• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Solved Something's wrong, but don't know what.

Status
Not open for further replies.
#21
SecurityCheck by glax24 & Severnyj v.1.4.0.49 [15.04.17]
WebSite: www.safezone.cc
DateLog: 25.05.2017 01:19:10
Path starting: C:\Users\Doneff Family\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Doneff Family
VersionXML: 4.27is-21.05.2017
___________________________________________________________________________

Windows 10(6.3.15063) (x64) Core Release: 1703 Lang: English(0409)
Installation date OS: 18.05.2017 21:29:07
LicenseStatus: Windows(R), Core edition The machine is permanently activated.
LicenseStatus: Office 16, Office16O365HomePremR_SubTrial5 edition Initial grace period ends :5291 minutes
LicenseStatus: Office 16, Office16O365HomePremR_Grace edition Windows is in Notification mode
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [899.7 Gb] Used: [142 Gb] Free: [757.7 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.296.15063.0 [+]
User Account Control enabled
Automatically download and schedule installation
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Windows Defender (disabled and up to date)
Malwarebytes (enabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Avast Antivirus (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Malwarebytes (enabled and up to date)
Windows Defender (disabled and up to date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Internet Security v.17.4.2294
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes version 3.1.2.1733 v.3.1.2.1733
Zemana AntiMalware v.2.72.0.388
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50906.0
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 121 v.8.0.1210.13 Warning! Download Update
Uninstall old version and install new one (jre-8u131-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 25 PPAPI v.25.0.0.171
Adobe Acrobat DC v.17.009.20044
Adobe Acrobat Reader DC v.17.009.20044
------------------------------- [ Browser ] -------------------------------
Google Chrome v.58.0.3029.110
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.58.0.3029.110
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.17.4.3482.0
aswbIDSAgent (aswbIDSAgent) - The service is running
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.17.4.3482.0
C:\Program Files\AVAST Software\Avast\afwServ.exe v.17.4.3482.0
Avast Firewall Service (avast! Firewall) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.3.0.0.1068
Malwarebytes Service (MBAMService) - The service is running
C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.1.0.479
C:\Program Files\Windows Defender\MSASCuiL.exe v.4.11.15063.0
Windows Defender Antivirus Service (WinDefend) - The service has stopped
Windows Defender Antivirus Network Inspection Service (WdNisSvc) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.2.72.0.388
----------------------------- [ End of Log ] ------------------------------
 
#22
Java 8 Update 121 v.8.0.1210.13 Warning! Download Update
Uninstall old version and install new one (jre-8u131-windows-i586.exe).



Hijack This Fix.

Start HijackThis , Right Click Run as Admin.
Close all other open programs prior to running this tool!!
Click System Scan Only.
Then check mark the items listed below.


O4 - HKCU\..\Run: [Adobe Acrobat Synchronizer] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe --restore-last-session
O4 - HKCU\..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DDF34A59040FF57D719F4EF1CA2787C3] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU\..\Run: [OneDrive] C:\Users\Doneff Family\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background --restore-last-session
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
O4 - HKLM\..\Run: [UMonit] C:\Windows\SysWOW64\UMonit64.exe
O4 - HKLM\..\Run: [ZAM] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe /minimized
O4 - HKLM\..\StartupApproved\Run32: [CLMLServer] C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
O4 - HKLM\..\StartupApproved\Run32: [UpdateP2GoShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\StartupApproved\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
O4 - HKLM\..\StartupApproved\Run: [RtHDVBg_LENOVO_MICPKEY] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /LENOVO_MICPKEY
O4 - HKLM\..\StartupApproved\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4 - HKU\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
O4-32 - HKLM\..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
O4-32 - HKLM\..\Run: [jmekey] C:\Windows\jmesoft\hotkey.exe
O4-32 - HKLM\..\Run: [jmesoft] C:\Windows\jmesoft\ServiceLoader.exe
O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
O22 - Task (Ready): Adobe Flash Player Updater - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (Ready): \Microsoft\Office\Office Automatic Updates - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /update SCHEDULEDTASK displaylevel=False
O22 - Task (Ready): \Microsoft\Office\Office ClickToRun Service Monitor - C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe /WatchService
O22 - Task (Ready): \Microsoft\Office\Office Subscription Maintenance - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe
O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\compattelrunner.exe
O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\WINDOWS\system32\compattelrunner.exe -maintenance
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe





Now click on fix checked.
After the fix is complete, then reboot your machine.

After the reboot post a new hijack this log and let me know how things are running now.
 
#23
Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.17

Platform: x64 Windows 10 (Home), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
Time: 25.05.2017 - 03:23
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Doneff Family (group: Administrator) on DESKTOP-DOB72OG

Chrome: 58.0.3029.110
Edge: 11.0.15063.250
Internet Explorer: 11.0.15063.0

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
1 C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
1 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
1 C:\Program Files (x86)\Common Files\Steam\SteamService.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
1 C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
1 C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
1 C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
1 C:\Program Files (x86)\Steam\Steam.exe
1 C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
1 C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\afwServ.exe
1 C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
1 C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
1 C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
1 C:\Users\Doneff Family\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Doneff Family\Desktop\MemCompression
1 C:\Windows\SysWOW64\dllhost.exe
1 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\backgroundTaskHost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
1 C:\Windows\System32\sppsvc.exe
70 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskhostw.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
1 C:\Windows\explorer.exe
1 C:\Windows\jmesoft\Service.exe
1 C:\Windows\servicing\TrustedInstaller.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {D79BB3A3-DB24-49D3-A463-680951CD61C4} - Bing - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURL = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURLFallback = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D79BB3A3-DB24-49D3-A463-680951CD61C4} - Bing - http://www.bing.com/search?q={searchTerms}&form=PRLNC1&src=IE11TR&pc=LCTE
O2 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
O2-32 - BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
O2-32 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
O4 - HKCU\..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe -silent --restore-last-session
O4 - HKLM\..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM\..\Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
O4-32 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (HKLM)
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (HKLM)
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (HKLM)
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll (HKLM)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll (HKLM)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll (HKLM)
O9-32 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (HKLM)
O9-32 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (HKLM)
O9-32 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll (HKLM)
O9-32 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll (HKLM)
O17 - DHCP DNS - 1: 209.18.47.61
O17 - DHCP DNS - 2: 209.18.47.62
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O22 - Task (Ready): Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): SafeZone scheduled Autoupdate 1462830905 - C:\Program Files\AVAST Software\SZBrowser\launcher.exe --scheduledautoupdate $(Arg0)
O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e
O22 - Task (Ready): \Microsoft\Windows\UNP\RunCampaignManager - C:\WINDOWS\System32\UNP\UNPCampaignManager.exe
O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
O22 - Task (Running): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Running): \AVAST Software\Avast settings backup - C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs
O23 - Service R2: Adobe Genuine Software Integrity Service - (AGSService) - C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: Avast Firewall Service - (avast! Firewall) - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service R2: FastbootService - C:\Program Files (x86)\Lenovo\LenovoPortal\FastBoot\FbService.exe
O23 - Service R2: Intel(R) Security Assist Helper - (isaHelperSvc) - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service R2: JME Keyboard Driver - (JME Keyboard) - C:\Windows\jmesoft\Service.exe
O23 - Service R2: LenovoPortalService - C:\Program Files (x86)\Lenovo\LenovoPortal\LenovoPortalService.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service R2: NVIDIA Display Container LS - (NVDisplay.ContainerLocalSystem) - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service R2: ZAM Controller Service - (ZAMSvc) - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
O23 - Service R3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service S2: Intel(R) Management and Security Application Local Management Service - (LMS) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service S2: Intel(R) Rapid Storage Technology - (IAStorDataMgrSvc) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service S2: System Interface Foundation Service - (ImControllerService) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service S3: Intel(R) Security Assist - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service S3: LSCWinService - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
O23 - Service S3: ShareItSvc - C:\Program Files (x86)\Lenovo\SHAREit\Shareit.Service.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
O23 - Service S3: nProtect GameGuard Service - (npggsvc) - C:\WINDOWS\SysWow64\GameMon.des

--
End of file - Time spent: 35 sec. - 30044 bytes, CRC32: FFFFFFFF. Sign: 쐇ꯋ

Will let you know how things are going. Thanks for your help.
 
#24
GamerGirl74 said:
Will let you know how things are going. Thanks for your help.
Click to expand...


Ok, to keep your temp files in check, I'd suggest having CCleaner run at startup.

Clean up temp files and reduce startup load with CCleaner.


Note: This tool will clean your browsing history as well.
  • Download CCleaner from here.
  • After install Click Options.
  • Go to monitoring.
  • Uncheck All Monitoring items.
  • Go to advanced -- Click close program after cleaning.
  • Go to settings -- click run ccleaner when the computer starts.
  • Now that you have ccleaner installed and set-up:
  • Open the program.
  • Go to Tools
  • Go to Startup
  • Now double click each item. To Disable.
  • Leave only your antivirus enabled.
  • Then disable All items in your scheduled task as well.
  • Unless they are related to windows defender.Or your antivirus.
  • Reboot the machine.
As well, a final couple of scans on the machine to ensure that there is no malware hiding.



Adware Removal Tool Scan.


Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.





LOr0Gd7.png



Hit Ok.


sYFsqHx.png



Hit next make sure to leave all items checked, for removal.


8NcZjGc.png




The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.


9-Lab Scan.



  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Disable your antivirus prior to this scan.
  • Install the program onto your computer, then right click the icon run as administrator.
  • Update the program and then run a Quick scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.
 
#25
Adware Removal Tool 5.1
Time: 2017_05_25_21_34_23
OS: Windows 10 Home - x64 Bit
Account Name: Doneff Family
Adware Definition: 05222017.1
Elapsed time: 07:25
Scan Status:- Automatic Done

\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\

Browser: Chrome Found : Adware.Conduit : C:\Users\Doneff Family\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data
 
#26
9-lab Removal Tool 1.0.0.39 BETA
9-lab.com

Database version: 167.49509

Windows 8 (Version 6.2, Build 0, 64-bit Edition)
Internet Explorer 9.11.15063.0
Doneff Family :: DESKTOP-DOB72OG

5/25/2017 10:06:53 PM
9lab-log-2017-05-25 (22-06-53).txt

Scan type: Quick
Objects scanned: 29827
Time Elapsed: 18 m 16 s

Files detected: 2
[48ED7180F4C0E72B39EABEC42DA21F21] Malware.Win32.Gen.sm [c:\users\doneff family\desktop\Games\nester - Shortcut.lnk]
[83FB09C407EB4D2B3742B1CCC95626F5] Malware.Win32.Gen.sm [c:\users\doneff family\desktop\Toolbox\SupRestric.exe]
 
#28
Your machine is clean... :thumbsup:

Glad to have helped!! Please tell a friend ...... or two about us.
smile.png


Optimize your internet connection.

Click here for instructions.

suggest the following in place of adblock.
Alternate DNS Server. Ad Blocking DNS.
Ublock Origin.
Anti Ad Block Killer.


Also, keep your browsing private with these tools:

Self Destructing Cookies.
Self Destructing Cookies Chrome.




Some items to keep you safe on the internet.


VooDoo Shield. control of what is running on your machine
Qualys BrowserCheck To update plugins.
Unchecky To Avoid Bundled Software.
Privazer To Clean up your mahcine.



Now Lets Clean up the tools we used and remove old restore points.



Download DelFix by "Xplode" to your Desktop.
Right Click the tool and Run as Admin ( Xp Users Double Click)
Put a check mark next the items below:


Remove disinfection tools
Create registry backup
Purge System Restore



Now click on "Run" button.
allow the program to complete its work.
all the tools we used will be removed.
Tool will create and open a log report (DelFix.txt)
Note: The report can be located at the following location C:\DelFix.txt
 
Status
Not open for further replies.
Top Bottom
Back
Forums
Resources
Menu