Tweet
I have a Asus laptop that is about 5 years old. One day I turn it on and it wasn’t connected to the internet even though it was the day before. It simply says “No connections are available” even though there are. I try restarting the computer and even a system restore point but that didn’t fix the problem. Everything seems to be in order in the drivers. I couldn’t really find any solutions on the internet.
-
-
Are you able to connect the machine via an ethernet cable? -
The Ethernet cable does workOriginally posted by MalnutritionComment
-
Please run these programs with the ethernet cord attached.
Step 1:
Security Check Scan.
[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
[ul]
[li]Close all open programs and internet browsers.[/li][li]Right Click on adwcleaner.exe and run as admin to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]
HijackThis.
1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
Then, can you run the following program with and without the ethernet cable attached please.
Please download MINITOOLBOX and run it.
Checkmark following boxes:
Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)
Click Go post the result.Comment
-
Also, provide a screenshot of your device manager.
How to use the Snipping Tool Click Here
Use Windows+R hotkeys to open Run dialog box, type the command of devmgmt.msc and click OK.Comment
-
If you have any questions about the process please let me know. I will be glad to walk you through anything you have an issue with .Comment
-
[COLOR=rgb(184, 49, 47)]MiniToolBox by Farbar Version: 17-06-2016
Ran by Pavel (administrator) on 14-06-2019 at 23:06:44
Running from “C:\Users\Pavel\Desktop”
Microsoft Windows 8.1 Pro (X64)
Model: G46VW Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
“Reset IE Proxy Settings”: IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
[HEADING=1]----------------------------------[/HEADING]
[HEADING=1]IPv4 Configuration[/HEADING]
[HEADING=1]----------------------------------[/HEADING]
pushd interface ipv4
reset
set global icmpredirects=enabled
set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Wi-Fi” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 3” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 13” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Bluetooth Network Connection” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
[HEADING=1]End of IPv4 configuration[/HEADING]
Windows IP Configuration
Host Name . . . . . . . . . . . . : ASUSGAMING
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
Physical Address. . . . . . . . . : 08-60-6E-1E-E5-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 60-36-DD-8F-DC-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host yahoo.com. Please check the name and try again.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
[HEADING=1]Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
[HEADING=1]Interface List
20…08 60 6e 1e e5 06 …Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
17…60 36 dd 8f dc 15 …Bluetooth Device (Personal Area Network)
1…Software Loopback Interface 1[/HEADING]
[HEADING=1]IPv4 Route Table[/HEADING]
[HEADING=1]Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306[/HEADING]
Persistent Routes:
None
[HEADING=1]IPv6 Route Table[/HEADING]
[HEADING=1]Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link[/HEADING]
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib) (User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Tim erEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1872) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU0399F.log.
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
[HEADING=1]System errors:[/HEADING]
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Update Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Service Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:55:35 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The QMEmulatorService service terminated unexpectedly. It has done this 1 time(s).
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]Microsoft Office Sessions:[/HEADING]
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib)(User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Tim erEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT)(User: )
Description: svchost1872SRUJet: C:\Windows\system32\SRU\SRU0399F.log-1811 (0xfffff8ed)
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2018-02-24 14:52:25.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-24 14:52:24.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:27.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:26.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:47.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:46.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AmazonBasics gaming software version 1.0.1.7 (HKLM-x32...\AmazonBasics gaming software_is1) (Version: - )
Apple Application Support (32-bit) (HKLM-x32...{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM...{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32...{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATK Package (HKLM-x32...{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.53 - Piriform)
Chromium (HKCU...\Chromium) (Version: 51.0.2684.0 - Chromium)
Counter-Strike: Global Offensive (HKLM...\Steam App 730) (Version: - Valve)
Discord (HKCU...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Driver - San Francisco (HKLM-x32...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Dropbox (HKLM-x32...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM...{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 (HKLM...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 4 (HKLM...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Fraps (HKLM-x32...\Fraps) (Version: - )
Garry’s Mod (HKLM...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM...\Steam App 12120) (Version: - Rockstar Games)
Grand Theft Auto: Vice City (HKLM...\Steam App 12110) (Version: - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
iTunes (HKLM...{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32...{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Codec Pack 11.4.0 Full (HKLM-x32...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32...{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32...{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32...{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32...{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32...{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32...{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32...{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32...\Minecraft1.8) (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM-x32...{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed: Hot Pursuit (HKLM...\Steam App 47870) (Version: - Criterion Games)
NVAPI Monitor plugin for NvContainer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 425.31 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 425.31 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32...\OBS Studio) (Version: 23.0.0 - OBS Project)
Oracle VM VirtualBox 6.0.8 (HKLM...{C549898A-9AA8-4CF6-8290-EF5DB8ECA766}) (Version: 6.0.8 - Oracle Corporation)
paint.net (HKLM...{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Project CARS (HKLM...\Steam App 234630) (Version: - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Redragon Kumara Gaming Mechanical keyboard driver (HKLM-x32...{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 2017.07.04 - Eastern Times Technology Co., Ltd )
Rockstar Games Social Club (HKLM-x32...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RollerCoaster Tycoon 2 (HKLM-x32...{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Search the Web (Yahoo) (HKLM-x32...\a92e2408) (Version: - )
Sonic Foundry ACID 4.0 (HKLM-x32...{2A38B5AA-EA84-4F87-9937-2FB23982243A}) (Version: 4.0.215 - Sonic Foundry)
Sony Vegas 5.0b (HKLM-x32...{A7401380-F015-475B-A5AA-7AE1F23B3DB3}) (Version: 5.0.160 - Sony)
Spintires: The Original Game (HKLM...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU...\Spotify) (Version: 1.1.8.439.g8502297d - Spotify AB)
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32...{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tencent Gaming Buddy (HKLM-x32...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Unturned (HKLM...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32...\Uplay) (Version: 65.0 - Ubisoft)
VLC media player (HKLM...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Movie Maker 2019 (HKLM...{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
Wondershare Filmora9(Build 9.1.2) (HKLM...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32...{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
========================= Devices: ================================
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0003
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 8077.55 MB
Available physical RAM: 5593.14 MB
Total Virtual: 12045.55 MB
Available Virtual: 8398.67 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.42 GB) (Free:93.95 GB) NTFS
========================= Users: ========================================
User accounts for \ASUSGAMING
Administrator ASPNET Guest
Pavel
**** End of log ****
[HEADING=1]-------------------------------[/HEADING]
[COLOR=rgb(184, 49, 47)]# Malwarebytes AdwCleaner 7.3.0.0
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 04-04-2019[/HEADING]
[HEADING=1]Database: 2019-05-27.1 (Cloud)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 06-14-2019[/HEADING]
[HEADING=1]Duration: 00:00:09[/HEADING]
[HEADING=1]OS: Windows 8.1 Pro[/HEADING]
[HEADING=1]Cleaned: 60[/HEADING]
[HEADING=1]Failed: 1[/HEADING]
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SafeSavings
Deleted C:\ProgramData\53AB40F9-42A1-0
Deleted C:\ProgramData\53AB40F9-7255-1
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\SafeSavings
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Pavel\AppData\Local\slimware utilities inc
Deleted C:\Users\Pavel\AppData\Roaming\DRPSu
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\Tencent
Not Deleted C:\Users\Pavel\AppData\Roaming\Tencent
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\ACPTab
Deleted HKCU\Software\BSD
Deleted HKCU\Software\InSTab
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION|PCAcceleratePro.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes{53e2f62a-3083-46e6-8527-cf89e4acb4ae}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|Itibiti.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run |Itibiti.exe
Deleted HKCU\Software\MySafeSavings
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1 G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1Mt T0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\System Healer
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{0B0A4E0 6-CAA9-4B24-8008-887D71444E0D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{13E320A 2-0F14-4390-9D44-D2F892F419BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{4C8445F D-B9E2-4E0A-B27C-F36225E8FBCE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{AEE94BA 1-E1D6-411E-8202-260422E14465}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{C262D0B 8-521C-4BEE-9C64-C87C465611A3}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{C6273DF 3-B070-469A-91A1-FACA4C33E1F7}
Deleted HKLM\Software\Classes\Installer\Features\4E30E037E 0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\Installer\Products\4E30E037E 0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\CompeteInc
Deleted HKLM\Software\Wow6432Node\MySafeSavings
Deleted HKLM\Software\Wow6432Node\Classes\CLSID{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\MySafeSavings
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{730E03E4-350E-48E5-9D3E-4329903D454D}
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU.DEFAULT\Software\AppDataLow\Software\Compete
Deleted HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Ext\Stats{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Compete
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
Deleted Default
Deleted Default
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
[+] Delete Tracing Keys
[+] Reset Winsock
AdwCleaner[S00].txt - [6930 octets] - [14/06/2019 22:53:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
[COLOR=rgb(184, 49, 47)]Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.19
Platform: x64 Windows 8.1 (Pro), 6.3.9600.19206, Service Pack: 0
Time: 14.06.2019 - 23:02 (UTC-07:00)
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Pavel (group: Administrator) on ASUSGAMING, FirstRun: yes
Chrome: 74.0.3729.169
Internet Explorer: 11.0.9600.19204
Default: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” – “%1” (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Fraps\fraps.exe
1 C:\Fraps\fraps64.dat
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCr ashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCr ashHandler64.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
1 C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService. exe
1 C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
1 C:\Program Files\iPod\bin\iPodService.exe
1 C:\Program Files\iTunes\iTunesHelper.exe
4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_too l.exe
1 C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Pavel\Desktop\adwcleaner_7.3.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?...indows+8.1+Pro
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?...indows+8.1+Pro
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?...indows+8.1+Pro
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://www.exlee.com/results.php?f=4...=1239128798&q= {searchTerms} - Exlee
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/sear...ows+8.1+Pro&p= {searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: [TopResultURLFallback] = http://www.exlee.com/results.php?f=4...=1239128798&q= {searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_xle_installertech_16_20¶m 1=1¶m2=f=4&b=IE&cc=us&pa=Hodor&cd=2XzuyEtN2Y1L 1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StCyC zyyDtN1L2XzutAtFtByEtFyCtFtDtN1L1Czu1M1Q1CtByCtFtC tFtDtN1L1G1B1V1N2Y1L1Qzu2SyB0B0DtBtA0F0A0EtGtD0FyB tCtGzz0AtC0FtGyCtAzyyCtG0EyE0BtAtDyDyB0FyEyBzzyE2Q tN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtB tGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN 0A0LzuyE&cr=1036816672&a=hdr_s_16_34_xle_installer tech_16_20&os_ver=6.3&os=Windows+8.1+Pro&p={search Terms} - YHS O2 - HKLM..\BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll O2 - HKLM..\BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll O2-32 - HKLM..\BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll O2-32 - HKLM..\BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll O4 - HKCU..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2019/02/19) O4 - HKCU..\StartupApproved\Run: [Chromium] = c:\users\pavel\appdata\local\chromium\application\ chrome.exe --auto-launch-at-startup --profile-directory=“Default” --restore-last-session --restore-last-session (2019/02/19) O4 - HKCU..\StartupApproved\Run: [Discord] = C:\Users\Pavel\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/02/19) O4 - HKCU..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe -silent (file missing) (2019/03/20) O4 - HKCU..\StartupApproved\Run: [McAfeeSafeConnect] = C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (file missing) (2019/02/19) O4 - HKCU..\StartupApproved\Run: [Spotify] = C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2019/02/19) O4 - HKCU..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2019/02/19) O4 - HKCU..\StartupApproved\Run: [World of Tanks] = C:\Games\World_of_Tanks\WargamingGameUpdater.exe (file missing) (2019/02/19) O4 - HKLM..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui O4 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (file missing) O4 - HKLM..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM..\StartupApproved\Run32: [AirBackupHelper] = C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (2019/03/20) O4 - HKLM..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/02/19) O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/02/19) O4-32 - HKLM..\Run: [AmazonBasics gaming software] = C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe “Hide” O4-32 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll O17 - DHCP DNS 1: 192.168.1.1 O20 - HKLM..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll O20-32 - HKLM..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll O21 - HKLM..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler O22 - Task (.job): (Running) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c O22 - Task: \Microsoft\Windows\ApplicationData\CleanupTemporar yState - C:\Windows\system32 (file missing) O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe O23 - Service R2: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; “ServiceDll” = C:\Windows\system32\diagtrack.dll O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe -s NVDisplay.ContainerLocalSystem -f “C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m” -r -p 30000 O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f “C:\ProgramData\NVIDIA\NvContainerLocalSystem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dl l” O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f “C:\ProgramData\NVIDIA\NvTelemetryContainer.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins” -r O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService. exe O23 - Service R3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe O23 - Service S2: %1!s! Update Service (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc O23 - Service S2: Dropbox Update Service (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc O23 - Service S2: Service Mgr HooplaSearch - C:\ProgramData\fb4c7509-7895-4257-8cc3-e92949418b04\plugincontainer.exe (file missing) O23 - Service S2: Update Mgr HooplaSearch - C:\Program Files (x86)\Common Files\fb4c7509-7895-4257-8cc3-e92949418b04\updater.exe (file missing) O23 - Service S3: %1!s! Update Service (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe O23 - Service S3: Avast Secure Browser Elevation Service - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevati on_service.exe O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service S3: Dropbox Update Service (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elev ation_service.exe O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f “C:\ProgramData\NVIDIA\NvContainerNetworkService.l og” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dl l” O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe O23 - Service S3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe Debug information: - 14.06.2019 23:02:22 - CryptCATAdminCalcHashFromFileHandle - #0 LastDllError = 193 (%1 is not a valid Win32 application.) TRUST_E_NOSIGNATURE: Not signed File: C:\Windows\system32 – End of file - Time spent: 31.1 sec. - 41794 bytes, CRC32: FFFFFFFF. Sign: ?? I’ve done all the scans and here they are:[/COLOR][/COLOR][/COLOR]Comment
-
tell me if you need to see more processesOriginally posted by MalnutritionComment
-
I’d rather you copy and paste the logs. I will edit your post for that, and the shot you provided is not of your device manager.Comment
-
Seems like we are dealing with a bit of malware that needs to be treated.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
[MEDIA=imgur]LOr0Gd7[/MEDIA]
Hit Ok.
[MEDIA=imgur]sYFsqHx[/MEDIA]
Hit next make sure to leave all items checked, for removal.
[MEDIA=imgur]8NcZjGc[/MEDIA]
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.- Once you have started the program, you will need to click the scanner button.
[IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.Comment
-
I’m sorry they had similar names and I wasn’t paying attention smhOriginally posted by Malnutrition
adwcleaner:
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Malwarebytes AdwCleaner 7.3.0.0[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Build: 04-04-2019[/HEADING]
[HEADING=1]Database: 2019-05-27.1 (Cloud)[/HEADING]
[HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]-------------------------------[/HEADING]
[HEADING=1]Start: 06-14-2019[/HEADING]
[HEADING=1]Duration: 00:00:09[/HEADING]
[HEADING=1]OS: Windows 8.1 Pro[/HEADING]
[HEADING=1]Cleaned: 60[/HEADING]
[HEADING=1]Failed: 1[/HEADING]
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SafeSavings
Deleted C:\ProgramData\53AB40F9-42A1-0
Deleted C:\ProgramData\53AB40F9-7255-1
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\SafeSavings
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Pavel\AppData\Local\slimware utilities inc
Deleted C:\Users\Pavel\AppData\Roaming\DRPSu
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\R oaming\Tencent
Not Deleted C:\Users\Pavel\AppData\Roaming\Tencent
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\ACPTab
Deleted HKCU\Software\BSD
Deleted HKCU\Software\InSTab
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULA TION|PCAcceleratePro.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes{53e2f62a-3083-46e6-8527-cf89e4acb4ae}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Exp lorer\StartupApproved\Run|Itibiti.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run |Itibiti.exe
Deleted HKCU\Software\MySafeSavings
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1 G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1Mt T0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\System Healer
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{0B0A4E0 6-CAA9-4B24-8008-887D71444E0D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{13E320A 2-0F14-4390-9D44-D2F892F419BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{4C8445F D-B9E2-4E0A-B27C-F36225E8FBCE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{AEE94BA 1-E1D6-411E-8202-260422E14465}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{C262D0B 8-521C-4BEE-9C64-C87C465611A3}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules|{C6273DF 3-B070-469A-91A1-FACA4C33E1F7}
Deleted HKLM\Software\Classes\Installer\Features\4E30E037E 0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\Installer\Products\4E30E037E 0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Ins taller\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\CompeteInc
Deleted HKLM\Software\Wow6432Node\MySafeSavings
Deleted HKLM\Software\Wow6432Node\Classes\CLSID{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\MySafeSavings
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall{730E03E4-350E-48E5-9D3E-4329903D454D}
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU.DEFAULT\Software\AppDataLow\Software\Compete
Deleted HKU.DEFAULT\Software\Microsoft\Windows\CurrentVers ion\Ext\Stats{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Compete
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\S tats{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
Deleted Default
Deleted Default
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
[+] Delete Tracing Keys
[+] Reset Winsock
AdwCleaner[S00].txt - [6930 octets] - [14/06/2019 22:53:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
hijack:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.19
Platform: x64 Windows 8.1 (Pro), 6.3.9600.19206, Service Pack: 0
Time: 14.06.2019 - 23:02 (UTC-07:00)
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Pavel (group: Administrator) on ASUSGAMING, FirstRun: yes
Chrome: 74.0.3729.169
Internet Explorer: 11.0.9600.19204
Default: “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” – “%1” (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Fraps\fraps.exe
1 C:\Fraps\fraps64.dat
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCr ashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCr ashHandler64.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
1 C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService. exe
1 C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
1 C:\Program Files\iPod\bin\iPodService.exe
1 C:\Program Files\iTunes\iTunesHelper.exe
4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_too l.exe
1 C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Pavel\Desktop\adwcleaner_7.3.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\Pres entationFontCache.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = Yahoo on osa Yahoo-konsernia.
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = Yahoo on osa Yahoo-konsernia.
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = Yahoo on osa Yahoo-konsernia.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://www.exlee.com/results.php?f=4...=1239128798&q= {searchTerms} - Exlee
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: [URL] = https://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_xle_installertech_16_20¶m 1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DHodor%2 6cd%3D2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0A tDtBtN0D0Tzu0StCyCzyyDtN1L2XzutAtFtByEtFyCtFtDtN1L 1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyB0B0D tBtA0F0A0EtGtD0FyBtCtGzz0AtC0FtGyCtAzyyCtG0EyE0BtA tDyDyB0FyEyBzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A 0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0E yC0EtCtDyCyB0B2QtN0A0LzuyE%26cr%3D1036816672%26a%3 Dhdr_s_16_34_xle_installertech_16_20%26os_ver%3D6. 3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} - YHS
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: [TopResultURLFallback] = http://www.exlee.com/results.php?f=4&a=xle_installertech_16_20&cd=2Xzuy EtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tz u0StCyCtDtCtN1L2XzutAtFtBtCtFtDtFtDtN1L1Czu2V1I1P1 V1L1G1B2Z1T1I1I1P1C2Z1P1R1MtN1L1G1B1V1N2Y1L1Qzu2Sy BtBtCyCtAzy0DyDtGtD0DyC0CtGtDzyyEyBtGyDzz0FyEtGyD0 E0D0AtCtDzz0BtDzzyEzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0 F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0 D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={s earchTerms} - YHS
R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes{2f23ab71-4ac6-41f2-a955-ea576e553146}: [URL] = https://us.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_16_34_xle_installertech_16_20¶m 1=1¶m2=f%3D4%26b%3DIE%26cc%3Dus%26pa%3DHodor%2 6cd%3D2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0A tDtBtN0D0Tzu0StCyCzyyDtN1L2XzutAtFtByEtFyCtFtDtN1L 1Czu1M1Q1CtByCtFtCtFtDtN1L1G1B1V1N2Y1L1Qzu2SyB0B0D tBtA0F0A0EtGtD0FyBtCtGzz0AtC0FtGyCtAzyyCtG0EyE0BtA tDyDyB0FyEyBzzyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A 0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0E yC0EtCtDyCyB0B2QtN0A0LzuyE%26cr%3D1036816672%26a%3 Dhdr_s_16_34_xle_installertech_16_20%26os_ver%3D6. 3%26os%3DWindows%2B8.1%2BPro&p={searchTerms} - YHS
O2 - HKLM..\BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll
O2 - HKLM..\BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll
O2-32 - HKLM..\BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll
O2-32 - HKLM..\BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll
O4 - HKCU..\StartupApproved\Run: [CCleaner Smart Cleaning] = C:\Program Files\CCleaner\CCleaner64.exe /MONITOR (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [Chromium] = c:\users\pavel\appdata\local\chromium\application\ chrome.exe --auto-launch-at-startup --profile-directory=“Default” --restore-last-session --restore-last-session (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [Discord] = C:\Users\Pavel\AppData\Local\Discord\app-0.0.305\Discord.exe (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [EpicGamesLauncher] = C:\Program Files (x86)\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLaun cher.exe -silent (file missing) (2019/03/20)
O4 - HKCU..\StartupApproved\Run: [McAfeeSafeConnect] = C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe (file missing) (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [Spotify] = C:\Users\Pavel\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [Steam] = C:\Program Files (x86)\Steam\steam.exe -silent (2019/02/19)
O4 - HKCU..\StartupApproved\Run: [World of Tanks] = C:\Games\World_of_Tanks\WargamingGameUpdater.exe (file missing) (2019/02/19)
O4 - HKLM..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe (file missing)
O4 - HKLM..\Run: [iTunesHelper] = C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM..\StartupApproved\Run32: [AirBackupHelper] = C:\Program Files (x86)\iMobie\AnyTrans\AirBackupHelper.exe (2019/03/20)
O4 - HKLM..\StartupApproved\Run32: [Dropbox] = C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup (2019/02/19)
O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] = C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (2019/02/19)
O4-32 - HKLM..\Run: [AmazonBasics gaming software] = C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe “Hide”
O4-32 - HKLM..\Run: [Wondershare Helper Compact.exe] = C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O10 - Unknown file in Winsock LSP: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
O17 - DHCP DNS 1: 192.168.1.1
O20 - HKLM..\Windows: [AppInit_DLLs] = C:\Windows\system32\nvinitx.dll
O20-32 - HKLM..\Windows: [AppInit_DLLs] = C:\Windows\SysWOW64\nvinit.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll
O21 - HKLM..\ShellIconOverlayIdentifiers\00asw: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShell.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt01: DropboxExt1 Class - {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt02: DropboxExt7 Class - {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt03: DropboxExt9 Class - {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt04: DropboxExt3 Class - {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt05: DropboxExt2 Class - {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt06: DropboxExt4 Class - {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt07: DropboxExt5 Class - {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt08: DropboxExt8 Class - {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt09: DropboxExt10 Class - {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O21-32 - HKLM..\ShellIconOverlayIdentifiers\ DropboxExt10: DropboxExt6 Class - {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.0.dll
O22 - Task (.job): (Not scheduled) DropboxUpdateTaskMachineUA.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /ua /installsource scheduler
O22 - Task (.job): (Running) DropboxUpdateTaskMachineCore.job - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /c
O22 - Task: \Microsoft\Windows\ApplicationData\CleanupTemporar yState - C:\Windows\system32 (file missing)
O23 - Service R2: ASLDR Service - (ASLDRService) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
O23 - Service R2: ATKGFNEX Service - (ATKGFNEXSrv) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service R2: Apple Mobile Device Service - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service R2: DbxSvc - C:\Windows\system32\DbxSvc.exe
O23 - Service R2: Diagnostics Tracking Service - (DiagTrack) - C:\Windows\System32\svchost.exe -k utcsvc; “ServiceDll” = C:\Windows\system32\diagtrack.dll
O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService1.0.0.0) - C:\Windows\system32\igfxCUIService.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Containe r.exe -s NVDisplay.ContainerLocalSystem -f “C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSys tem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSyste m” -r -p 30000
O23 - Service R2: NVIDIA LocalSystem Container - (NvContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerLocalSystem -a -f “C:\ProgramData\NVIDIA\NvContainerLocalSystem.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dl l”
O23 - Service R2: NVIDIA Telemetry Container - (NvTelemetryContainer) - C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe -s NvTelemetryContainer -f “C:\ProgramData\NVIDIA\NvTelemetryContainer.log” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins” -r
O23 - Service R2: QMEmulatorService - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService. exe
O23 - Service R3: iPod Service - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service S2: %1!s! Update Service (avast) - (avast) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /svc
O23 - Service S2: Dropbox Update Service (dbupdate) - (dbupdate) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /svc
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S2: Service Mgr HooplaSearch - C:\ProgramData\fb4c7509-7895-4257-8cc3-e92949418b04\plugincontainer.exe (file missing)
O23 - Service S2: Update Mgr HooplaSearch - C:\Program Files (x86)\Common Files\fb4c7509-7895-4257-8cc3-e92949418b04\updater.exe (file missing)
O23 - Service S3: %1!s! Update Service (avastm) - (avastm) - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /medsvc
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
O23 - Service S3: Avast Secure Browser Elevation Service - (AvastSecureBrowserElevationService) - C:\Program Files (x86)\AVAST Software\Browser\Application\74.0.1376.132\elevati on_service.exe
O23 - Service S3: BattlEye Service - (BEService) - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service S3: Dropbox Update Service (dbupdatem) - (dbupdatem) - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe /medsvc
O23 - Service S3: EasyAntiCheat - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe
O23 - Service S3: Google Chrome Elevation Service - (GoogleChromeElevationService) - C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.169\elev ation_service.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: NVIDIA NetworkService Container - (NvContainerNetworkService) - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -s NvContainerNetworkService -f “C:\ProgramData\NVIDIA\NvContainerNetworkService.l og” -l 3 -d “C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService” -r -p 30000 -st “C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dl l”
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe /RunAsService
O23 - Service S3: VirtualBox system service - (VBoxSDS) - C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe
O23 - Service S3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
Debug information:- 14.06.2019 23:02:22 - CryptCATAdminCalcHashFromFileHandle - #0 LastDllError = 193 (%1 is not a valid Win32 application.) TRUST_E_NOSIGNATURE: Not signed File: C:\Windows\system32
–
End of file - Time spent: 31.1 sec. - 41794 bytes, CRC32: FFFFFFFF. Sign: ??
minitoolbox:
MiniToolBox by Farbar Version: 17-06-2016
Ran by Pavel (administrator) on 14-06-2019 at 23:06:44
Running from “C:\Users\Pavel\Desktop”
Microsoft Windows 8.1 Pro (X64)
Model: G46VW Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
“Reset IE Proxy Settings”: IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
[HEADING=1]----------------------------------[/HEADING]
[HEADING=1]IPv4 Configuration[/HEADING]
[HEADING=1]----------------------------------[/HEADING]
pushd interface ipv4
reset
set global icmpredirects=enabled
set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Wi-Fi” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 3” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 13” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Bluetooth Network Connection” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
[HEADING=1]End of IPv4 configuration[/HEADING]
Windows IP Configuration
Host Name . . . . . . . . . . . . : ASUSGAMING
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
Physical Address. . . . . . . . . : 08-60-6E-1E-E5-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 60-36-DD-8F-DC-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host yahoo.com. Please check the name and try again.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
[HEADING=1]Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
[HEADING=1]Interface List
20…08 60 6e 1e e5 06 …Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
17…60 36 dd 8f dc 15 …Bluetooth Device (Personal Area Network)
1…Software Loopback Interface 1[/HEADING]
[HEADING=1]IPv4 Route Table[/HEADING]
[HEADING=1]Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306[/HEADING]
Persistent Routes:
None
[HEADING=1]IPv6 Route Table[/HEADING]
[HEADING=1]Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link[/HEADING]
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib) (User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Tim erEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1872) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU0399F.log.
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
[HEADING=1]System errors:[/HEADING]
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Update Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Service Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:55:35 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The QMEmulatorService service terminated unexpectedly. It has done this 1 time(s).
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]Microsoft Office Sessions:[/HEADING]
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Net workAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib)(User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Tim erEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT)(User: )
Description: svchost1872SRUJet: C:\Windows\system32\SRU\SRU0399F.log-1811 (0xfffff8ed)
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=Use rLogon;SessionId=1
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2018-02-24 14:52:25.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-24 14:52:24.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:27.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:26.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:47.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:46.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AmazonBasics gaming software version 1.0.1.7 (HKLM-x32...\AmazonBasics gaming software_is1) (Version: - )
Apple Application Support (32-bit) (HKLM-x32...{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM...{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM...{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32...{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATK Package (HKLM-x32...{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Bonjour (HKLM...{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM...\CCleaner) (Version: 5.53 - Piriform)
Chromium (HKCU...\Chromium) (Version: 51.0.2684.0 - Chromium)
Counter-Strike: Global Offensive (HKLM...\Steam App 730) (Version: - Valve)
Discord (HKCU...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Driver - San Francisco (HKLM-x32...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Dropbox (HKLM-x32...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32...{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM...{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 (HKLM...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 4 (HKLM...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Fraps (HKLM-x32...\Fraps) (Version: - )
Garry’s Mod (HKLM...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM...\Steam App 12120) (Version: - Rockstar Games)
Grand Theft Auto: Vice City (HKLM...\Steam App 12110) (Version: - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
iTunes (HKLM...{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM...{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32...{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Codec Pack 11.4.0 Full (HKLM-x32...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32...{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32...{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32...{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32...{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32...{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32...{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32...{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32...\Minecraft1.8) (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM-x32...{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed: Hot Pursuit (HKLM...\Steam App 47870) (Version: - Criterion Games)
NVAPI Monitor plugin for NvContainer (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 425.31 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 425.31 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32...\OBS Studio) (Version: 23.0.0 - OBS Project)
Oracle VM VirtualBox 6.0.8 (HKLM...{C549898A-9AA8-4CF6-8290-EF5DB8ECA766}) (Version: 6.0.8 - Oracle Corporation)
paint.net (HKLM...{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Project CARS (HKLM...\Steam App 234630) (Version: - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32...{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Redragon Kumara Gaming Mechanical keyboard driver (HKLM-x32...{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 2017.07.04 - Eastern Times Technology Co., Ltd )
Rockstar Games Social Club (HKLM-x32...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RollerCoaster Tycoon 2 (HKLM-x32...{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Search the Web (Yahoo) (HKLM-x32...\a92e2408) (Version: - )
Sonic Foundry ACID 4.0 (HKLM-x32...{2A38B5AA-EA84-4F87-9937-2FB23982243A}) (Version: 4.0.215 - Sonic Foundry)
Sony Vegas 5.0b (HKLM-x32...{A7401380-F015-475B-A5AA-7AE1F23B3DB3}) (Version: 5.0.160 - Sony)
Spintires: The Original Game (HKLM...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU...\Spotify) (Version: 1.1.8.439.g8502297d - Spotify AB)
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32...{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tencent Gaming Buddy (HKLM-x32...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Unturned (HKLM...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32...\Uplay) (Version: 65.0 - Ubisoft)
VLC media player (HKLM...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Movie Maker 2019 (HKLM...{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
Wondershare Filmora9(Build 9.1.2) (HKLM...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32...{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
========================= Devices: ================================
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0003
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click “Update Driver” to update the drivers for this device.
On the “General Properties” tab of the device, click “Troubleshoot” to start the troubleshooting wizard.
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 8077.55 MB
Available physical RAM: 5593.14 MB
Total Virtual: 12045.55 MB
Available Virtual: 8398.67 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.42 GB) (Free:93.95 GB) NTFS
========================= Users: ========================================
User accounts for \ASUSGAMING
Administrator ASPNET Guest
Pavel
**** End of log ****
security check:
SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 14.06.2019 22:46:56
Path starting: C:\Users\Pavel\AppData\Local\Temp\SecurityCheck\Se curityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: Pavel
VersionXML: 6.55is-14.06.2019
Windows 8.1(6.3.9600) (x64) Professional Lang: English(0409)
Installation date OS: 29.09.2015 21:01:11
LicenseStatus: Windows(R), Professional edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Windows\system32\OpenWith.exe
SystemDrive: C: FS: [NTFS] Capacity: [465.4 Gb] Used: [371.5 Gb] Free: [93.9 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.19204 Warning! Download Update
User Account Control enabled (Level 3)
Notify before download
Date install updates: 2018-12-22 01:25:11
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Windows Defender (disabled and out of date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and out of date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.19.5.2378
Avast Update Helper v.1.4.154.333
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.3.0.6 Warning! Download Update
NVIDIA GeForce Experience 3.14.1.48 v.3.14.1.48 Warning! Download Update
Oracle VM VirtualBox 6.0.8 v.6.0.8
paint.net v.4.0.6
K-Lite Codec Pack 11.4.0 Full v.11.4.0 Warning! Download Update
Steam v.2.10.91.91
Microsoft .NET Framework 1.1 v.1.1.4322 Warning! This software is no longer supported.
--------------------------------- [ IM ] ----------------------------------
Discord v.0.0.305
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 211 (64-bit) v.8.0.2110.12
Java 8 Update 211 v.8.0.2110.12
Java SE Development Kit 8 Update 60 v.8.0.600.27 Warning! Download Update
Uninstall old version and install new one (jdk-8u211-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.9.5.7
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.19.0.0.190 Warning! Download Update
Adobe Flash Player 32 PPAPI v.32.0.0.207
Adobe Shockwave Player 12.3 v.12.3.4.204 Warning! This software is no longer supported. Please uninstall it.
swMSM v.12.0.0.1 << Hidden Warning! This software is no longer supported. Please uninstall it.
------------------------------- [ Browser ] -------------------------------
Avast Secure Browser v.74.0.1376.132
Google Chrome v.74.0.3729.169 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
aswbIDSAgent (aswbIDSAgent) - The service has stopped
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.19.4.4318.533
aswbIDSAgent (aswbIDSAgent) - The service has stopped
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.19.4.4318.0
Windows Defender Service (WinDefend) - The service has stopped
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Search the Web (Yahoo) Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
Tencent Gaming Buddy v.1.0.0.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
MySafeSavings v.1.0.1.7 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
Itibiti RTC v.0.0.1 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------Comment
-
After the above, please re-run adware cleaner with the following items ticked under settings. Then produce the new log.
[MEDIA=imgur]a/OOZh1w1[/MEDIA]Comment
-
i already have an anti virus; avastOriginally posted by MalnutritionSeems like we are dealing with a bit of malware that needs to be treated.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
[MEDIA=imgur]LOr0Gd7[/MEDIA]
Hit Ok.
[MEDIA=imgur]sYFsqHx[/MEDIA]
Hit next make sure to leave all items checked, for removal.
[MEDIA=imgur]8NcZjGc[/MEDIA]
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.- Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.Comment
-
In your next reply I need:
Adware Removal Tool log.
Zhp Cleaner Log.
Adware Cleaner log with new settings ticked.Comment
-
I understand that, we are removing some malware/adware you seem to have accumulated. These are stand alone tools to remove adware, not replace your antivirus. These items can attribute to your connection issues.Originally posted by akotski1338Comment
Comment