Password reset and notification emails are now sending correctly.
If you recently requested a password reset, please check your inbox (and spam folder just in case).
You can now reset your password and log in as normal.
Welcome back to PCHF, and thank you for your patience during our migration process!
— The PCHF Team
Welcome to PC Help Forum!
You’re viewing our community as a guest.
That means you can browse posts, but can’t yet reply or start new topics.
Join us today — it's completely free!
As a member, you'll be able to:
✅ Get personalized tech support from trusted volunteers
🦠 Work one-on-one with our Malware Removal Specialists
Hello,
My default browser(GOOGLE CHROME) opens up automatically and repeatedly and it also happens with other browsers. I can’t do another work peacefully because browser opens up too many new tabs again and again… Please help me…
If you receive any security warnings, or the User Account Control warning opens at any time whilst using FRST you can safely allow FRST to proceed.
Frst will open with two dialogue boxes, accept the disclaimer.
Frst will take a few minutes to scan your computer, and when finished will produce two log files on your desktop, FRST.txt, and Addition.txt. They will display immediately on the desktop, but can be reopened later as a notepad file.
Thanks for your quick reply…
These are those two logs-
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2017
Ran by Avik (administrator) on DESKTOP-CE5TDPD (07-09-2017 02:44:01)
Running from E:\SOFTWARS\Antivirus
Loaded Profiles: Avik (Available Profiles: Avik)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-30 01:38
==================== End of FRST.txt ============================
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2017
Ran by Avik (07-09-2017 03:24:02)
Running from E:\SOFTWARS\Antivirus
Windows 10 Pro (X64) (2017-08-29 20:12:48)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Quick Heal Total Security (Enabled - Up to date) {0F4D060D-5F75-6E6C-0E6D-3DE7271FA74E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
AS: Quick Heal Total Security (Enabled - Up to date) {B42CE7E9-794F-61E2-34DD-06955C98EDF3}
FW: Quick Heal Firewall (Enabled) {37768728-151A-6F34-2532-94D2D9CCE035}
==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (09/07/2017 03:23:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.
Error: (09/07/2017 03:23:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.
Error: (09/07/2017 03:22:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.
Error: (09/07/2017 03:22:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.
Error: (09/07/2017 03:21:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.
Error: (09/07/2017 03:21:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.
Error: (09/07/2017 03:20:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.
Error: (09/07/2017 03:20:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.
Error: (09/07/2017 03:19:57 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:57Z. Error Code: 0x80041318.
Error: (09/07/2017 03:19:27 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2017-09-30T18:28:27Z. Error Code: 0x80041318.
[HEADING=1]System errors:[/HEADING]
Error: (09/07/2017 02:36:59 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Core Browsing Protection service has reported an invalid current state 32.
Error: (09/07/2017 02:36:47 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (09/07/2017 02:36:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Google Update Service (gupdate) service terminated unexpectedly. It has done this 1 time(s).
Error: (09/07/2017 02:15:55 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the NVIDIA Display Container LS service, but this action failed with the following error:
An instance of the service is already running.
Error: (09/07/2017 02:15:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (09/07/2017 02:15:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (09/07/2017 01:06:17 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error:
Access is denied.
Error: (09/07/2017 12:25:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service.
Error: (09/07/2017 12:25:03 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The Core Browsing Protection service has reported an invalid current state 32.
Error: (09/07/2017 12:24:48 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
==================== Memory info ===========================
Processor: Intel(R) Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 60%
Total physical RAM: 4060.05 MB
Available physical RAM: 1623.73 MB
Total Virtual: 5724.05 MB
Available Virtual: 2589.32 MB
Have you tried cleaning the system prior to seeking our assistance?
We will need a log from AdwCleaner for further information.
Please download a copy of AdwCleaner from HERE, it is important to download it to your desktop.
Once downloaded to the desktop AdwCleaner will create an icon https://pchelpforum.net/attachments/...160702-jpg.828
Should you receive any security warnings or your User Account Control warning appears whilst you are using this application you can safely allow AdwCleaner to continue.
Before running AdwCleaner please ensure all other programs and browsers are closed, then double left click the icon to open it.
AdwCleaner will open, click the scan button to start searching.
The scan may take some time to complete, and when it has any malware found will be automatically selected for quarantining. Click the “Cleaning” button.
After a few seconds a message should tell you your computer will now reboot. Allow the reboot.
When the computer restarts a log file will be displayed, but if its closed for any reason before copying the contents, you will find a copy of the file if you navigate to C:\AdwCleaner[s#].txt
In many cases P2P programs also represent a risk of infection from the program itself, as some have installed adware/spyware, or other programs without consent. Even if the program itself is clean, many P2P networks are riddled with malware, and it’s often the newest, most difficult to remove malware. There are many risks associated with P2P programs, none are worth the risks. If you don’t uninstall the P2P software, we will continue to clean your system, but realize that it’s likely only a matter of time before you are infected again.
I tried to clean before with JRT but it continues. JRT and adwcleaner generated log files-
[HEADING=1]AdwCleaner 7.0.2.1 - Logfile created on Wed Sep 06 22:06:40 2017[/HEADING]
[HEADING=1]Updated on 2017/29/08 by Malwarebytes[/HEADING]
[HEADING=1]Database: 08-29-2017.2[/HEADING]
[HEADING=1]Running on Windows 10 Pro (X64)[/HEADING]
[HEADING=1]Mode: scan[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries.
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
Code:
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by Avik (Administrator) on Fri 09/01/2017 at 18:20:24.89
Disable your antivirus prior to this scan. Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (XP Users double click)
Copy and paste the items in red below and paste them into Zoek.
Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.
Download attached fixlist.txt file and save it to the Desktop. NOTE. It’s important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system. Run FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Hello sir, when I tried to hit RUN SCRIPT option an error called PEVZ.EXE - Application Error appeared and it contains “The application was unable to start correctly (0xc0000142). Click OK to close the application.”
Disable your anti-virus(es) and redownload Zoek and try again
Please download Geek Uninstaller and uninstall the following programs:
Quick Heal Total Security → No need to have 2 anti-viruses
WinRAR 5.30 beta 6 → Latest version is 5.50
We process personal data about users of our site, through the use of cookies and other technologies, to deliver our services, personalize advertising, and to analyze site activity. We may share certain information about our users with our advertising and analytics partners. For additional details, refer to our Privacy Policy.
By clicking "I AGREE" below, you agree to our Privacy Policy and our personal data processing and cookie practices as described therein. You also acknowledge that this forum may be hosted outside your country and you consent to the collection, storage, and processing of your data in the country where this forum is hosted.
Tweet
Comment