Port 65000

[HEADING=1]AdwCleaner v6.043 - Logfile created 25/02/2017 at 18:40:08[/HEADING]
[HEADING=1]Updated on 27/01/2017 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-01-06.1 [Local][/HEADING]
[HEADING=1]Operating System : Windows 10 Pro (X64)[/HEADING]
[HEADING=1]Username : Lynn - WHITEFALCON-Z17[/HEADING]
[HEADING=1]Running from : C:\Users\Lynn\Desktop\adwcleaner_6.043.exe[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]Support : Malwarebytes Help Center[/HEADING]
***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

---

:: “Tracing” keys deleted
:: Winsock settings cleared
:: “Prefetch” files deleted
:: Proxy settings cleared
:: Firewall rules cleared

---

Not sure the Autologger scan is functioning correctly. It opens up a program window and then tells me to check my computer date. Cant find any zip file to upload either. but there was a log file

script ver. 2017.02.14
DefaultLanguage = 0409
Autologger’s localization was made in English.
Log collection started at 2017.02.25-18:43:21
C:\Users\Lynn\Desktop\AutoLogger\AutoLogger
C:\Users\Lynn\AppData\Local\Temp
AutoLogger has been run with local Administrator rights.
Elevation of privileges of rights is successful.
This is not a Server System.
Last update was on = 2017.02.26
Current date is = 2017.02.25
Please, check your system date. It’s set to 2017.02.25

AVZ Toolkit opens up and then stops with a pop up window telling me to check my computer date.

Under the Context tab in CCCleaner there are certain items that I dont have the authority to disable. is that normal? Should I be concerned with any of those items? What are those items anyways?

Thanks

Are you saying that nvcontainer.exe is using port 65000 - which is the same port used by Devil v1.03, Stacheldracht ?

What makes you think you have this trojan? Nothing indicates that in your logs. Advance your system time to match that of the AVZ tool, so it will run and I can see your logs.
Nvidia is the program using these ports…
Perhaps, what do you not have the ability to disable?

If the autologger fails to run after you change the date and time on your machine then please run the following tool…

Download uVS English Version To your desktop
Create a new folder on desktop.
Unzip it there.
Right click Start [MEDIA=imgur]L8goZMW[/MEDIA] and run as admin.
Select start under current User.
[MEDIA=imgur]4XlNKga[/MEDIA]
Then Select File. [MEDIA=imgur]iDTfLbb[/MEDIA]
The Select: Save Os Image with Checking digitial Signature (Slow)
[MEDIA=imgur]CRn1knJ[/MEDIA]
Allow completion this can take some time.
Then go back to the folder where you Saved – Unzipped – UVS
Upload your system image. Here in your next reply.
It will look something similar to this.
[MEDIA=imgur]tBCHqxH[/MEDIA]

The reason I think I have a Trojan is because a couple of months ago I was on doteasy.com managing my website and browsing around the features they have to offer and I was attacked and my computer crashed. After that my system seemed slow and windows began to not function correctly - files were missing - I no longer had permissions that I did before. I reinstalled windows about a month or so ago. Maybe I am just paranoid.

Log is ready for your review.

Here is a text version of what is under the “context” tab in CCCleaner. I cannot disable the powershell entries
Yes Directory GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
Yes Directory Open Powershell window here powershell.exe -noexit -command Set-Location ‘%V’
Yes Drive ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security Premium\shellExt.dll
Yes Drive Open Powershell window here powershell.exe -noexit -command Set-Location ‘%V’
Yes File AccExt C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
Yes File Adobe.Acrobat.ContextMenu Adobe Systems Inc. C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll
Yes File ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security Premium\shellExt.dll
Yes File GDContextMenu Google C:\Program Files (x86)\Google\Drive\contextmenu64.dll
Yes File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
Yes Folder AccExt C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
Yes Folder Adobe.Acrobat.ContextMenu Adobe Systems Inc. C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll
Yes Folder ESET Smart Security - Context Menu Shell Extension ESET C:\Program Files\ESET\ESET Smart Security Premium\shellExt.dll

There is no malware on your machine, you can block any program you wish from connecting to the internet with this tool or this one.
As far as you not being able to disable certain things, windows protects vital items from being disabled deleted.
If most users had full control over their system and deleted this or disabled that, then you would end up with an unstable OS.
Your machine is clean, I’d use my credit card on it without worrying about it being stolen.

Take control over Windows x with these tools.

Download Windows 10 Toggle Tweaker - MajorGeeks

Glad to have helped!! Please tell a friend … or two about us. https://forum.windowsinstructed.com/...cons/smile.png

Optimize your internet connection.

Click here for instructions.

suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.

Also, keep your browsing private with these tools:

Self Destructing Cookies.
Self Destructing Cookies Chrome.

Some items to keep you safe on the internet.

VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck To update plugins.
Web Of Trust To Avoid Shady Websites.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.

Now Lets Clean up the tools we used and remove old restore points.

Download DelFix by “Xplode” to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:

Remove disinfection tools
Create registry backup
Purge System Restore

Now click on “Run” button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt

bad link for delfix

thanks for your help

Fixed.