Tweet
It’s bad that I didn’t even see the next insturctions, I thought we were done, doing everything you requested now.
-
-
Security Check Scan
SecurityCheck by glax24 & Severnyj v.1.4.0.51 [13.06.17]
WebSite: www.safezone.cc
DateLog: 22.06.2017 14:58:18
Path starting: C:\Users\Allan\AppData\Local\Temp\SecurityCheck\Se curityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: Allan
VersionXML: 4.39is-20.06.2017
Windows 10(6.3.15063) (x64) Core Release: 1703 Lang: English(0409)
Installation date OS: 18.06.2017 04:49:22
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [931 Gb] Used: [224 Gb] Free: [707 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.413.15063.0
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------- [ HotFix ] --------------------------------
HotFix KB4016871 Warning! Download Update
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.17.4.2294
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
--------------------------- [ OtherUtilities ] ----------------------------
7-Zip 16.04 v.16.04
OpenOffice 4.1.1 v.4.11.9775 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 131 v.8.0.1310.11
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 26 NPAPI v.26.0.0.131
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 53.0.3 (x86 en-US) v.53.0.3 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.53.0.3.6347
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.17.4.3482.0
aswbIDSAgent (aswbIDSAgent) - The service is running
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.17.4.3482.0
MBAMService (MBAMService) - The service has stopped
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.11.15063.0
Windows Defender Antivirus Service (WinDefend) - The service has stopped
Windows Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Windows Font Cache Service (FontCache) - The service is running
----------------------------- [ End of Log ] ------------------------------
Adware Removal Tool
The programme found 0 items, and told me to click the button to finish, I clicked it anticipating a log, but nothing showed up.
9-Lab Removal Tool
I downloaded the program, I ran the program, I updated, then rebooted. 9-Lab said it was up to date but couldn’t “connect to database”. I’ve attached an image to show you the error screen I’m getting. I downloaded the 64-bit version (as that’s what it tells me in the properties of “this PC”), and I can’t fathom what I’ve done wrong, I’ve uninstalled and re-installed the program followed the same steps and yet I get the same error pop-up. Anti-virus has been off throughout my problems.
Zemana
This scan took forever, been sat waiting to post for over 2 hours lol.
Zemana AntiMalware 2.74.2.76 (Installed)
Scan Result : Completed
Scan Date : 2017/6/22
Operating System : Windows 10 64-bit
Processor : 4X AMD FX™-4100 Quad-Core Processor
BIOS Mode : Legacy
CUID : 12A3BFC942EDD02A46501E
Scan Type : Custom Scan
Duration : 171m 9s
Scanned Objects : 446772
Detected Objects : 0
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
[HEADING=1]Detected Objects[/HEADING]
No threats detectedComment
-
No worries, this tool will sometimes not run on some machines for whatever reason.Originally posted by Allan.T
Make sure and update these programs, listed by Security Check
HotFix KB4016871 Warning! Download Update
OpenOffice 4.1.1 v.4.11.9775 Warning! Download Update
Mozilla Firefox 53.0.3 (x86 en-US) v.53.0.3 Warning! Download Update
Can you please post a fresh Hijack this log for me to review.
Then Tweak some services to boost performance a bit more.
Download easy service optmizer, save it to your desktop and unzip it there. Right click it and run as admin, then select Tweaked at the bottom. Then click on the rocket, this will turn off a lot of useless items.
https://i.imgur.com/tnkjYlk.png
You will however need to change one setting. Right Click on Wlansvc — WLAN AutoConfig, then select start service, the edit service. Make sure it is automatic across the board, as per the picture.
[MEDIA=imgur]PO7tPc7[/MEDIA]
Clean your machine With Privazer
Then defrag it with Toolwhiz Defrag
Now reboot your machine and let me know how things are running.Comment
-
Hijack This
Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24
Platform: x64 Windows 10 (Home), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
Time: 23.06.2017 - 16:21
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x809)
Elevated: Yes
Ran by: Allan (group: Administrator) on PROTOTYPE
Firefox: 54.0.0.6368
Edge: 11.0.15063.332
Internet Explorer: 11.0.15063.0
Boot mode: Normal
Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
1 C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
1 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
3 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
2 C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
1 C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x 64__kzf8qxf38zg5c\SkypeHost.exe
1 C:\Users\Allan\Desktop\MemCompression
1 C:\Users\Allan\Desktop\System Tools\HiJackThis.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\TiltWheelMouse.exe
1 C:\Windows\System32\ViakaraokeSrv.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\mqsvc.exe
1 C:\Windows\System32\msiexec.exe
2 C:\Windows\System32\nvvsvc.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
64 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw 5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2t xyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66} - Google - Google {searchTerms}
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - Google - Google {searchTerms}&sourceid=ie7&rls=com.microsoft:{lang uage}:{referrer:source}&ie={inputEncoding?}&oe={ou tputEncoding?}
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
O2-32 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2-32 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2-32 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKCU..\StartupApproved\Run: [CCleaner] (2017/06/18)C:\Program Files\CCleaner\CCleaner64.exe /AUTO
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2017/06/18)C:\Users\Allan\AppData\Local\Microsoft\OneDrive \OneDrive.exe /background
O4 - HKCU..\StartupApproved\Run: [Steam] (2017/06/18)C:\Program Files (x86)\Steam\Steam.exe -silent
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized
O4 - HKLM..\StartupApproved\Run: [HDAudDeck] (2017/06/18)C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM..\StartupApproved\Run: [MouseDriver] C:\WINDOWS\system32\TiltWheelMouse.exe
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O17 - DHCP DNS - 1: 192.168.1.1
O21 - ShellIconOverlayIdentifiers: AccExtIco1 - {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - ShellIconOverlayIdentifiers: AccExtIco2 - {853B7E05-C47D-4985-909A-D0DC5C6D7303} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - ShellIconOverlayIdentifiers: AccExtIco3 - {42D38F2E-98E9-4382-B546-E24E4D6D04BB} - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
O21 - ShellIconOverlayIdentifiers: 00asw - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll
O21 - ShellIconOverlayIdentifiers: 00avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll
O22 - Task (Disabled): CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
O22 - Task (Disabled): NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
O22 - Task (Disabled): \Microsoft\Windows\Media Center\PeriodicScanRetry - C:\WINDOWS\ehome\MCUpdate.exe -pscn 0 (file missing)
O22 - Task (Disabled): \Microsoft\Windows\Media Center\RecordingRestart - C:\WINDOWS\ehome\ehrec /RestartRecording (file missing)
O22 - Task (Disabled): \Microsoft\Windows\Shell\WindowsParentalControls - {DFA14C43-F385-4170-99CC-1B7765FA0E4A} - C:\Windows\SysWOW64\wpcumi.dll (file missing)
O22 - Task (Disabled): \Microsoft\Windows\Shell\WindowsParentalControlsMi gration - {343D770D-7788-47C2-B62A-B7C4CED925CB} - C:\Windows\SysWOW64\wpcmig.dll (file missing)
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
O22 - Task (Ready): Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task (Ready): Microsoft_Hardware_Launch_ipoint_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O22 - Task (Ready): Microsoft_Hardware_Launch_itype_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O22 - Task (Ready): Microsoft_Hardware_Launch_mousekeyboardcenter_exe - c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
O22 - Task (Ready): \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
O22 - Task (Ready): \Microsoft\Windows Defender\MpIdleTask - c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegi strationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterD eviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellula r - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Ar g4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Media Center\ActivateWindowsSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoActivateWindowsSearch (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -MediaCenterRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -ObjectStoreRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrSchedule (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -SqlLiteRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\RAC\RacTask - {42060D27-CA53-41F5-96E4-B1E8169308A6},$(Arg0) - C:\WINDOWS\system32\RacEngn.dll
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcqui sition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\Tcpip\IpAddressConflict1 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
O22 - Task (Ready): \Microsoft\Windows\Tcpip\IpAddressConflict2 - C:\WINDOWS\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Running): Microsoft_MKC_Logon_Task_ipoint.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
O22 - Task (Running): Microsoft_MKC_Logon_Task_itype.exe - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
O23 - Service R2: @oem34.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service - (VIAKaraokeService) - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: NVIDIA Display Driver Service - (nvsvc) - C:\WINDOWS\system32\nvvsvc.exe
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service R2: ZAM Controller Service - (ZAMSvc) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service S2: MBAMService - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service S2: Origin Web Helper Service - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Internet Explorer ETW Collector Service - (IEEtwCollectorService) - C:\Windows\system32\IEEtwCollector.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service S3: Origin Client Service - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
–
End of file - Time spent: 29 sec. - 30736 bytes, CRC32: FFFFFFFF. Sign: 垢䰡
I’ve done all you asked, rebooted the machine and it seems a little quicker to load everything, tried out a few games (may have got carried away and spent a bit more time than I was meant to . All Seems well, running smoother on some games!Comment
-
Hijack This Fix.
Start HijackThis , Right Click Run as Admin.
Close all other open programs prior to running this tool!!
Click System Scan Only.
Then check mark the items listed below.
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2017/06/18)C:\Users\Allan\AppData\Local\Microsoft\OneDrive \OneDrive.exe /background
O4 - HKLM..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O22 - Task (Ready): \Microsoft\Windows Defender\MpIdleTask - c:\program files\windows defender\MpCmdRun.exe -IdleTask -TaskName MpIdleTask
O22 - Task (Ready): \Microsoft\Windows\Media Center\ConfigureInternetTimeService - C:\WINDOWS\ehome\ehPrivJob.exe /DoConfigureInternetTimeService (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\DispatchRecoveryTasks - C:\WINDOWS\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\InstallPlayReady - C:\WINDOWS\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\MediaCenterRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -MediaCenterRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURActivate - C:\WINDOWS\ehome\ehPrivJob.exe /OCURActivate (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\OCURDiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -ObjectStoreRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscovery - C:\WINDOWS\ehome\ehPrivJob.exe /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW1 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PBDADiscoveryW2 - C:\WINDOWS\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\PvrScheduleTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -PvrSchedule (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\RegisterSearch - C:\WINDOWS\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ReindexSearchRoot - C:\WINDOWS\ehome\ehPrivJob.exe /DoReindexSearchRoot (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\SqlLiteRecoveryTask - C:\WINDOWS\ehome\mcupdate.exe - (no file) -SqlLiteRecoveryTask (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\UpdateRecordPath - C:\WINDOWS\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\ehDRMInit - C:\WINDOWS\ehome\ehPrivJob.exe /DRMInit (file missing)
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate - C:\WINDOWS\ehome\mcupdate $(Arg0) (file missing)
O23 - Service R2: AdobeUpdateService - C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
O23 - Service R2: Windows Defender Security Center Service - (SecurityHealthService) - C:\WINDOWS\system32\SecurityHealthService.exe
O23 - Service S3: Mozilla Maintenance Service - (MozillaMaintenance) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
Now click on fix checked.
After the fix is complete, then reboot your machine.
Your machine is clean…
Glad to have helped!! Please tell a friend … or two about us. https://forum.windowsinstructed.com/...cons/smile.png
Optimize your internet connection.
Click here for instructions.
suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.
Also, keep your browsing private with these tools:
Self Destructing Cookies.
Self Destructing Cookies Chrome.
Some items to keep you safe on the internet.
VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck To update plugins.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.
Now Lets Clean up the tools we used and remove old restore points.
Downloads - DelFix - Download Now - ToolsLib’]
Download DelFix by “Xplode” to your Desktop.[/URL]
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:
Remove disinfection tools
Create registry backup
Purge System Restore
Now click on “Run” button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txtComment
-
Forgot to mention again, I never got the addition.txt from FRST, if you wish then post it. ( You posted two FRST logs instead of one FRST and one Addition) I do see some redundant files that need to be removed in your FRST, not malware just some trash that could be cleaned…If you are happy with the way the machine is running, then no need…
For windows 10 privacy, I suggest this tool.
O&O Shut Up TenComment
Comment