
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\WINDOWS\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtsCM] RTSCM64.EXE
x64-Run: [BtServer] "C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} -
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -
x64-SSODL: WebCheck -
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\GHS Tech Admin\AppData\Roaming\Mozilla\Firefox\Profiles\qe3bkq1i.default-1455710023557\
FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser/
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\components\npChromeDPAgent.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 PinFile;PinFile;C:\WINDOWS\System32\drivers\PinFile.sys [2015-11-15 56864]
R0 SDDisk2K;SDDisk2K;C:\WINDOWS\System32\drivers\SDDisk2K.sys [2015-11-15 232480]
R0 SDDToki;SDDToki;C:\WINDOWS\System32\drivers\SDDToki.sys [2015-11-15 138272]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-9-10 200528]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2015-12-3 91912]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-9 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2016-1-27 260456]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2016-1-7 154680]
R2 BTDevManager;BTDevManager;C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe [2015-10-8 117976]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-9-18 2809072]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856]
R2 CtAgentService;Absolute Software Agent Service;C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [2014-3-31 7168]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856]
R2 FMAuditOnsite;FMAudit Onsite;C:\Program Files (x86)\FMAuditOnsite\fmaonsite.exe [2015-12-4 66560]
R2 HP Hotkey Service;HP Hotkey Service;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HotkeyService.exe [2015-8-3 850144]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-1-13 99128]
R2 HPFSService;HP File Sanitizer;C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2014-2-5 1758936]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2015-6-29 54448]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-8-7 370072]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 ISCTAgent;Intel(R) Smart Connect Technology Agent;C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2013-9-7 198120]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
R2 panda_url_filtering;panda_url_filtering Service;C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe -- --> C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe -- [?]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-8-19 298200]
R2 Sentinel64;Sentinel64;C:\WINDOWS\System32\drivers\sentinel64.sys [2015-4-15 145448]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2015-7-3 255096]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\WINDOWS\System32\vcsFPService.exe [2013-9-12 3221392]
R2 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\BthLEEnum.sys [2015-7-10 237568]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\WINDOWS\System32\drivers\ikbevent.sys [2013-8-9 21408]
R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\WINDOWS\System32\drivers\imsevent.sys [2013-8-9 21920]
R3 INETMON;INETMON;C:\WINDOWS\System32\drivers\INETMON.sys [2014-8-18 29088]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-7-30 47008]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2016-2-15 25816]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
R3 panda_url_filteringd;panda_url_filteringd driver;C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringd.sys [2014-3-19 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-10-8 896768]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2015-6-4 607000]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2014-8-18 772336]
R3 rtsuvc;HP Universal Camera Driver;C:\WINDOWS\System32\drivers\RtsUVC.sys [2015-9-18 3066072]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2015-8-28 4629744]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-9-10 685568]
R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2015-9-18 30544]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016]
S2 AppsiocE;AppsiocE;C:\ProgramData\\AppsiocE\\AppsiocE.exe -f "C:\ProgramData\\AppsiocE\\AppsiocE.dat" -l -a --> C:\ProgramData\\AppsiocE\\AppsiocE.exe -f C:\ProgramData\\AppsiocE\\AppsiocE.dat [?]
S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S2 HpDamServiceHost;HP Device Access Manager Usage Service;C:\Program Files (x86)\Hewlett-Packard\HP Device Access Manager\HP.ProtectTools.DeviceAccessManager.ServiceHost.exe [2013-11-15 18232]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-11-17 19424]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-2-15 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624]
S3 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2016-1-7 433688]
S3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2016-1-7 413208]
S3 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2016-1-7 859672]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-1 36352]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736]
S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 CLARiCOM_Client;CLARiCOM_Client;C:\Program Files (x86)\CLARiCOM\Data\CLClient.exe [2014-2-28 291840]
S3 DAMDrv;DAMDrv;C:\WINDOWS\System32\drivers\DAMDrv64.sys [2013-10-7 65752]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2015-9-28 122160]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 FLCDLOCK;HP Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2013-11-20 567608]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-9-27 1455552]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-8-18 169752]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2015-8-8 474360]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872]
S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDOWS\System32\drivers\mwac.sys [2016-2-15 64216]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376]
S3 MpNWMon;Microsoft Malware Protection Network Driver;C:\WINDOWS\System32\drivers\MpNWMon.sys [2011-4-18 40832]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-9-10 934752]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2014-8-18 272088]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2014-8-18 331992]
S3 RtkAvrcp;Realtek Bluetooth A/V Remote Control Target;C:\WINDOWS\System32\drivers\RtkAvrcp.sys [2014-8-18 61152]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-9-10 1031680]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2014-4-8 30448]
S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2014-4-8 31472]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 SNTUSB64;SafeNet USB SuperPro/UltraPro/HardwareKey;C:\WINDOWS\System32\drivers\SNTUSB64.SYS [2009-9-17 58792]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-10-1 214832]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-9-10 80720]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-9-10 46080]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-17 54784]
S3 usbrndis6;USB RNDIS6 Adapter;C:\WINDOWS\System32\drivers\usb80236.sys [2015-7-10 22016]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-7-10 39856]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2015-9-28 14464]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856]
S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2015-7-10 24576]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-03-07 09:13:37 -------- d-----w- C:\Program Files (x86)\Avira
2016-03-07 09:13:36 -------- d-----w- C:\ProgramData\Avira
2016-03-07 09:07:45 16148 ----a-w- C:\WINDOWS\System32\GHS2HP450_Gaz_HistoryPrediction.bin
2016-03-07 08:41:45 -------- d-----w- C:\Program Files (x86)\AdwCleaner
2016-03-07 07:48:46 11249080 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C404C3EA-1C0D-4A0C-810F-0FC32FA0D682}\mpengine.dll
2016-03-04 10:51:52 11249080 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-03-03 07:45:14 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2DA0865B-ED29-42CE-92C0-DD91DEBD8F45}\gapaengine.dll
2016-03-02 14:01:23 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\PDAppFlex
2016-03-02 14:01:23 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2016-02-24 13:25:32 91240 ----a-w- C:\WINDOWS\System32\RtNicProp64.dll
2016-02-24 08:37:56 121820360 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Photoshop.exe
2016-02-19 11:10:45 -------- d-----w- C:\AdwCleaner
2016-02-19 10:22:36 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\LavasoftStatistics
2016-02-19 10:20:22 -------- d-----w- C:\Program Files\Lavasoft
2016-02-19 09:54:27 -------- d-----w- C:\Program Files\Common Files\Lavasoft
2016-02-18 16:10:11 -------- d-----w- C:\ProgramData\AppsiocE
2016-02-17 09:11:46 16148 ----a-w- C:\WINDOWS\System32\GHS2HP450_Steve_HistoryPrediction.bin
2016-02-16 09:00:08 -------- d-----w- C:\ProgramData\panda_url_filtering
2016-02-16 09:00:07 -------- d-----w- C:\Program Files\Panda Security URL Filtering
2016-02-16 08:59:29 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\Panda Security
2016-02-16 08:58:49 -------- d-----w- C:\Program Files (x86)\Panda Security
2016-02-16 08:35:19 -------- d-----w- C:\ProgramData\Panda Security
2016-02-15 16:15:58 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-02-15 16:15:29 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-02-15 16:15:29 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-02-15 16:15:28 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-02-15 16:15:28 -------- d-----w- C:\ProgramData\Malwarebytes
2016-02-15 16:15:28 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-02-15 14:36:54 187904 ----a-w- C:\WINDOWS\rsrcs.dll
2016-02-15 14:35:51 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\Common
2016-02-15 14:30:47 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\Foxit Advanced PDF Editor
2016-02-15 14:30:47 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Local\Foxit Advanced PDF Editor
2016-02-15 14:30:44 -------- d-----w- C:\ProgramData\Foxit Advanced PDF Editor
2016-02-15 14:30:44 -------- d-----w- C:\ProgramData\Aspell
2016-02-15 14:30:41 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Local\Aspell
2016-02-15 14:30:41 -------- d-----w- C:\Program Files (x86)\Foxit Software
2016-02-15 14:22:01 -------- d-----w- C:\Users\GHS Tech Admin\AppData\Roaming\BitTorrent
2016-02-10 10:38:58 771072 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2016-02-10 10:38:58 659968 ----a-w- C:\Program Files\Windows Journal\MSPVWCTL.DLL
2016-02-10 10:38:57 2142208 ----a-w- C:\Program Files\Windows Journal\Journal.exe
2016-02-10 10:38:56 574464 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2016-02-10 10:38:56 315392 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\InkDiv.dll
2016-02-10 10:38:54 88064 ----a-w- C:\WINDOWS\System32\ngckeyenum.dll
2016-02-10 08:44:26 -------- d-----w- C:\$WINDOWS.~BT
2016-02-10 08:44:22 -------- d--h--w- C:\$Windows.~WS
.
==================== Find3M ====================
.
2016-03-07 09:07:48 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-24 13:25:32 896768 ----a-w- C:\WINDOWS\System32\drivers\rt640x64.sys
2016-02-05 11:50:27 716928 ----a-w- C:\WINDOWS\System32\WinUSBCoInstaller.dll
2016-02-05 11:50:27 1499408 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01007.dll
2016-02-05 11:50:01 214832 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys
2016-02-05 11:48:23 122160 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys
2016-02-02 22:47:29 828920 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-02-02 22:47:29 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-01-31 06:25:57 1248896 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2016-01-31 06:25:52 1951872 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2016-01-31 06:24:08 1824880 ----a-w- C:\WINDOWS\System32\ntdll.dll
2016-01-31 06:23:57 2601160 ----a-w- C:\WINDOWS\System32\combase.dll
2016-01-31 06:23:50 1420392 ----a-w- C:\WINDOWS\System32\msctf.dll
2016-01-31 06:06:45 809336 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2016-01-31 06:06:37 1535032 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2016-01-31 06:06:37 1531368 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2016-01-31 06:04:30 1180696 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2016-01-31 06:04:27 1811360 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2016-01-31 05:38:07 21873152 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-01-31 05:33:38 57856 ----a-w- C:\WINDOWS\System32\IoTAssignedAccessLockFramework.dll
2016-01-31 05:29:56 141312 ----a-w- C:\WINDOWS\System32\rasman.dll
2016-01-31 05:29:36 11557888 ----a-w- C:\WINDOWS\System32\twinui.dll
2016-01-31 05:26:49 3793408 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2016-01-31 05:26:38 6787072 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2016-01-31 05:25:35 143872 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2016-01-31 05:25:13 366592 ----a-w- C:\WINDOWS\System32\wuuhext.dll
2016-01-31 05:23:37 79360 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2016-01-31 05:20:04 2849792 ----a-w- C:\WINDOWS\System32\wininet.dll
2016-01-31 05:19:51 237056 ----a-w- C:\WINDOWS\System32\NetworkDesktopSettings.dll
2016-01-31 05:19:47 46592 ----a-w- C:\WINDOWS\SysWow64\IoTAssignedAccessLockFramework.dll
2016-01-31 05:18:35 147456 ----a-w- C:\WINDOWS\System32\mtxoci.dll
2016-01-31 05:17:47 109056 ----a-w- C:\WINDOWS\System32\hlink.dll
2016-01-31 05:16:37 950272 ----a-w- C:\WINDOWS\System32\kerberos.dll
2016-01-31 05:16:36 9889280 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2016-01-31 05:14:37 7525376 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-01-31 05:14:19 3588096 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2016-01-31 05:13:54 4791808 ----a-w- C:\WINDOWS\System32\jscript9.dll
2016-01-31 05:13:17 34816 ----a-w- C:\WINDOWS\System32\ztrace_maps.dll
2016-01-31 05:13:02 123392 ----a-w- C:\WINDOWS\SysWow64\rasman.dll
2016-01-31 05:11:48 5156352 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2016-01-31 05:11:25 162304 ----a-w- C:\WINDOWS\SysWow64\msorcl32.dll
2016-01-31 05:11:14 291840 ----a-w- C:\WINDOWS\System32\microsoft-windows-system-events.dll
2016-01-31 05:07:17 18802176 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-01-31 05:06:11 2316800 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2016-01-31 05:05:11 118272 ----a-w- C:\WINDOWS\SysWow64\mtxoci.dll
2016-01-31 05:04:50 100352 ----a-w- C:\WINDOWS\SysWow64\hlink.dll
2016-01-31 05:02:29 768000 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2016-01-31 05:02:09 3580416 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2016-01-31 04:59:40 5457408 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2016-01-31 04:58:44 29696 ----a-w- C:\WINDOWS\SysWow64\ztrace_maps.dll
2016-01-27 12:01:58 1804696 ----a-w- C:\WINDOWS\System32\WdfCoInstaller01011.dll
2016-01-27 12:01:55 639608 ----a-w- C:\WINDOWS\System32\drivers\SynTP.sys
2016-01-27 12:01:55 283256 ----a-w- C:\WINDOWS\System32\SynTPCo35-01.dll
2016-01-27 12:01:55 277624 ----a-w- C:\WINDOWS\System32\SynTPAPI.dll
2016-01-27 12:01:54 66168 ----a-w- C:\WINDOWS\System32\drivers\SynRMIHID_Aux.sys
2016-01-27 12:01:50 777848 ----a-w- C:\WINDOWS\System32\SynCOM.dll
2016-01-27 12:01:50 429176 ----a-w- C:\WINDOWS\SysWow64\SynCom.dll
2016-01-27 12:01:46 51320 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys
2016-01-27 12:01:46 50808 ----a-w- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys
2016-01-05 03:07:02 377592 ----a-w- C:\WINDOWS\System32\MP4SDECD.DLL
2016-01-05 03:07:00 2463704 ----a-w- C:\WINDOWS\System32\mfcore.dll
2016-01-05 03:06:57 8022368 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-01-05 03:06:56 1270104 ----a-w- C:\WINDOWS\System32\mfnetsrc.dll
2016-01-05 03:06:56 119800 ----a-w- C:\WINDOWS\System32\MP3DMOD.DLL
2016-01-05 03:06:55 1063504 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll
2016-01-05 03:06:43 1991120 ----a-w- C:\WINDOWS\System32\WMVENCOD.DLL
2016-01-05 02:59:40 781976 ----a-w- C:\WINDOWS\System32\mfds.dll
2016-01-05 02:52:47 441696 ----a-w- C:\WINDOWS\System32\devinv.dll
2016-01-05 02:50:47 723648 ----a-w- C:\WINDOWS\System32\generaltel.dll
2016-01-05 02:50:31 205072 ----a-w- C:\WINDOWS\System32\COLORCNV.DLL
2016-01-05 02:50:31 1083072 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-01-05 02:50:29 345080 ----a-w- C:\WINDOWS\System32\WMVSDECD.DLL
2016-01-05 02:50:27 251544 ----a-w- C:\WINDOWS\System32\MP43DECD.DLL
2016-01-05 02:50:27 1817064 ----a-w- C:\WINDOWS\System32\WMALFXGFXDSP.dll
2016-01-05 02:31:19 1365576 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2016-01-05 02:30:46 882208 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2016-01-05 02:30:28 2152744 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2016-01-05 02:30:27 368776 ----a-w- C:\WINDOWS\SysWow64\MP4SDECD.DLL
2016-01-05 02:30:23 1106872 ----a-w- C:\WINDOWS\SysWow64\mfnetsrc.dll
2016-01-05 02:30:21 100712 ----a-w- C:\WINDOWS\SysWow64\MP3DMOD.DLL
2016-01-05 02:30:19 2162064 ----a-w- C:\WINDOWS\SysWow64\WMVENCOD.DLL
2016-01-05 02:30:14 2459096 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2016-01-05 02:30:06 232896 ----a-w- C:\WINDOWS\SysWow64\RESAMPLEDMO.DLL
2016-01-05 02:29:53 208688 ----a-w- C:\WINDOWS\SysWow64\mftranscode.dll
2016-01-05 02:28:56 635312 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2016-01-05 02:28:45 72808 ----a-w- C:\WINDOWS\SysWow64\mfvdsp.dll
2016-01-05 02:28:31 645144 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2016-01-05 02:28:19 277400 ----a-w- C:\WINDOWS\SysWow64\MPG4DECD.DLL
2016-01-05 02:28:19 2445128 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2016-01-05 02:28:17 107952 ----a-w- C:\WINDOWS\SysWow64\VIDRESZR.DLL
2016-01-05 02:28:13 696192 ----a-w- C:\WINDOWS\SysWow64\WMADMOE.DLL
2016-01-05 02:28:13 695752 ----a-w- C:\WINDOWS\SysWow64\WMADMOD.DLL
2016-01-05 02:28:07 82096 ----a-w- C:\WINDOWS\SysWow64\devenum.dll
2016-01-05 02:28:07 714808 ----a-w- C:\WINDOWS\SysWow64\mfnetcore.dll
2016-01-05 02:28:02 497896 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2016-01-05 02:28:01 116728 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2016-01-05 02:21:40 658528 ----a-w- C:\WINDOWS\SysWow64\mfds.dll
2016-01-05 02:15:58 931328 ----a-w- C:\WINDOWS\System32\MSMPEG2ENC.DLL
2016-01-05 02:15:34 235008 ----a-w- C:\WINDOWS\System32\UserMgrProxy.dll
2016-01-05 02:15:04 42496 ----a-w- C:\WINDOWS\System32\usermgrcli.dll
.
============= FINISH: 9:15:53.80 ===============
[/code]

attach.txt
[code]
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 18/09/2015 08:00:40
System Uptime: 07/03/2016 08:46:24 (1 hours ago)
.
Motherboard: Hewlett-Packard | | 2248
Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz | U3E1 | 1901/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 450 GiB total, 278.655 GiB free.
D: is FIXED (NTFS) - 12 GiB total, 1.301 GiB free.
E: is FIXED (FAT32) - 2 GiB total, 1.953 GiB free.
F: is CDROM ()
G: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP28: 18/02/2016 08:36:30 - Windows Update
RP29: 19/02/2016 09:53:02 - AA11
RP30: 24/02/2016 13:24:42 - Windows Update
RP31: 03/03/2016 08:15:18 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
7-Zip 15.14 (x64)
Ad-Aware Antivirus
AdAwareUpdater
Adobe Acrobat Reader DC
Adobe Refresh Manager
AntimalwareEngine
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Avira Launcher
BitTorrent
BlueStacks App Player
Bonjour
CCleaner
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
CLARiSOFT
CLARiTY Configuration Manager
CyberLink Power2Go 8
CyberLink PowerDVD 12
CyberLink YouCam
D3DX10
Easy Playlist Maker 1.0
Energy Star
FMAudit Onsite
Foxit Advanced PDF Editor 3
Foxit PhantomPDF
FreeFileSync 7.5
GIMP 2.8.16
Google Chrome
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.2.3
HP 3D DriveGuard
HP Client Security Manager
HP Connection Manager
HP Customer Experience Enhancements
HP Device Access Manager
HP Documentation
HP Drive Encryption
HP ESU for Microsoft Windows 7
HP File Sanitizer
HP Hotkey Support
HP PageLift
HP PC Hardware Diagnostics UEFI
HP Setup
HP SoftPaq Download Manager
HP Software Setup
HP Support Assistant
HP Support Information
HP System Default Settings
HP Theft Recovery
HP Universal Camera Driver
iCloud
Image Resizer for Windows
Image Resizer for Windows (64 bit)
Intel(R) Chipset Device Software
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) Smart Connect Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel® Security Assist
Intel® Trusted Connect Service Client
iTunes
Malwarebytes Anti-Malware version 2.2.0.1024
Microsoft .NET Framework 4.5.2
Microsoft Antimalware
Microsoft Application Error Reporting
Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x64)
Microsoft Office Home and Business 2013 - en-us
Microsoft Security Client
Microsoft Security Client MUI Language Pack
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Movie Maker
Mozilla Firefox 43.0.4 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
opensource
Panda Security Toolbar
Photo Common
Photo Gallery
QuickTime 7
REALTEK Bluetooth Driver
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
REALTEK Wireless LAN Driver
Safari
Skype™ 7.0
Synaptics Pointing Device Driver
Validity Fingerprint Sensor Driver
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
.
==== Event Viewer Messages From Past Week ========
.
07/03/2016 09:08:45, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
07/03/2016 08:50:41, Error: Service Control Manager [7034] - The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:47:35, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the HP Device Access Manager Usage Service service to connect.
07/03/2016 08:47:35, Error: Service Control Manager [7000] - The HP Device Access Manager Usage Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
07/03/2016 08:47:11, Error: Service Control Manager [7001] - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
07/03/2016 08:47:02, Error: Service Control Manager [7000] - The AppsiocE service failed to start due to the following error: The system cannot find the file specified.
07/03/2016 08:46:55, Error: Microsoft-Windows-TaskScheduler [413] - Task Scheduler service failed to load tasks at service startup. Additional Data: Error Value: 2147942402.
07/03/2016 08:46:55, Error: Microsoft-Windows-TaskScheduler [412] - Task Scheduler service failed to launch tasks triggered by computer startup. Additional Data: Error Value: 2147942402.
07/03/2016 08:46:55, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file.
07/03/2016 08:46:03, Error: Microsoft-Windows-WLAN-AutoConfig [10003] - WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\WINDOWS\system32\Rtlihvs.dll
07/03/2016 08:46:02, Error: Service Control Manager [7024] -
07/03/2016 08:45:55, Error: Service Control Manager [7031] - The User Data Storage_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
07/03/2016 08:45:55, Error: Service Control Manager [7031] - The User Data Access_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
07/03/2016 08:45:55, Error: Service Control Manager [7031] - The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
07/03/2016 08:45:55, Error: Service Control Manager [7031] - The Contact Data_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The iPod Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The Intel(R) Security Assist service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The BlueStacks Updater Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The BlueStacks Log Rotator Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The BlueStacks Android Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7034] - The AppsiocE service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:28, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
07/03/2016 08:45:28, Error: Service Control Manager [7031] - The HP Support Assistant Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/03/2016 08:45:21, Error: Service Control Manager [7034] - The DigitalPersona Authentication Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:21, Error: Service Control Manager [7031] - The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The Validity VCS Fingerprint Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The SynTPEnh Caller Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The panda_url_filtering Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The HP Software Framework Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The HP Hotkey Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7034] - The HP File Sanitizer service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:20, Error: Service Control Manager [7031] - The Message Queuing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
07/03/2016 08:45:19, Error: Service Control Manager [7031] - The Microsoft Office ClickToRun Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
07/03/2016 08:45:18, Error: Service Control Manager [7034] - The BTDevManager service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:18, Error: Service Control Manager [7034] - The Absolute Software Agent Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:18, Error: Service Control Manager [7031] - The FMAudit Onsite service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 900000 milliseconds: Restart the service.
07/03/2016 08:45:17, Error: Service Control Manager [7034] - The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:17, Error: Service Control Manager [7031] - The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
07/03/2016 08:45:17, Error: Service Control Manager [7031] - The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
07/03/2016 08:45:16, Error: Service Control Manager [7034] - The Intel(R) HD Graphics Control Panel Service service terminated unexpectedly. It has done this 1 time(s).
07/03/2016 08:45:16, Error: Service Control Manager [7034] - The HP Service service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================
[/code]

mbam.txt
[code]Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 07/03/2016
Scan Time: 08:00
Logfile: mbam.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2016.03.07.01
Rootkit Database: v2016.02.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: Gaz

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 472125
Time Elapsed: 34 min, 52 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)[/code]
Posted 3/7/2016 11:38 AM
#124382
User avatar

GazNicki Valued member

Date Joined Nov 2016
Total Posts: 16
As an addition to this, whatever is on my PC at this moment in time, it keeps on setting my network adaptors to obtain the DNS from defined locations rather than obtaining them automatically.
Posted 2/14/2018 10:14 AM
#127485
User avatar

Andreea-Luciana Ostache Advanced member

Date Joined Nov 2016
Total Posts: 734
First, you need to update Firefox. Open a Firefox window, click the Settings button > Help > About Firefox

I sa Ad-Aware, AVira and Panda on your computer. They could be conflicting. Choose a brand and stick with that. 

Let's scan for rootkits: Download Roguekiller from Adlice: https://www.adlice.com/download/roguekiller/  (the free version is sufficient), but make sure scan for rootkits is checked in settings. Run a full scan of you system, fix any problems it finds, if any, and post the log here.

Next, run Adwcleaner from here: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Again fix any issues and post the log back here.

Lastly, I will kindly ask you to follow these steps:

1. Go to Start and type CMD.exe in the search field. After you type that in, wait for a few moments and, when CMD.exe is displayed in the list above, right-click on it and select "Run as administrator".

2. In the black CMD window type the following and press Enter after each line:

3. Wait for CMD to be finished and reboot the computer.

netsh winsock reset

ipconfig /flushdns

ipconfig /renew

nbtstat –R

nbtstat –RR

netsh int ip reset all

netsh winhttp reset proxy

After the restart, right-click on your internet connection, go to Networking Center, click to view adapter settings, right-click on your connection and click properties. Double-click on Ipv4 and Ipv6 one at a time and check that the DNS is automatic.
Andreea-Luciana Ostache
Support Team Leader
support@bullguard.com
www.bullguard.com

Download the Free Trial version of BullGuard Internet Security

You have a BullGuard related problem? Post your question on these forums, contact Support or contact me on Twitter!
  • Unread posts or replies
  • No unread posts or replies
  • Unread Posts (Read Only Forum)
  • No Unread Posts (Read Only Forum)

Forum Information

Currently it is Monday, July 23, 2018, 1:23 PM (GMT +2)
There are a total of 61,633 posts in 13,570 threads.
In the last 3 days there were 0 new threads and 1 reply posts.

Who's online

This forum has 38,354 registered members. Please welcome our newest member, KeatsHughes.
There are currently no users on-line.
We use cookies to ensure that we give you the best experience on our website. By continuing to browse, we are assuming that you have no objection in accepting cookies. You can change your cookie settings at any time.