I have a Asus laptop that is about 5 years old. One day I turn it on and it wasn’t connected to the internet even though it was the day before. It simply says “No connections are available” even though there are. I try restarting the computer and even a system restore point but that didn’t fix the problem. Everything seems to be in order in the drivers. I couldn’t really find any solutions on the internet.
Solved Laptop cannot find any network connections
- Thread starter akotski1338
- Start date
-
Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.
Why not Click Here To Sign Up and start enjoying great FREE Tech Support.
This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
- Status
Please run these programs with the ethernet cord attached.
Step 1:
Security Check Scan.
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
Then, can you run the following program with and without the ethernet cable attached please.
Please download MINITOOLBOX and run it.
Checkmark following boxes:
Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)
Click Go post the result.
Step 1:
Security Check Scan.
- Download Security Check to your desktop.
- Right click it run as administrator.
- When the program completes, the tool will automatically open a log file.
- Please post that log here in your next post.
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
- Close all open programs and internet browsers.
- Right Click on adwcleaner.exe and run as admin to run the tool.
- Click on Scan button.
- When the scan has finished click on Clean button.
- Your computer will be rebooted automatically. A text file will open after the restart.
- Please post the contents of that logfile with your next reply.
- You can find the logfile at C:\AdwCleaner[S1].txt as well.
1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
Then, can you run the following program with and without the ethernet cable attached please.
Please download MINITOOLBOX and run it.
Checkmark following boxes:
Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)
Click Go post the result.
Also, provide a screenshot of your device manager.
How to use the Snipping Tool Click Here
Use Windows+R hotkeys to open Run dialog box, type the command of devmgmt.msc and click OK.
How to use the Snipping Tool Click Here
Use Windows+R hotkeys to open Run dialog box, type the command of devmgmt.msc and click OK.
If you have any questions about the process please let me know. I will be glad to walk you through anything you have an issue with . 
MiniToolBox by Farbar Version: 17-06-2016
Ran by Pavel (administrator) on 14-06-2019 at 23:06:44
Running from "C:\Users\Pavel\Desktop"
Microsoft Windows 8.1 Pro (X64)
Model: G46VW Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : ASUSGAMING
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
Physical Address. . . . . . . . . : 08-60-6E-1E-E5-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 60-36-DD-8F-DC-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host yahoo.com. Please check the name and try again.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...08 60 6e 1e e5 06 ......Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
17...60 36 dd 8f dc 15 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib) (User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1872) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU0399F.log.
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
System errors:
=============
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Update Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Service Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:55:35 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The QMEmulatorService service terminated unexpectedly. It has done this 1 time(s).
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib)(User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT)(User: )
Description: svchost1872SRUJet: C:\Windows\system32\SRU\SRU0399F.log-1811 (0xfffff8ed)
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
CodeIntegrity Errors:
===================================
Date: 2018-02-24 14:52:25.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-24 14:52:24.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:27.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:26.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:47.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:46.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AmazonBasics gaming software version 1.0.1.7 (HKLM-x32\...\AmazonBasics gaming software_is1) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Chromium (HKCU\...\Chromium) (Version: 51.0.2684.0 - Chromium)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Discord (HKCU\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Driver - San Francisco (HKLM-x32\...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Dropbox (HKLM-x32\...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version: - Rockstar Games)
Grand Theft Auto: Vice City (HKLM\...\Steam App 12110) (Version: - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed: Hot Pursuit (HKLM\...\Steam App 47870) (Version: - Criterion Games)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 425.31 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.0 - OBS Project)
Oracle VM VirtualBox 6.0.8 (HKLM\...\{C549898A-9AA8-4CF6-8290-EF5DB8ECA766}) (Version: 6.0.8 - Oracle Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Redragon Kumara Gaming Mechanical keyboard driver (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 2017.07.04 - Eastern Times Technology Co., Ltd )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Search the Web (Yahoo) (HKLM-x32\...\a92e2408) (Version: - )
Sonic Foundry ACID 4.0 (HKLM-x32\...\{2A38B5AA-EA84-4F87-9937-2FB23982243A}) (Version: 4.0.215 - Sonic Foundry)
Sony Vegas 5.0b (HKLM-x32\...\{A7401380-F015-475B-A5AA-7AE1F23B3DB3}) (Version: 5.0.160 - Sony)
Spintires: The Original Game (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU\...\Spotify) (Version: 1.1.8.439.g8502297d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 65.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
Wondershare Filmora9(Build 9.1.2) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
========================= Devices: ================================
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0003
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 8077.55 MB
Available physical RAM: 5593.14 MB
Total Virtual: 12045.55 MB
Available Virtual: 8398.67 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.42 GB) (Free:93.95 GB) NTFS
========================= Users: ========================================
User accounts for \\ASUSGAMING
Administrator ASPNET Guest
Pavel
**** End of log ****
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2019
# Duration: 00:00:09
# OS: Windows 8.1 Pro
# Cleaned: 60
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SafeSavings
Deleted C:\ProgramData\53AB40F9-42A1-0
Deleted C:\ProgramData\53AB40F9-7255-1
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\SafeSavings
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Pavel\AppData\Local\slimware utilities inc
Deleted C:\Users\Pavel\AppData\Roaming\DRPSu
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted C:\Users\Pavel\AppData\Roaming\Tencent
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\ACPTab
Deleted HKCU\Software\BSD
Deleted HKCU\Software\InSTab
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|PCAcceleratePro.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{53e2f62a-3083-46e6-8527-cf89e4acb4ae}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Itibiti.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Itibiti.exe
Deleted HKCU\Software\MySafeSavings
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\System Healer
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0B0A4E06-CAA9-4B24-8008-887D71444E0D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{13E320A2-0F14-4390-9D44-D2F892F419BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4C8445FD-B9E2-4E0A-B27C-F36225E8FBCE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AEE94BA1-E1D6-411E-8202-260422E14465}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C262D0B8-521C-4BEE-9C64-C87C465611A3}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C6273DF3-B070-469A-91A1-FACA4C33E1F7}
Deleted HKLM\Software\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\CompeteInc
Deleted HKLM\Software\Wow6432Node\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\Compete
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Compete
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
Deleted Default
Deleted Default
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6930 octets] - [14/06/2019 22:53:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.19
Platform: x64 Windows 8.1 (Pro), 6.3.9600.19206, Service Pack: 0
Time: 14.06.2019 - 23:02 (UTC-07:00)
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Pavel (group: Administrator) on ASUSGAMING, FirstRun: yes
Chrome: 74.0.3729.169
Internet Explorer: 11.0.9600.19204
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Fraps\fraps.exe
1 C:\Fraps\fraps64.dat
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
1 C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
1 C:\Program Files\iPod\bin\iPodService.exe
1 C:\Program Files\iTunes\iTunesHelper.exe
4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
1 C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Pavel\Desktop\adwcleaner_7.3.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://www.exlee.com/results.php?f=...0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={searchTerms} - Exlee
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/sea...ertech_16_20&os_ver=6.3&os=Windows+8.1+Pro&p={searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: [TopResultURLFallback] = http://www.exlee.com/results.php?f=...0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/...?? I've done all the scans and here they are:
Ran by Pavel (administrator) on 14-06-2019 at 23:06:44
Running from "C:\Users\Pavel\Desktop"
Microsoft Windows 8.1 Pro (X64)
Model: G46VW Manufacturer: ASUSTeK COMPUTER INC.
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : ASUSGAMING
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
Physical Address. . . . . . . . . : 08-60-6E-1E-E5-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Ethernet adapter Bluetooth Network Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
Physical Address. . . . . . . . . : 60-36-DD-8F-DC-15
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host google.com. Please check the name and try again.
Server: UnKnown
Address: 127.0.0.1
Ping request could not find host yahoo.com. Please check the name and try again.
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
20...08 60 6e 1e e5 06 ......Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30)
17...60 36 dd 8f dc 15 ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
1 306 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog5 08 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog5 08 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib) (User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT) (User: )
Description: svchost (1872) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\SRU\SRU0399F.log.
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
System errors:
=============
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Update Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:56:09 PM) (Source: Service Control Manager) (User: )
Description: The Service Mgr HooplaSearch service failed to start due to the following error:
%%2 = The system cannot find the file specified.
Error: (06/14/2019 10:55:35 PM) (Source: BTHUSB) (User: )
Description: The local adapter does not support an important Low Energy controller state. The minimum required supported state mask is 0x1f7fffff, got 0x1f3fffff. Low Energy functionality will be disabled.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:26 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (06/14/2019 10:54:08 PM) (Source: Service Control Manager) (User: )
Description: The QMEmulatorService service terminated unexpectedly. It has done this 1 time(s).
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service.
Error: (06/14/2019 10:54:07 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (06/14/2019 10:56:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
Error: (06/14/2019 10:56:38 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 10:44:41 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:45:16 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:20:17 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable
Error: (06/14/2019 06:18:24 PM) (Source: Perflib)(User: )
Description: rdyboost4
Error: (06/14/2019 06:18:00 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
Error: (06/13/2019 09:20:42 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (06/12/2019 10:00:00 PM) (Source: ESENT)(User: )
Description: svchost1872SRUJet: C:\Windows\system32\SRU\SRU0399F.log-1811 (0xfffff8ed)
Error: (06/12/2019 09:20:43 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004F074RuleId=eeba1977-569e-4571-b639-7623d8bfecc0;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
CodeIntegrity Errors:
===================================
Date: 2018-02-24 14:52:25.824
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-02-24 14:52:24.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:27.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-01-23 17:58:26.482
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.710
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:56:50.448
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.546
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-22 18:54:04.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:47.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-12 20:34:46.876
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
=========================== Installed Programs ============================
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.207 - Adobe)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AmazonBasics gaming software version 1.0.1.7 (HKLM-x32\...\AmazonBasics gaming software_is1) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{C1BCFECF-6EC2-4750-9072-5E2489423F8F}) (Version: 7.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B202C7F5-7DE3-4FBF-B259-E70E625F56FC}) (Version: 7.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B5A46811-3612-4DA5-8A5A-E6DED5D7C523}) (Version: 12.2.1.12 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0034 - ASUS)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 74.0.1376.132 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.53 - Piriform)
Chromium (HKCU\...\Chromium) (Version: 51.0.2684.0 - Chromium)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Discord (HKCU\...\Discord) (Version: 0.0.305 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 425.31 - NVIDIA Corporation) Hidden
Driver - San Francisco (HKLM-x32\...\Driver - San Francisco_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
Dropbox (HKLM-x32\...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fallout 4 (HKLM\...\Steam App 377160) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry 4 (HKLM\...\Steam App 298110) (Version: - Ubisoft Montreal, Red Storm, Shanghai, Toronto, Kiev)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.169 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North)
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version: - Rockstar Games)
Grand Theft Auto: Vice City (HKLM\...\Steam App 12110) (Version: - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.5059 - Intel Corporation)
iTunes (HKLM\...\{A8AF3EF8-5010-4A92-BCCA-90F62A7D62B8}) (Version: 12.9.5.7 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
K-Lite Codec Pack 11.4.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.4.0 - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.62615.0 (HKLM-x32\...\{33D89314-361A-4495-A1E1-0ACBCE08F78D}) (Version: 10.0.62615.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Steam Edition (HKLM\...\Steam App 314160) (Version: - Microsoft Game Studios)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Need for Speed: Hot Pursuit (HKLM\...\Steam App 47870) (Version: - Criterion Games)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 425.31 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 425.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 425.31 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 23.0.0 - OBS Project)
Oracle VM VirtualBox 6.0.8 (HKLM\...\{C549898A-9AA8-4CF6-8290-EF5DB8ECA766}) (Version: 6.0.8 - Oracle Corporation)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Project CARS (HKLM\...\Steam App 234630) (Version: - Slightly Mad Studios)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Redragon Kumara Gaming Mechanical keyboard driver (HKLM-x32\...\{12F382E1-63D4-4B94-BD32-5F845E74FC79}) (Version: 2017.07.04 - Eastern Times Technology Co., Ltd )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
Search the Web (Yahoo) (HKLM-x32\...\a92e2408) (Version: - )
Sonic Foundry ACID 4.0 (HKLM-x32\...\{2A38B5AA-EA84-4F87-9937-2FB23982243A}) (Version: 4.0.215 - Sonic Foundry)
Sony Vegas 5.0b (HKLM-x32\...\{A7401380-F015-475B-A5AA-7AE1F23B3DB3}) (Version: 5.0.160 - Sony)
Spintires: The Original Game (HKLM\...\Steam App 263280) (Version: - Oovee® Game Studios)
Spotify (HKCU\...\Spotify) (Version: 1.1.8.439.g8502297d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tencent Gaming Buddy (HKLM-x32\...\MobileGamePC) (Version: 1.0.0.1 - Tencent Technology Company)
Unturned (HKLM\...\Steam App 304930) (Version: - Smartly Dressed Games)
Uplay (HKLM-x32\...\Uplay) (Version: 65.0 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.6 - VideoLAN)
Windows Movie Maker 2019 (HKLM\...\{9CC29C6A-B5FE-497B-8F23-52A2557A92C0}}_is1) (Version: - VideoWin)
Wondershare Filmora9(Build 9.1.2) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
========================= Devices: ================================
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0001
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: ROOT\MEDIA\0003
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
========================= Memory info: ===================================
Percentage of memory in use: 30%
Total physical RAM: 8077.55 MB
Available physical RAM: 5593.14 MB
Total Virtual: 12045.55 MB
Available Virtual: 8398.67 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.42 GB) (Free:93.95 GB) NTFS
========================= Users: ========================================
User accounts for \\ASUSGAMING
Administrator ASPNET Guest
Pavel
**** End of log ****
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2019
# Duration: 00:00:09
# OS: Windows 8.1 Pro
# Cleaned: 60
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SafeSavings
Deleted C:\ProgramData\53AB40F9-42A1-0
Deleted C:\ProgramData\53AB40F9-7255-1
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\SafeSavings
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Pavel\AppData\Local\slimware utilities inc
Deleted C:\Users\Pavel\AppData\Roaming\DRPSu
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted C:\Users\Pavel\AppData\Roaming\Tencent
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\ACPTab
Deleted HKCU\Software\BSD
Deleted HKCU\Software\InSTab
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|PCAcceleratePro.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{53e2f62a-3083-46e6-8527-cf89e4acb4ae}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Itibiti.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Itibiti.exe
Deleted HKCU\Software\MySafeSavings
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\System Healer
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0B0A4E06-CAA9-4B24-8008-887D71444E0D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{13E320A2-0F14-4390-9D44-D2F892F419BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4C8445FD-B9E2-4E0A-B27C-F36225E8FBCE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AEE94BA1-E1D6-411E-8202-260422E14465}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C262D0B8-521C-4BEE-9C64-C87C465611A3}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C6273DF3-B070-469A-91A1-FACA4C33E1F7}
Deleted HKLM\Software\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\CompeteInc
Deleted HKLM\Software\Wow6432Node\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\Compete
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Compete
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
Deleted Default
Deleted Default
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6930 octets] - [14/06/2019 22:53:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.19
Platform: x64 Windows 8.1 (Pro), 6.3.9600.19206, Service Pack: 0
Time: 14.06.2019 - 23:02 (UTC-07:00)
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Pavel (group: Administrator) on ASUSGAMING, FirstRun: yes
Chrome: 74.0.3729.169
Internet Explorer: 11.0.9600.19204
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Fraps\fraps.exe
1 C:\Fraps\fraps64.dat
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
1 C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
1 C:\Program Files\iPod\bin\iPodService.exe
1 C:\Program Files\iTunes\iTunesHelper.exe
4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
1 C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Pavel\Desktop\adwcleaner_7.3.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_nrssi_18_05_ssg01¶m1=1¶m2=f=1&b=IE&cc=us&pa=wincy&cd=2XzuyEtN2Y1L1QzuyCtDtAyC0D0Dzz0F0D0CtCyD0D0AtDtBtN0D0Tzu0StBtBtByEtN1L2XzuyEtFtBtCtFtDtFzzyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0C0BzzyBzz0CtDtGtDtAzyzztG0DzyyDzytGyEtBtAyBtG0DtA0CyEyD0EyByE0Fzz0D0B2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0F0D0A0Azz0FyBtG0C0AyDtBtGyEtCzz0AtG0AtAtD0AtGtAtA0D0C0EyC0EtCtDyCyB0B2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCyDzytDyBtN1Q2Z1B1P1RzutCyDtCyByCtAtCzzyEtB&cr=1176942977&a=wbf_nrssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://www.exlee.com/results.php?f=...0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={searchTerms} - Exlee
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/sea...ertech_16_20&os_ver=6.3&os=Windows+8.1+Pro&p={searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: [TopResultURLFallback] = http://www.exlee.com/results.php?f=...0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={searchTerms} - YHS R4 - SearchScopes: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/...?? I've done all the scans and here they are:
Last edited by a moderator:
I'd rather you copy and paste the logs. I will edit your post for that, and the shot you provided is not of your device manager.
Seems like we are dealing with a bit of malware that needs to be treated.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Hit Ok.
Hit next make sure to leave all items checked, for removal.
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
2. Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Hit Ok.
Hit next make sure to leave all items checked, for removal.
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
2. Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.
I'm sorry they had similar names and I wasn't paying attention smh
adwcleaner:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-14-2019
# Duration: 00:00:09
# OS: Windows 8.1 Pro
# Cleaned: 60
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\Program Files (x86)\SafeSavings
Deleted C:\ProgramData\53AB40F9-42A1-0
Deleted C:\ProgramData\53AB40F9-7255-1
Deleted C:\ProgramData\BSD\DriverHive
Deleted C:\ProgramData\BSD\DriverHiveEngine
Deleted C:\ProgramData\SafeSavings
Deleted C:\ProgramData\Tencent
Deleted C:\Users\Pavel\AppData\Local\slimware utilities inc
Deleted C:\Users\Pavel\AppData\Roaming\DRPSu
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Tencent
Not Deleted C:\Users\Pavel\AppData\Roaming\Tencent
***** [ Files ] *****
Deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
Deleted C:\Windows\System32\drivers\swdumon.sys
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\ACPTab
Deleted HKCU\Software\BSD
Deleted HKCU\Software\InSTab
Deleted HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION|PCAcceleratePro.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{53e2f62a-3083-46e6-8527-cf89e4acb4ae}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AE5E8B88-E8FC-45E6-8A5B-20D1DC910AE9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Itibiti.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\drp.su
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Itibiti.exe
Deleted HKCU\Software\MySafeSavings
Deleted HKCU\Software\Norassie
Deleted HKCU\Software\PRODUCTSETUP
Deleted HKCU\Software\ProductSetup\Uninstall\0B2U2Z1P0F1P1G1R1P1V0A1Q1Q0O1G
Deleted HKCU\Software\ProductSetup\Uninstall\0S1P1T1C1R1MtT0P1C1F2X1L1Q1P1QtT1S2UtT0Y1T1M1F1F
Deleted HKCU\Software\System Healer
Deleted HKCU\Software\csastats
Deleted HKCU\Software\drpsu
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{0B0A4E06-CAA9-4B24-8008-887D71444E0D}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{13E320A2-0F14-4390-9D44-D2F892F419BE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{4C8445FD-B9E2-4E0A-B27C-F36225E8FBCE}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{AEE94BA1-E1D6-411E-8202-260422E14465}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C262D0B8-521C-4BEE-9C64-C87C465611A3}
Deleted HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{C6273DF3-B070-469A-91A1-FACA4C33E1F7}
Deleted HKLM\Software\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Classes\METNSD
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
Deleted HKLM\Software\Wow6432Node\BSD
Deleted HKLM\Software\Wow6432Node\CompeteInc
Deleted HKLM\Software\Wow6432Node\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D87094D-49E1-4C72-8C9E-3D937A119BE5}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\MySafeSavings
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}
Deleted HKLM\Software\Wow6432Node\drpsu
Deleted HKU\.DEFAULT\Software\AppDataLow\Software\Compete
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Deleted HKU\S-1-5-18\Software\AppDataLow\Software\Compete
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
***** [ Chromium (and derivatives) ] *****
Deleted Search Manager
Deleted Search Manager
***** [ Chromium URLs ] *****
Deleted Default
Deleted Default
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [6930 octets] - [14/06/2019 22:53:42]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
hijack:
Logfile of HiJackThis Fork by Alex Dragokas v.2.9.0.19
Platform: x64 Windows 8.1 (Pro), 6.3.9600.19206, Service Pack: 0
Time: 14.06.2019 - 23:02 (UTC-07:00)
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Pavel (group: Administrator) on ASUSGAMING, FirstRun: yes
Chrome: 74.0.3729.169
Internet Explorer: 11.0.9600.19204
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
1 C:\Fraps\fraps.exe
1 C:\Fraps\fraps64.dat
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
1 C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
1 C:\Program Files (x86)\AmazonBasics gaming software\AmazonBasics gaming software.exe
1 C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
1 C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\Bonjour\mDNSResponder.exe
1 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
2 C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
2 C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
1 C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
1 C:\Program Files\TxGameAssistant\AppMarket\AppMarket.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
1 C:\Program Files\TxGameAssistant\AppMarket\QQExternal.exe
1 C:\Program Files\iPod\bin\iPodService.exe
1 C:\Program Files\iTunes\iTunesHelper.exe
4 C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\SwReporter\41.204.201.3\software_reporter_tool.exe
1 C:\Users\Pavel\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Pavel\Desktop\adwcleaner_7.3.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\DbxSvc.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\conhost.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dasHost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\igfxCUIService.exe
1 C:\Windows\System32\igfxEM.exe
1 C:\Windows\System32\igfxHK.exe
1 C:\Windows\System32\igfxTray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
12 C:\Windows\System32\svchost.exe
3 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhostex.exe
1 C:\Windows\System32\wbem\WMIADAP.exe
1 C:\Windows\System32\wbem\WmiApSrv.exe
1 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web...ssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web...ssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R0-32 - HKLM\Software\Microsoft\Internet Explorer\Main: [Start Page] = https://us.search.yahoo.com/yhs/web...ssi_18_05_ssg01&os_ver=6.3&os=Windows+8.1+Pro
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxyOverride] = *.local
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: [URL,TopResultURLFallback] = http://www.exlee.com/results.php?f=...0EyC0EtCtDyCyB0B2QtN0A0LzuyE&cr=1239128798&q={searchTerms} - Exlee
R4 - SearchScopes: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146}: = https://us.search.yahoo.com/yhs/...t.com/Search.aspx?q=KB4503276]Download Update[/b][/color]
User Account Control enabled (Level 3)
Notify before download
Date install updates: 2018-12-22 01:25:11
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
Windows Defender (disabled and out of date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and out of date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.19.5.2378
Avast Update Helper v.1.4.154.333
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.3.0.6 Warning! Download Update
NVIDIA GeForce Experience 3.14.1.48 v.3.14.1.48 Warning! Download Update
Oracle VM VirtualBox 6.0.8 v.6.0.8
paint.net v.4.0.6
K-Lite Codec Pack 11.4.0 Full v.11.4.0 Warning! Download Update
Steam v.2.10.91.91
Microsoft .NET Framework 1.1 v.1.1.4322 Warning! This software is no longer supported.
--------------------------------- [ IM ] ----------------------------------
Discord v.0.0.305
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 211 (64-bit) v.8.0.2110.12
Java 8 Update 211 v.8.0.2110.12
Java SE Development Kit 8 Update 60 v.8.0.600.27 Warning! Download Update
Uninstall old version and install new one (jdk-8u211-windows-i586.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.9.5.7
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.19.0.0.190 Warning! Download Update
Adobe Flash Player 32 PPAPI v.32.0.0.207
Adobe Shockwave Player 12.3 v.12.3.4.204 Warning! This software is no longer supported. Please uninstall it.
swMSM v.12.0.0.1 << Hidden Warning! This software is no longer supported. Please uninstall it.
------------------------------- [ Browser ] -------------------------------
Avast Secure Browser v.74.0.1376.132
Google Chrome v.74.0.3729.169 Warning! Download Update
------------------ [ AntivirusFirewallProcessServices ] -------------------
aswbIDSAgent (aswbIDSAgent) - The service has stopped
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.19.4.4318.533
aswbIDSAgent (aswbIDSAgent) - The service has stopped
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.19.4.4318.0
Windows Defender Service (WinDefend) - The service has stopped
Windows Defender Network Inspection Service (WdNisSvc) - The service has stopped
Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Search the Web (Yahoo) Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
Tencent Gaming Buddy v.1.0.0.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
MySafeSavings v.1.0.1.7 Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
Itibiti RTC v.0.0.1 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
----------------------------- [ End of Log ] ------------------------------
After the above, please re-run adware cleaner with the following items ticked under settings. Then produce the new log.
i already have an anti virus; avastSeems like we are dealing with a bit of malware that needs to be treated.
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
Hit Ok.
Hit next make sure to leave all items checked, for removal.
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.
2. Once you have started the program, you will need to click the scanner button.
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.
In your next reply I need:
Adware Removal Tool log.
Zhp Cleaner Log.
Adware Cleaner log with new settings ticked.
Adware Removal Tool log.
Zhp Cleaner Log.
Adware Cleaner log with new settings ticked.
I understand that, we are removing some malware/adware you seem to have accumulated. These are stand alone tools to remove adware, not replace your antivirus. These items can attribute to your connection issues.
The tools that we are using can be cleaned up easily at the end of this, I am not asking you to switch antivirus or anything. I am making sure there we cover all variables that may be causing your issues.
And from what I see there is no driver for your wireless connection.
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Please provide a screen shot of the device manager as requested. Here is a shot of mine.
Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
Please provide a screen shot of the device manager as requested. Here is a shot of mine.
- Status