Virus keeps coming back.

Discussion in 'Computer Security' started by ANNR, Apr 23, 2017.

  1. ANNR

    ANNR Active Member

    Messages:
    1,166
    I ran the programs in the sticky and it removed all the adware spyware and everything working again.

    Before running the program my computer will not open any programs when clicked on. Everything is fine after running the sticky programs.

    However the same bug keeps coming back even though I don't use my computer much.

    I will post the logs tonight when I get home.

    Any idea why the bug keeps coming back?
     
    Last edited: Apr 23, 2017
  2. johnb35

    johnb35 Administrator Staff Member

    Messages:
    41,805
    I would have to know what is being found and removed to tell you how to stop it. I'll wait for the logs.
     
    Darren likes this.
  3. ANNR

    ANNR Active Member

    Messages:
    1,166
    thank you john

    here is the first log

    # AdwCleaner v6.045 - Logfile created 24/04/2017 at 00:22:55
    # Updated on 28/03/2017 by Malwarebytes
    # Database : 2017-04-22.1 [Server]
    # Operating System : Windows 10 Home (X86)
    # Username : Heng - DESKTOP-G0PC484
    # Running from : C:\Users\Heng\Desktop\adwcleaner_6.045.exe
    # Mode: Clean
    # Support : https://www.malwarebytes.com/support



    ***** [ Services ] *****



    ***** [ Folders ] *****

    [#] Folder deleted on reboot: C:\qycache


    ***** [ Files ] *****



    ***** [ DLL ] *****



    ***** [ WMI ] *****



    ***** [ Shortcuts ] *****



    ***** [ Scheduled Tasks ] *****



    ***** [ Registry ] *****



    ***** [ Web browsers ] *****



    *************************

    :: "Tracing" keys deleted
    :: Winsock settings cleared

    *************************

    C:\AdwCleaner\AdwCleaner[C0].txt - [3103 Bytes] - [23/02/2017 01:29:34]
    C:\AdwCleaner\AdwCleaner[C2].txt - [1315 Bytes] - [15/03/2017 00:10:51]
    C:\AdwCleaner\AdwCleaner[C3].txt - [943 Bytes] - [24/04/2017 00:22:55]
    C:\AdwCleaner\AdwCleaner[S0].txt - [5505 Bytes] - [23/02/2017 00:53:02]
    C:\AdwCleaner\AdwCleaner[S1].txt - [5349 Bytes] - [23/02/2017 01:02:36]
    C:\AdwCleaner\AdwCleaner[S2].txt - [2963 Bytes] - [23/02/2017 01:29:02]
    C:\AdwCleaner\AdwCleaner[S3].txt - [1439 Bytes] - [15/03/2017 00:10:35]
    C:\AdwCleaner\AdwCleaner[S4].txt - [1583 Bytes] - [24/04/2017 00:22:05]

    ########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1380 Bytes] ##########


    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.1.3 (04.10.2017)
    Operating System: Windows 10 Home x86
    Ran by Heng (Administrator) on Mon 04/24/2017 at 0:29:58.89
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    File System: 0




    Registry: 0





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Mon 04/24/2017 at 0:34:27.15
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
    Last edited: Apr 24, 2017
  4. ANNR

    ANNR Active Member

    Messages:
    1,166
    I can't get the malwarebytes to scan. it just starts and ends 1 second later.

    OTL logfile created on: 4/24/2017 12:46:01 AM - Run 1
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Heng\Desktop
    An unknown product (Version = 6.2.9200) - Type = NTWorkstation
    Internet Explorer (Version = 9.11.10586.0)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    1.94 Gb Total Physical Memory | 0.63 Gb Available Physical Memory | 32.42% Memory free
    2.63 Gb Paging File | 1.15 Gb Available in Paging File | 43.91% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
    Drive C: | 28.49 Gb Total Space | 1.38 Gb Free Space | 4.83% Space Free | Partition Type: NTFS

    Computer Name: DESKTOP-G0PC484 | User Name: Heng | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Heng\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
    PRC - C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe (Microsoft Corporation)
    PRC - C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe (Microsoft Corporation)
    PRC - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe (Microsoft Corporation)
    PRC - C:\Windows\explorer.exe (Microsoft Corporation)
    PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
    PRC - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
    PRC - C:\Windows\System32\fontdrvhost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\ApplicationFrameHost.exe (Microsoft Corporation)
    PRC - C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe (Microsoft Corporation)
    PRC - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
    PRC - C:\Program Files\AVAST Software\Avast\avastui.exe (AVAST Software)
    PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    PRC - C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
    PRC - C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
    PRC - C:\Windows\System32\InputMethod\CHS\ChsIME.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\sihost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\RuntimeBroker.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\dasHost.exe (Microsoft Corporation)
    PRC - C:\Windows\System32\taskhostw.exe (Microsoft Corporation)
    PRC - C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.570_none_1a2715186e0e7a1d\TiWorker.exe (Microsoft Corporation)
    PRC - C:\Program Files\IntelContinuum\ContinuumService.exe ()
    PRC - C:\Windows\System32\DptfPolicyLpmService.exe (Intel Corporation)
    PRC - C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation)
    PRC - C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files\Google\Chrome\Application\57.0.2987.133\libglesv2.dll ()
    MOD - C:\Program Files\Google\Chrome\Application\57.0.2987.133\libegl.dll ()
    MOD - C:\Windows\System32\CoreUIComponents.dll ()
    MOD - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll ()
    MOD - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll ()
    MOD - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll ()
    MOD - C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll ()
    MOD - C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll ()
    MOD - C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll ()
    MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ()
    MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe ()
    MOD - C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\ffl2.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
    MOD - C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll ()
    MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
     
  5. ANNR

    ANNR Active Member

    Messages:
    1,166
    ========== Services (SafeList) ==========

    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe (Microsoft Corporation)
    SRV - (PrintNotify) -- C:\Windows\System32\spool\drivers\w32x86\3\PrintConfig.dll (Microsoft Corporation)
    SRV - (CoreMessagingRegistrar) -- C:\Windows\System32\CoreMessaging.dll (Microsoft Corporation)
    SRV - (DiagTrack) -- C:\Windows\System32\diagtrack.dll (Microsoft Corporation)
    SRV - (WSService) -- C:\Windows\System32\WSService.dll (Microsoft Corporation)
    SRV - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
    SRV - (ClipSVC) -- C:\Windows\System32\ClipSVC.dll (Microsoft Corporation)
    SRV - (NcdAutoSetup) -- C:\Windows\System32\NcdAutoSetup.dll (Microsoft Corporation)
    SRV - (MapsBroker) -- C:\Windows\System32\moshost.dll (Microsoft Corporation)
    SRV - (UsoSvc) -- C:\Windows\System32\usocore.dll (Microsoft Corporation)
    SRV - (PhoneSvc) -- C:\Windows\System32\PhoneService.dll (Microsoft Corporation)
    SRV - (CDPSvc) -- C:\Windows\System32\cdpsvc.dll (Microsoft Corporation)
    SRV - (RetailDemo) -- C:\Windows\System32\RDXService.dll (Microsoft Corporation)
    SRV - (wlidsvc) -- C:\Windows\System32\wlidsvc.dll (Microsoft Corporation)
    SRV - (UserDataSvc) -- C:\Windows\System32\UserDataService.dll (Microsoft Corporation)
    SRV - (SensorDataService) -- C:\Windows\System32\SensorDataService.exe (Microsoft Corporation)
    SRV - (DoSvc) -- C:\Windows\System32\dosvc.dll (Microsoft Corporation)
    SRV - (AppXSvc) -- C:\Windows\System32\AppXDeploymentServer.dll (Microsoft Corporation)
    SRV - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
    SRV - (WalletService) -- C:\Windows\System32\WalletService.dll (Microsoft Corporation)
    SRV - (AppReadiness) -- C:\Windows\System32\AppReadiness.dll (Microsoft Corporation)
    SRV - (workfolderssvc) -- C:\Windows\System32\workfolderssvc.dll (Microsoft Corporation)
    SRV - (DeviceAssociationService) -- C:\Windows\System32\das.dll (Microsoft Corporation)
    SRV - (WiaRpc) -- C:\Windows\System32\wiarpc.dll (Microsoft Corporation)
    SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation)
    SRV - (EntAppSvc) -- C:\Windows\System32\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
    SRV - (vmicvss) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmicvmsession) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmictimesync) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmicshutdown) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmicrdv) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmickvpexchange) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmicheartbeat) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (vmicguestinterface) -- C:\Windows\System32\icsvc.dll (Microsoft Corporation)
    SRV - (UserManager) -- C:\Windows\System32\usermgr.dll (Microsoft Corporation)
    SRV - (StateRepository) -- C:\Windows\System32\Windows.StateRepository.dll (Microsoft Corporation)
    SRV - (NetSetupSvc) -- C:\Windows\System32\NetSetupSvc.dll (Microsoft Corporation)
    SRV - (SensorService) -- C:\Windows\System32\SensorService.dll (Microsoft Corporation)
    SRV - (tiledatamodelsvc) -- C:\Windows\System32\tileobjserver.dll (Microsoft Corporation)
    SRV - (tzautoupdate) -- C:\Windows\System32\tzautoupdate.dll (Microsoft Corporation)
    SRV - (icssvc) -- C:\Windows\System32\tetheringservice.dll (Microsoft Corporation)
    SRV - (SystemEventsBroker) -- C:\Windows\System32\SystemEventsBrokerServer.dll (Microsoft Corporation)
    SRV - (DmEnrollmentSvc) -- C:\Windows\System32\Windows.Internal.Management.dll (Microsoft Corporation)
    SRV - (BrokerInfrastructure) -- C:\Windows\System32\bisrv.dll (Microsoft Corporation)
    SRV - (NgcSvc) -- C:\Windows\System32\ngcsvc.dll (Microsoft Corporation)
    SRV - (NgcCtnrSvc) -- C:\Windows\System32\NgcCtnrSvc.dll (Microsoft Corporation)
    SRV - (Wcmsvc) -- C:\Windows\System32\wcmsvc.dll (Microsoft Corporation)
    SRV - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
    SRV - (XblAuthManager) -- C:\Windows\System32\XblAuthManager.dll (Microsoft Corporation)
    SRV - (NcbService) -- C:\Windows\System32\ncbservice.dll (Microsoft Corporation)
    SRV - (DsSvc) -- C:\Windows\System32\dssvc.dll (Microsoft Corporation)
    SRV - (PimIndexMaintenanceSvc) -- C:\Windows\System32\PimIndexMaintenance.dll (Microsoft Corporation)
    SRV - (VaultSvc) -- C:\Windows\System32\vaultsvc.dll (Microsoft Corporation)
    SRV - (UnistoreSvc) -- C:\Windows\System32\Unistore.dll (Microsoft Corporation)
    SRV - (XblGameSave) -- C:\Windows\System32\XblGameSave.dll (Microsoft Corporation)
    SRV - (SmsRouter) -- C:\Windows\System32\SmsRouterSvc.dll (Microsoft Corporation)
    SRV - (AudioEndpointBuilder) -- C:\Windows\System32\AudioEndpointBuilder.dll (Microsoft Corporation)
    SRV - (TimeBroker) -- C:\Windows\System32\TimeBrokerServer.dll (Microsoft Corporation)
    SRV - (XboxNetApiSvc) -- C:\Windows\System32\XboxNetApiSvc.dll (Microsoft Corporation)
    SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation)
    SRV - (igfxCUIService1.0.0.0) -- C:\Windows\System32\igfxCUIService.exe (Intel Corporation)
    SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
    SRV - (NcaSvc) -- C:\Windows\System32\NcaSvc.dll (Microsoft Corporation)
    SRV - (IEEtwCollectorService) -- C:\WINDOWS\System32\IEEtwCollector.exe (Microsoft Corporation)
    SRV - (LSM) -- C:\Windows\System32\lsm.dll (Microsoft Corporation)
    SRV - (WpnService) -- C:\Windows\System32\wpnservice.dll (Microsoft Corporation)
    SRV - (DevQueryBroker) -- C:\Windows\System32\DevQueryBroker.dll (Microsoft Corporation)
    SRV - (lfsvc) -- C:\Windows\System32\lfsvc.dll (Microsoft Corporation)
    SRV - (LicenseManager) -- C:\Windows\System32\LicenseManagerSvc.dll (Microsoft Corporation)
    SRV - (embeddedmode) -- C:\Windows\System32\embeddedmodesvc.dll (Microsoft Corporation)
    SRV - (AJRouter) -- C:\Windows\System32\AJRouter.dll (Microsoft Corporation)
    SRV - (KeyIso) -- C:\Windows\System32\keyiso.dll (Microsoft Corporation)
    SRV - (WEPHOSTSVC) -- C:\Windows\System32\wephostsvc.dll (Microsoft Corporation)
    SRV - (ScDeviceEnum) -- C:\Windows\System32\ScDeviceEnum.dll (Microsoft Corporation)
    SRV - (EFS) -- C:\Windows\System32\efssvc.dll (Microsoft Corporation)
    SRV - (diagnosticshub.standardcollector.service) -- C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
    SRV - (DsmSvc) -- C:\Windows\System32\DeviceSetupManager.dll (Microsoft Corporation)
    SRV - (smphost) -- C:\Windows\System32\smphost.dll (Microsoft Corporation)
    SRV - (OneSyncSvc) -- C:\Windows\System32\APHostService.dll (Microsoft Corporation)
    SRV - (TieringEngineService) -- C:\Windows\System32\TieringEngineService.exe (Microsoft Corporation)
    SRV - (DcpSvc) -- C:\Windows\System32\dcpsvc.dll (Microsoft Corporation)
    SRV - (fhsvc) -- C:\Windows\System32\fhsvc.dll (Microsoft Corporation)
    SRV - (svsvc) -- C:\Windows\System32\svsvc.dll (Microsoft Corporation)
    SRV - (dmwappushservice) -- C:\Windows\System32\dmwappushsvc.dll (Microsoft Corporation)
    SRV - (MessagingService) -- C:\Windows\System32\MessagingService.dll (Microsoft Corporation)
    SRV - (netprofm) -- C:\Windows\System32\netprofmsvc.dll (Microsoft Corporation)
    SRV - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
    SRV - (BthHFSrv) -- C:\Windows\System32\BthHFSrv.dll (Microsoft Corporation)
    SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (ContinuumService) -- C:\Program Files\IntelContinuum\ContinuumService.exe ()
    SRV - (DptfPolicyLpmService) -- C:\Windows\System32\DptfPolicyLpmService.exe (Intel Corporation)
    SRV - (DptfParticipantProcessorService) -- C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation)
    SRV - (DptfPolicyCriticalService) -- C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation)


    ========== Driver Services (SafeList) ==========

    DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys (Malwarebytes)
    DRV - (wdiwifi) -- C:\Windows\System32\drivers\WdiWiFi.sys (Microsoft Corporation)
    DRV - (CLFS) -- C:\Windows\System32\drivers\clfs.sys (Microsoft Corporation)
    DRV - (genericusbfn) -- C:\Windows\System32\drivers\genericusbfn.sys (Microsoft Corporation)
    DRV - (BthAvrcpTg) -- C:\Windows\System32\drivers\BthAvrcpTg.sys (Microsoft Corporation)
    DRV - (aswHdsKe) -- C:\Windows\System32\drivers\aswHdsKe.sys (AVAST Software)
    DRV - (ufxsynopsys) -- C:\Windows\System32\drivers\ufxsynopsys.sys (Microsoft Corporation)
    DRV - (ahcache) -- C:\Windows\System32\drivers\ahcache.sys (Microsoft Corporation)
    DRV - (pdc) -- C:\Windows\System32\drivers\pdc.sys (Microsoft Corporation)
    DRV - (TPM) -- C:\Windows\System32\drivers\tpm.sys (Microsoft Corporation)
    DRV - (Ufx01000) -- C:\Windows\System32\drivers\ufx01000.sys (Microsoft Corporation)
    DRV - (Ndu) -- C:\Windows\System32\drivers\Ndu.sys (Microsoft Corporation)
    DRV - (USBHUB3) -- C:\Windows\System32\drivers\USBHUB3.SYS (Microsoft Corporation)
    DRV - (UcmCx0101) -- C:\Windows\System32\drivers\UcmCx.sys (Microsoft Corporation)
    DRV - (FileCrypt) -- C:\Windows\System32\drivers\filecrypt.sys (Microsoft Corporation)
    DRV - (aswVmm) -- C:\WINDOWS\System32\drivers\aswvmm.sys (AVAST Software)
    DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
    DRV - (aswStm) -- C:\Windows\System32\drivers\aswStm.sys (AVAST Software)
    DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
    DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
    DRV - (aswRvrt) -- C:\WINDOWS\System32\drivers\aswRvrt.sys (AVAST Software)
    DRV - (aswHwid) -- C:\Windows\System32\drivers\aswHwid.sys (AVAST Software)
    DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
    DRV - (aswKbd) -- C:\Windows\System32\drivers\aswKbd.sys (AVAST Software)
    DRV - (USBXHCI) -- C:\Windows\System32\drivers\USBXHCI.SYS (Microsoft Corporation)
    DRV - (xinputhid) -- C:\Windows\System32\drivers\xinputhid.sys (Microsoft Corporation)
    DRV - (BthLEEnum) -- C:\Windows\System32\drivers\BthLEEnum.sys (Microsoft Corporation)
    DRV - (xboxgip) -- C:\Windows\System32\drivers\xboxgip.sys (Microsoft Corporation)
    DRV - (CapImg) -- C:\Windows\System32\drivers\capimg.sys (Microsoft Corporation)
    DRV - (sdstor) -- C:\Windows\System32\drivers\sdstor.sys (Microsoft Corporation)
    DRV - (RtkUart) -- C:\Windows\System32\drivers\RtkUart.sys (Realtek Semiconductor Corporation)
    DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
    DRV - (WpdUpFltr) -- C:\Windows\System32\drivers\WpdUpFltr.sys (Microsoft Corporation)
    DRV - (wpcfltr) -- C:\Windows\System32\drivers\wpcfltr.sys (Microsoft Corporation)
    DRV - (WindowsTrustedRT) -- C:\Windows\System32\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
    DRV - (VerifierExt) -- C:\Windows\System32\drivers\VerifierExt.sys (Microsoft Corporation)
    DRV - (WFPLWFS) -- C:\Windows\System32\drivers\wfplwfs.sys (Microsoft Corporation)
    DRV - (storqosflt) -- C:\Windows\System32\drivers\storqosflt.sys (Microsoft Corporation)
    DRV - (condrv) -- C:\Windows\System32\drivers\condrv.sys (Microsoft Corporation)
    DRV - (IoQos) -- C:\Windows\System32\drivers\ioqos.sys (Microsoft Corporation)
    DRV - (MMCSS) -- C:\Windows\System32\drivers\mmcss.sys (Microsoft Corporation)
    DRV - (cnghwassist) -- C:\Windows\System32\drivers\cnghwassist.sys (Microsoft Corporation)
    DRV - (SpbCx) -- C:\Windows\System32\drivers\SpbCx.sys (Microsoft Corporation)
    DRV - (UrsCx01000) -- C:\Windows\System32\drivers\urscx01000.sys (Microsoft Corporation)
    DRV - (GPIOClx0101) -- C:\Windows\System32\drivers\msgpioclx.sys (Microsoft Corporation)
    DRV - (SerCx2) -- C:\Windows\System32\drivers\SerCx2.sys (Microsoft Corporation)
    DRV - (EhStorClass) -- C:\Windows\System32\drivers\EhStorClass.sys (Microsoft Corporation)
    DRV - (SerCx) -- C:\Windows\System32\drivers\SerCx.sys (Microsoft Corporation)
    DRV - (mshidumdf) -- C:\Windows\System32\drivers\mshidumdf.sys (Microsoft Corporation)
    DRV - (GpuEnergyDrv) -- C:\Windows\System32\drivers\gpuenergydrv.sys (Microsoft Corporation)
    DRV - (dam) -- C:\Windows\System32\drivers\dam.sys (Microsoft Corporation)
    DRV - (Wof) -- C:\WINDOWS\System32\drivers\wof.sys (Microsoft Corporation)
    DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
    DRV - (NdisImPlatform) -- C:\Windows\System32\drivers\NdisImPlatform.sys (Microsoft Corporation)
    DRV - (MsLldp) -- C:\Windows\System32\drivers\mslldp.sys (Microsoft Corporation)
    DRV - (NdisVirtualBus) -- C:\Windows\System32\drivers\NdisVirtualBus.sys (Microsoft Corporation)
    DRV - (WdFilter) -- C:\Windows\System32\drivers\WdFilter.sys (Microsoft Corporation)
    DRV - (WdNisDrv) -- C:\Windows\System32\drivers\WdNisDrv.sys (Microsoft Corporation)
    DRV - (WdBoot) -- C:\Windows\System32\drivers\WdBoot.sys (Microsoft Corporation)
    DRV - (Ucx01000) -- C:\Windows\System32\drivers\Ucx01000.sys (Microsoft Corporation)
    DRV - (acpiex) -- C:\Windows\System32\drivers\acpiex.sys (Microsoft Corporation)
    DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV - (UdeCx) -- C:\Windows\System32\drivers\Udecx.sys (Microsoft Corporation)
    DRV - (vhf) -- C:\Windows\System32\drivers\vhf.sys (Microsoft Corporation)
    DRV - (msgpiowin32) -- C:\Windows\System32\drivers\msgpiowin32.sys (Microsoft Corporation)
    DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV - (UrsSynopsys) -- C:\Windows\System32\drivers\urssynopsys.sys (Microsoft Corporation)
    DRV - (UrsChipidea) -- C:\Windows\System32\drivers\urschipidea.sys (Microsoft Corporation)
    DRV - (npsvctrig) -- C:\Windows\System32\drivers\npsvctrig.sys (Microsoft Corporation)
    DRV - (WindowsTrustedRTProxy) -- C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
    DRV - (ADP80XX) -- C:\Windows\System32\drivers\adp80xx.sys (PMC-Sierra)
    DRV - (iaStorAV) -- C:\Windows\System32\drivers\iaStorAV.sys (Intel Corporation)
    DRV - (spaceport) -- C:\Windows\System32\drivers\spaceport.sys (Microsoft Corporation)
    DRV - (VSTXRAID) -- C:\Windows\System32\drivers\VSTXRAID.SYS (VIA Corporation)
    DRV - (storahci) -- C:\Windows\System32\drivers\storahci.sys (Microsoft Corporation)
    DRV - (LSI_SAS2i) -- C:\Windows\System32\drivers\lsi_sas2i.sys (LSI Corporation)
    DRV - (3ware) -- C:\Windows\System32\drivers\3ware.sys (LSI)
    DRV - (LSI_SAS3i) -- C:\Windows\System32\drivers\lsi_sas3i.sys (Avago Technologies)
    DRV - (UfxChipidea) -- C:\Windows\System32\drivers\UfxChipidea.sys (Microsoft Corporation)
    DRV - (LSI_SSS) -- C:\Windows\System32\drivers\lsi_sss.sys (LSI Corporation)
    DRV - (stornvme) -- C:\Windows\System32\drivers\stornvme.sys (Microsoft Corporation)
    DRV - (UASPStor) -- C:\Windows\System32\drivers\uaspstor.sys (Microsoft Corporation)
    DRV - (mvumis) -- C:\Windows\System32\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
    DRV - (percsas3i) -- C:\Windows\System32\drivers\percsas3i.sys (Avago Technologies)
    DRV - (percsas2i) -- C:\Windows\System32\drivers\percsas2i.sys (LSI Corporation)
    DRV - (BasicDisplay) -- C:\Windows\System32\drivers\BasicDisplay.sys (Microsoft Corporation)
    DRV - (hidinterrupt) -- C:\Windows\System32\drivers\hidinterrupt.sys (Microsoft Corporation)
    DRV - (UcmUcsi) -- C:\Windows\System32\drivers\UcmUcsi.sys (Microsoft Corporation)
    DRV - (BasicRender) -- C:\Windows\System32\drivers\BasicRender.sys (Microsoft Corporation)
    DRV - (storufs) -- C:\Windows\System32\drivers\storufs.sys (Microsoft Corporation)
    DRV - (buttonconverter) -- C:\Windows\System32\drivers\buttonconverter.sys (Microsoft Corporation)
    DRV - (UEFI) -- C:\Windows\System32\drivers\uefi.sys (Microsoft Corporation)
    DRV - (kdnic) -- C:\Windows\System32\drivers\kdnic.sys (Microsoft Corporation)
    DRV - (acpitime) -- C:\Windows\System32\drivers\acpitime.sys (Microsoft Corporation)
    DRV - (acpipagr) -- C:\Windows\System32\drivers\acpipagr.sys (Microsoft Corporation)
    DRV - (bcmfn2) -- C:\Windows\System32\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
    DRV - (bcmfn) -- C:\Windows\System32\drivers\bcmfn.sys (Windows (R) Win 7 DDK provider)
    DRV - (WINUSB) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
    DRV - (EhStorTcgDrv) -- C:\Windows\System32\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
    DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
    DRV - (iai2c) -- C:\Windows\System32\drivers\iai2c.sys (Intel(R) Corporation)
    DRV - (BthHFEnum) -- C:\Windows\System32\drivers\bthhfenum.sys (Microsoft Corporation)
    DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
    DRV - (intelpep) -- C:\Windows\System32\drivers\intelpep.sys (Microsoft Corporation)
    DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
    DRV - (hidi2c) -- C:\Windows\System32\drivers\hidi2c.sys (Microsoft Corporation)
    DRV - (CompositeBus) -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_x86_dd1d60cd48926252\CompositeBus.sys (Microsoft Corporation)
    DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
    DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
    DRV - (BthMini) -- C:\Windows\System32\drivers\BthMini.SYS (Microsoft Corporation)
    DRV - (bthhfhid) -- C:\Windows\System32\drivers\BthhfHid.sys (Microsoft Corporation)
    DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
    DRV - (hyperkbd) -- C:\Windows\System32\drivers\hyperkbd.sys (Microsoft Corporation)
    DRV - (gencounter) -- C:\Windows\System32\drivers\vmgencounter.sys (Microsoft Corporation)
    DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
    DRV - (RtlWlans) -- C:\Windows\System32\drivers\rtwlans.sys (Realtek Semiconductor Corporation )
    DRV - (iwdbus) -- C:\Windows\System32\drivers\iwdbus.sys (Intel Corporation)
    DRV - (IntelBatteryManagement) -- C:\Windows\System32\drivers\IntelBatteryManagement.sys ()
    DRV - (DptfManager) -- C:\Windows\System32\drivers\DptfManager.sys (Intel Corporation)
    DRV - (DptfDevProc) -- C:\Windows\System32\drivers\DptfDevProc.sys (Intel Corporation)
    DRV - (DptfDevAmbient) -- C:\Windows\System32\drivers\DptfDevAmbient.sys (Intel Corporation)
    DRV - (DptfDevGen) -- C:\Windows\System32\drivers\DptfDevGen.sys (Intel Corporation)
    DRV - (DptfDevDisplay) -- C:\Windows\System32\drivers\DptfDevDisplay.sys (Intel Corporation)
    DRV - (DptfDevDBPT) -- C:\Windows\System32\drivers\DptfDevPower.sys (Intel Corporation)
    DRV - (iaioi2c) -- C:\Windows\System32\drivers\iaioi2ce.sys (Intel Corporation)
    DRV - (PMIC) -- C:\Windows\System32\drivers\PMIC.sys (Intel Corporation)
    DRV - (MBI) -- C:\Windows\System32\drivers\MBI.sys (Intel Corporation)
    DRV - (IntelSST) -- C:\Windows\System32\drivers\isstrtc.sys (Intel(R) Corporation)
    DRV - (rtii2sac) -- C:\Windows\System32\drivers\rtii2sac.sys (Realtek Semiconductor Corp.)
    DRV - (GpioVirtual) -- C:\Windows\System32\drivers\iaiogpiovirtual.sys (Intel Corporation)
    DRV - (iaiouart) -- C:\Windows\System32\drivers\iaiouart.sys (Intel Corporation)
    DRV - (GPIO) -- C:\Windows\System32\drivers\iaiogpioe.sys (Intel Corporation)
    DRV - (TXEI) -- C:\Windows\System32\drivers\TXEI.sys (Intel Corporation)
    DRV - (ov2680) -- C:\Windows\System32\drivers\ov2680.sys (Intel Corporation)
    DRV - (camera) -- C:\Windows\System32\drivers\camera.sys (Intel Corporation)
    DRV - (SileadTouch) -- C:\Windows\System32\drivers\SileadTouch.sys ()


    ========== Standard Registry (SafeList) ==========
     
  6. ANNR

    ANNR Active Member

    Messages:
    1,166
    this is all i can post. it tells me i have been blocked and i cant submit more log

    i attached the log file
     

    Attached Files:

    • OTL.Txt
      File size:
      89.3 KB
      Views:
      3
  7. johnb35

    johnb35 Administrator Staff Member

    Messages:
    41,805
  8. Agent Smith

    Agent Smith Well-Known Member

    Messages:
    3,324
    Just to add my input. Try HerdProtect portable and Freefixer. But when you use Freefixer, be sure to look up each module so you know what it is and if it's safe to remove. There is a link you can click for each module listed.

    Finally, consider using Sandboxie for your browser and Bitdefender Free or Immunet. Sandboxie will help prevent polymorphic viruses from touching your computer. Where Bitdefender Free and Immunet are great for definition-based malware. They won't stop ransomware which in of its self polymorphic.
     
  9. ANNR

    ANNR Active Member

    Messages:
    1,166
    C:\qycache <--- this is the virus Adwcleaner find everytime. after it is deleted, everything goes back to normal. However after few days. the virus is back again.
     
  10. johnb35

    johnb35 Administrator Staff Member

    Messages:
    41,805
    That comes from chinese software used to play videos and other entertainment, quit downloading and installing crappy software. You really need to get malwarebytes to run and scan your system.
     

Share This Page