Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Virus Problem, Please Help

This is a discussion on Virus Problem, Please Help within the Resolved HJT Threads forums, part of the Tech Support Forum category. hello, my computer is acting up (slower than a snail and sometimes, when I click on a program to open


Like Tree2Likes
 
 
Thread Tools Search this Thread
Old 12-13-2018, 12:07 AM   #1
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:


Red Faced

hello, my computer is acting up (slower than a snail and sometimes, when I click on a program to open it, the whole screen turns almost white), aside from that, people who go to my blog say that they are redirected to page containing the words widgetserver.com. My visitors are complaining that they cannot pass from that page, so I need help. I do not know enough to get rid of a redirect virus on my own. Your assistance will be greatly appreciated.

I have run dds and am enclosing the log.

Thank you so very much!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19203
Run by Clotilde at 0:52:19 on 2018-12-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6072.1174 [GMT -7:00]
.
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET Security *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\ESET\ESET Security\ekrn.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\ESET\ESET Security\egui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\paint.net\PaintDotNet.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://hp13.msn.com
mStart Page = about:blank
mDefault_Page_URL = hxxp://hp13.msn.com
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
uRun: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Works Update Detection] C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Syncios device service] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{C448E5AE-83C5-40EF-9876-08D07D2201C8} : DHCPNameServer = 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Program Files (x86)\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
mASetup: {48F69C39-1356-4A7B-A899-70E3539D4982} - "C:\Program Files (x86)\AVG\Browser\Application\70.1.682.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [ZAM] "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized
x64-Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 Spywareinfo.com
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Clotilde\AppData\Roaming\Mozilla\Firefox\Profiles\ph5zoyns.default-1539581929115\
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 edevmon;edevmon;C:\Windows\System32\drivers\edevmon.sys [2018-11-29 107896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-10-9 1398936]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-10-9 30360]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-5-18 22800]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2015-7-31 91912]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2018-11-29 143448]
R1 EpfwLWF;ESET Firewall;C:\Windows\System32\drivers\EpfwLWF.sys [2018-10-17 61528]
R1 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2018-10-17 109864]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2018-10-6 152688]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 ZAM;ZAM Helper Driver;C:\Windows\System32\drivers\zam64.sys [2018-12-7 203680]
R1 ZAM_Guard;ZAM Guard Driver;C:\Windows\System32\drivers\zamguard64.sys [2018-12-7 203680]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-12-4 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-10-28 1710456]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-10-28 1165688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-3-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-3-26 128584]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2018-11-28 51024]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 ekbdflt;ekbdflt;C:\Windows\System32\drivers\ekbdflt.sys [2018-10-17 50144]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-7-31 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-8-21 99128]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2015-1-27 44680]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2014-6-9 35640]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-9 18584]
R2 iBtSiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-10-28 124520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-5-18 344168]
R2 IntelUSBoverIP;IntelUSBoverIP;C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-1-14 395744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2018-12-13 198512]
R3 A6100;NETGEAR A6100 WiFi Adapter;C:\Windows\System32\drivers\A6100.sys [2018-1-15 7694920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2015-7-31 41704]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2015-7-31 38720]
R3 ekrnEpfw;ESET Firewall Helper;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2015-7-31 216360]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-5-18 387344]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-5-18 797456]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2015-1-14 27000]
R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2018-12-7 161408]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2018-12-13 126624]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2018-12-13 72536]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2018-12-13 261032]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2018-12-13 103760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-7-31 977624]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2015-2-13 33448]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2015-1-14 212056]
S2 avast;%1!s! Update Service (avast);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S2 avg;%1!s! Update Service (avg);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9;C:\Windows\System32\drivers\aftap0901.sys [2018-3-6 48624]
S3 avastm;%1!s! Update Service (avastm);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S3 avgm;%1!s! Update Service (avgm);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2014-10-28 141624]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2014-11-26 1448248]
S3 btmlehid;Intel Bluetooth Low Energy HID Service;C:\Windows\System32\drivers\btmlehid.sys [2014-11-5 83768]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2016-8-16 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\Windows\System32\drivers\ibtusb.sys [2014-10-28 230128]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-12-11 116224]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2015-1-14 38264]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-5-18 455440]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-5-13 887256]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-5-14 19456]
S3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2015-7-31 781528]
S3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2015-7-31 377048]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-2-13 33448]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-5-14 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-5-14 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-5-14 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
.
=============== Created Last 30 ================
.
2018-12-13 07:40:22 72536 ----a-w- C:\Windows\System32\drivers\mbam.sys
2018-12-13 07:40:07 198512 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys
2018-12-13 07:40:03 261032 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys
2018-12-13 07:40:03 126624 ----a-w- C:\Windows\System32\drivers\farflt.sys
2018-12-13 07:40:02 103760 ----a-w- C:\Windows\System32\drivers\mwac.sys
2018-12-12 12:06:00 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2736.dll
2018-12-12 10:44:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2716.dll
2018-12-11 11:06:03 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2656.dll
2018-12-10 01:24:13 14845712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\mpengine.dll
2018-12-07 10:23:14 203680 ----a-w- C:\Windows\System32\drivers\zam64.sys
2018-12-07 10:23:12 203680 ----a-w- C:\Windows\System32\drivers\zamguard64.sys
2018-12-07 10:22:51 161408 ----a-w- C:\Windows\System32\drivers\KeyCrypt64.sys
2018-12-07 10:22:44 -------- d-----w- C:\Program Files (x86)\KeyCryptSDK
2018-12-07 10:22:42 -------- d-----w- C:\Program Files (x86)\Zemana AntiLogger
2018-12-07 10:22:22 -------- d-----w- C:\Users\Clotilde\AppData\Local\Zemana
2018-12-07 06:37:59 51712 ----a-w- C:\Windows\System32\vmictimeprovider.dll
2018-12-07 06:36:55 634272 ----a-w- C:\Windows\System32\winload.exe
2018-12-04 19:50:22 255472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2018-12-02 06:21:47 334488 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2018-11-29 17:54:40 143448 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2018-11-29 17:54:40 107896 ----a-w- C:\Windows\System32\drivers\edevmon.sys
2018-11-28 13:09:04 51024 ----a-w- C:\Windows\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\Windows\System32\drivers\dbx-stable.sys
2018-11-18 10:08:21 -------- d-----w- C:\NPE
.
==================== Find3M ====================
.
2018-12-13 07:38:15 152688 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2018-12-06 03:48:46 842240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2018-12-06 03:48:46 175104 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2018-12-06 02:39:38 3227648 ----a-w- C:\Windows\System32\win32k.sys
2018-11-28 22:02:47 12574720 ----a-w- C:\Windows\System32\wmploc.DLL
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\msdxm.ocx
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\dxmasf.dll
2018-11-28 22:02:44 9728 ----a-w- C:\Windows\System32\spwmp.dll
2018-11-28 21:50:18 12574208 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2018-11-28 21:38:20 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2018-11-27 01:33:44 592416 ------w- C:\Windows\System32\MpSigStub.exe
2018-11-15 01:51:22 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-11-15 01:50:24 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-11-13 04:54:41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-11-13 04:54:28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-11-13 04:41:00 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-11-13 04:40:17 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-11-13 04:40:11 417280 ----a-w- C:\Windows\System32\html.iec
2018-11-13 04:39:43 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-11-13 04:35:33 5778944 ----a-w- C:\Windows\System32\jscript9.dll
2018-11-13 04:28:52 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-11-13 04:28:51 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-11-13 04:28:31 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-11-13 04:26:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-11-13 04:21:22 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-11-13 04:13:57 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-11-13 04:13:15 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-11-13 04:13:04 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-11-13 04:12:13 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-11-13 04:11:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-11-13 04:11:17 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-11-13 04:03:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-11-13 04:03:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-11-13 03:51:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-11-13 03:50:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-11-13 03:50:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-11-13 03:49:59 2136064 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-11-13 03:42:08 4494848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-11-13 03:38:33 4859904 ----a-w- C:\Windows\System32\wininet.dll
2018-11-13 03:37:22 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-11-13 03:36:42 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-11-13 03:18:56 4386816 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-11-11 17:19:16 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-11-11 17:01:37 708328 ----a-w- C:\Windows\System32\winload.efi
2018-11-11 17:01:36 366824 ----a-w- C:\Windows\System32\drivers\msrpc.sys
2018-11-11 17:01:35 5551848 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-11-11 17:01:15 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-11-11 17:01:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-11-11 17:00:27 1664360 ----a-w- C:\Windows\System32\ntdll.dll
2018-11-11 16:57:40 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-11-11 16:49:44 4054760 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-11-11 16:49:09 3960040 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-11-11 16:47:23 1314104 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-11-11 16:44:39 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-11-11 16:25:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-11-11 16:25:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-11-11 16:25:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-11-11 16:24:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-11-11 16:20:50 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-11-11 16:20:16 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-11-11 16:19:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-11-11 16:19:32 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-11-11 16:16:39 160768 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-11-11 16:16:08 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-11-11 16:16:06 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-11-11 16:15:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-11-11 16:15:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-11-11 16:15:07 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-11-11 16:15:07 112640 ----a-w- C:\Windows\System32\smss.exe
2018-11-11 16:15:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-11-11 16:15:06 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-11-11 16:15:05 64512 ----a-w- C:\Windows\System32\drivers\amdk8.sys
2018-11-11 16:15:05 62464 ----a-w- C:\Windows\System32\drivers\intelppm.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\processr.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\amdppm.sys
2018-11-11 16:14:04 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-11-11 16:13:55 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-11-11 16:13:55 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-11 16:13:55 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-11 16:13:55 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-11-11 01:25:57 516608 ----a-w- C:\Windows\System32\rpcss.dll
2018-11-11 01:25:52 26112 ----a-w- C:\Windows\System32\oleres.dll
2018-11-11 01:25:52 2072576 ----a-w- C:\Windows\System32\ole32.dll
2018-11-11 01:24:56 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-11-11 01:10:52 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2018-11-11 01:10:51 1425920 ----a-w- C:\Windows\SysWow64\ole32.dll
2018-11-11 00:47:49 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2018-11-08 16:58:35 2009600 ----a-w- C:\Windows\System32\msxml6.dll
2018-11-08 16:58:35 1889280 ----a-w- C:\Windows\System32\msxml3.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2018-11-08 16:43:47 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2018-11-08 16:43:47 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
2018-11-06 04:36:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-11-06 04:20:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-10-27 03:42:17 28160 ----a-w- C:\Windows\System32\wshcon.dll
.
============= FINISH: 0:55:40.05 ===============
goodtaste is offline  
Sponsored Links
Advertisement
 
Old 12-13-2018, 03:22 AM   #2
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

It appears that you have two antivirus programs installed and running, ESET and MBAM.

While this may seem like better protection, they can actually conflict with one another and cause system instability or even system hangs.

Please choose one to keep and uninstall the other via Programs and Features in your Control Panel.

------------------------------------------------------

It appears you didn't attach the second dds log, Attach.txt, to your initial post. It should be on your desktop. If not...

Press the Windows "logo" key and "R" key then copy/paste the following into the Run box and click OK:

%temp%\attach.txt

A text file should open. Save it to your desktop then attach that file to your next reply.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-18-2018, 03:03 AM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Still with us, goodtaste? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Sponsored Links
Advertisement
 
Old 12-19-2018, 04:01 AM   #4
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



I am sorry you hadn't heard from me before today, I am having lots of problems with my laptop. I will uninstall ESET, I only run it occasionally.
Here is the other log. I did not post it before because it says that unless prompted to do so, not to post it:

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 8/16/2015 1:30:51 AM
System Uptime: 12/12/2018 5:21:24 PM (7 hours ago)
.
Motherboard: Hewlett-Packard | | 8093
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz | U3E1 | 880/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 436 GiB total, 319.835 GiB free.
D: is FIXED (NTFS) - 29 GiB total, 3.014 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Dynamic Volume Manager
Device ID: ROOT\LEGACY_VOLMGRX\0000
Manufacturer:
Name: Dynamic Volume Manager
PNP Device ID: ROOT\LEGACY_VOLMGRX\0000
Service: volmgrx
.
==== System Restore Points ===================
.
RP169: 12/6/2018 10:34:53 PM - Windows Update
RP170: 12/7/2018 3:03:52 AM - Windows Update
RP171: 12/7/2018 4:35:14 AM - Windows Update
RP172: 12/12/2018 3:00:44 AM - Windows Update
.
==== Installed Programs ======================
.
7-Zip 18.05 (x64 edition)
Adobe Acrobat Reader DC
Adobe Flash Player 32 PPAPI
Adobe Refresh Manager
Adobe Shockwave Player 12.3
Amazon Kindle
Apple Application Support (32-bit)
Apple Application Support (64-bit)
Apple Mobile Device Support
Apple Software Update
Artisan CD/DVD Burner
Autodesk Pixlr
AVG Secure Browser
AVG Update Helper
Azkend 2: The World Beneath
Barn Yarn Collector's Edition
Bonjour
CDBurnerXP
CollageIt 1.9.5
Coyote The Outlander
Crochet Charts
CyberLink Power2Go 8
CyberLink YouCam
D3DX10
Delicious: Emily's Wonder Wedding Premium Edition
DisableMSDefender
doPDF
doPDF 8
Dropbox
Dropbox 25 GB
Dropbox Update Helper
Ellen G. White Writings Comprehensive Research Edition 2008
Energy Star
Entwined: The Perfect Murder
ESET Security
ESU for Microsoft Windows 7 SP1
Evernote v. 5.8.1
Foxit PhantomPDF
Free eXPert PDF Reader
Gimp 2.6.0
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hewlett-Packard ACLM.NET v1.2.2.3
Hidden Odyssey 2 in 1 Pack
Home Makeover
HP 3D DriveGuard
HP CoolSense
HP Customer Experience Enhancements
HP Deskjet 1010 series Basic Device Software
HP Deskjet 1010 series Help
HP Documentation
HP On Screen Display
HP Photo Creations
HP Quick Launch
HP Recovery Manager
HP Setup
HP SimplePass
HP Support Assistant
HP Update
Imperial Island: Birth of an Empire
Inkscape 0.91
Insane Cold: Back to the Ice Age
Inst5675
Inst5676
Intel(R) Chipset Device Software
Intel(R) Dynamic Platform and Thermal Framework
Intel(R) Management Engine Components
Intel(R) ME UninstallLegacy
Intel(R) PRO/Wireless Driver
Intel(R) Processor Graphics
Intel(R) Rapid Storage Technology
Intel(R) USB 3.0 eXtensible Host Controller Driver
Intel(R) WiDi
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356)
Intel® PROSet/Wireless Software
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
IrfanView 4.51 (32-bit)
iTunes
Junk Mail filter update
Lost Souls: Timeless Fables Collector's Edition
Magic Heroes: Save Our Park
Malwarebytes version 3.6.1.2711
Manor Memoirs Collector's Edition
Microsoft .NET Framework 4.7.2
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2000 Professional
Microsoft OneDrive
Microsoft Picture It! Express 7.0
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40660
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40660
Movie Maker
Mozilla Firefox 63.0.3 (x64 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Mystery Expedition: Prisoners of Ice
NETGEAR A6100 Genie
Norton Security Scan
novaPDF 8 add-in for Microsoft Office (x64)
novaPDF 8 add-in for Microsoft Office (x86)
novaPDF 8 Printer Driver
novaPDF 8 SDK COM (x64)
novaPDF 8 SDK COM (x86)
OpenOffice 4.1.1
opensource
paint.net
PDF Reader for Windows 7
Photo Common
Photo Gallery
Plagiarii
Polar Bowler 1st Frame
Product Improvement Study for HP Deskjet 1010 series
QuickTime 7
Realtek Card Reader
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Rory's Restaurant
Royal Envoy Double Pack
Runefall
Rush Hour! Gas Station
Samsung Master
Samsung USB Driver
Sky High Farm
Skype version 8.28
Solitaire Mystery Four Seasons
SUPERAntiSpyware
swMSM
Synaptics Pointing Device Driver
Syncios 6.2.0
Update for Microsoft .NET Framework 4.7.2 (KB4087364)
Update for Microsoft .NET Framework 4.7.2 (KB4457035)
Update for Microsoft .NET Framework 4.7.2 (KB4459942)
Update for Microsoft .NET Framework 4.7.2 (KB4470640)
UserTesting
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player
VSDC Free Video Editor version 5.8.7.830
Web Companion
WildTangent Games
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Wisdom-soft ScreenHunter 6.0 Free
YoutubeMovieMaker
Zemana AntiLogger
ZipGenius 6.3
.
==== Event Viewer Messages From Past Week ========
.
12/9/2018 7:58:21 PM, Error: Schannel [36887] - The following fatal alert was received: 70.
12/9/2018 2:28:43 AM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
12/8/2018 6:11:29 PM, Error: Service Control Manager [7023] -
12/8/2018 6:03:09 PM, Error: Service Control Manager [7022] - The SSDP Discovery service hung on starting.
12/8/2018 6:03:09 PM, Error: Service Control Manager [7001] - The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: After starting, the service hung in a start-pending state.
12/8/2018 6:01:37 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}
12/8/2018 6:01:26 PM, Error: Service Control Manager [7022] - The IPsec Policy Agent service hung on starting.
12/8/2018 6:00:01 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/8/2018 10:10:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SynTPEnhService service.
12/7/2018 4:37:16 AM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/6/2018 3:55:29 AM, Error: Service Control Manager [7043] - The ESIF Upper Framework Service service did not shut down properly after receiving a preshutdown control.
12/6/2018 3:54:57 AM, Error: Service Control Manager [7043] - The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
12/6/2018 3:54:24 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control.
12/12/2018 5:29:39 PM, Error: Service Control Manager [7000] - The %1!s! Update Service (avast)!s! Update Service (avast)!s! Update Service (avast)!s! Update Service (avast) service failed to start due to the following error: The system cannot find the file specified.
12/12/2018 5:29:38 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: volmgrx
12/12/2018 5:24:45 PM, Error: Service Control Manager [7022] - The IKE and AuthIP IPsec Keying Modules service hung on starting.
12/12/2018 5:24:40 PM, Error: Service Control Manager [7022] - The Function Discovery Resource Publication service hung on starting.
12/12/2018 5:22:03 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126
12/12/2018 4:01:31 AM, Error: Service Control Manager [7022] - The Windows Search service hung on starting.
12/12/2018 3:46:43 AM, Error: Service Control Manager [7043] - The Malwarebytes Service service did not shut down properly after receiving a preshutdown control.
12/12/2018 3:46:06 AM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
12/12/2018 1:58:04 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
12/12/2018 1:56:49 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
12/11/2018 6:13:58 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek8723AU service.
12/11/2018 6:13:58 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.
12/11/2018 6:13:58 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/11/2018 4:13:38 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the VaultSvc service.
12/11/2018 2:22:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
12/11/2018 2:22:43 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the EFS service.
12/11/2018 10:28:31 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
12/11/2018 10:26:31 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/10/2018 1:37:57 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
.
==== End Of File ===========================
goodtaste is offline  
Old 12-19-2018, 08:06 PM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello goodtaste.

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
icotonev likes this.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-25-2018, 01:09 AM   #6
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



I have tried to post this reply before, unsuccessfully. The site keeps saying that it is too long. So I will separate it into two replies to see if it works.

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database:
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-19-2018
# Duration: 00:00:14
# OS: Windows 7 Professional
# Cleaned: 7
# Failed: 2


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted SwagButton

***** [ Chromium URLs ] *****

Deleted Ask.com
Deleted Ask
Deleted https://mysearch.avg.com/?cid={98A9DCF9-23B7-4499-BFAE-BD7DDE2C274C}&mid=492c8b23105647d3a655d1565033bcec-6f585ccd9e409817ae25410f8ae9b323b5b65e9e&lang=en&ds=co012&pr=sa&d=2013-09-15 14:17:53&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
Not Deleted mysearch.avg.com
Not Deleted AOL
Deleted https://mysearch.avg.com/?cid={98A9DCF9-23B7-4499-BFAE-BD7DDE2C274C}&mid=492c8b23105647d3a655d1565033bcec-6f585ccd9e409817ae25410f8ae9b323b5b65e9e&lang=en&ds=co012&pr=sa&d=2013-09-15 14:17:53&v=15.4.0.5&pid=safeguard&sg=0&sap=hp
Deleted mysearch.avg.com
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
goodtaste is offline  
Old 12-25-2018, 01:14 AM   #7
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



I have repeatedly tried to post FRST.txt but the site says that it is too long. What should I do? Please advice.

Thank you!
goodtaste is offline  
Old 12-25-2018, 02:38 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Please attach both the FRST.txt and Addition.txt logs to your next reply.

Click the [Manage Attachments] button. It's located under [Additional Options] at the bottom of the composition page after clicking the Post Reply button. Browse to the files(should be on your desktop or wherever you saved FRST64), and click Upload.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-27-2018, 10:10 AM   #9
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Any trouble with the attaching instructions? Let me know.

The following is just an example. You want to attach the FRST.txt and Addition.txt logs.

__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-28-2018, 03:08 AM   #10
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



I did try to attach but the computer is acting up a LOT. Will try again.
Attached Files
File Type: txt Addition.txt (495.9 KB, 6 views)
File Type: txt FRST.txt (148.7 KB, 7 views)
goodtaste is offline  
Old 12-28-2018, 08:16 PM   #11
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, goodtaste. Thanks for the logs. Did you successfully uninstall ESET?

Run FRST64 again. Copy/paste the following bolded text into the Search window and click 'Search Registry':

AVG

Once done, a log will pop open. Please copy/paste the contents of the log here in your next reply.

The log, Search.txt, will also be saved at the same location that FRST64.exe is located.

If the log is too big, simply attach it to your next reply. Thanks.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 12-30-2018, 09:30 PM   #12
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



Sorry, it takes me a little to respond. My computer is not obeying very well. I ran the software again and I will attach the logs.
Attached Files
File Type: txt FRST.txt (148.1 KB, 5 views)
File Type: txt Addition.txt (495.8 KB, 5 views)
goodtaste is offline  
Old 12-31-2018, 08:24 PM   #13
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, goodtaste. Did you successfully uninstall ESET?

It appears you ran a scan again. I don't need another scan.

Please follow the previous directions to the letter. You have to enter AVG into the Search window and select 'Search Registry', not 'Scan'.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 01-01-2019, 02:55 AM   #14
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



Sorry about the misunderstanding. I did the AVG Search and will attach to this. I don't know how to get rid of the ESET since it is not installed in my computer, it is just a link to the online scanner.
Attached Files
File Type: txt SearchReg.txt (2.30 MB, 6 views)
goodtaste is offline  
Old 01-01-2019, 03:13 PM   #15
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, goodtaste. No worries. ESET is listed as installed in your latest Addition.txt log:

Quote:
==================== Installed Programs ======================

ESET Security (HKLM\...\{F1544F11-BFCC-43CC-9D0C-169A7E99369E}) (Version: 12.0.31.0 - ESET, spol. s r.o.)
Do you not see that entry in Programs and Features? If not, I need you to do another search as before:

Run FRST64 again. Copy/paste the following bolded text into the Search window and click 'Search Registry':

ESET

Once done, a log will pop open. Please copy/paste the contents of the log here in your next reply.

The log, Search.txt, will also be saved at the same location that FRST64.exe is located.

If the log is too big, simply attach it to your next reply. Thanks.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 01-02-2019, 01:27 AM   #16
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



Hi, I followed your instructions and here is the log (attached).
Attached Files
File Type: txt SearchReg.txt (1.96 MB, 13 views)
goodtaste is offline  
Old 01-02-2019, 07:27 PM   #17
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello again, goodtaste. Download the ESET Removal Tool and save it to your desktop:

https://www.bleepingcomputer.com/dow...t-uninstaller/

Run the tool and follow the prompts to remove ESET Security from your machine.

Let me know you were successful.

------------------------------------------------------

Open Notepad and copy/paste the entire contents of the codebox below into Notepad(don't forget to copy and paste REGEDIT4):

Code:
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}]
"SystemComponent"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}]
"SystemComponent"=-
Save the file as fix.reg and choose to Save as type: - All Files then close the Notepad file.
It should look like this:

Double-click on fix.reg and choose Yes to merge/add it to the registry. Please delete the file afterwards.

------------------------------------------------------

Uninstall the following via Programs and Features as they are not needed:

AVG Secure Browser
AVG Update Helper
Web Companion


You may or may not see 2 Web Companion entries. Uninstall both if necessary.

Let me know you were successful in uninstalling those entries, or if they weren't shown in Programs or Features.

------------------------------------------------------
icotonev likes this.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 01-04-2019, 01:46 AM   #18
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



Hi, I get blocked when I try to download the ESET Uninstaller. What do I do?
goodtaste is offline  
Old 01-04-2019, 03:13 AM   #19
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Download the uninstaller to USB stick on another computer and transfer it to your desktop.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 01-06-2019, 03:05 AM   #20
Registered Member
 
Join Date: Dec 2018
Posts: 21
OS:



After much struggle I was able to download the ESET Uninstaller onto my desktop. Then I had to fight to go into Safe Mode, for some reason it didn't want to do it. when I got it there, I ran the Uninstaller and this is the error message I got (see attachment). Do I have to be an Administrator to run this Uninstaller? It said that the scanner was called ESET Internet Security but when I wrote that, it refused to remove it!
Attached Thumbnails
Click image for larger version

Name:	ScreenHunter_2881 Jan. 06 03.37.jpg
Views:	17
Size:	97.4 KB
ID:	322476  
goodtaste is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
Problems
I believe I have some corruption and/or malware on this system. Its an overall pain in the butt. Here is DDS: DDS (Ver_2012-11-20.01) - NTFS_x86 Internet Explorer: 9.0.8112.16450 BrowserJavaVersion: 10.5.1 Run by Josh at 9:20:56 on 2012-12-01
Jtsou Inactive Malware Help Topics 48 12-21-2012 06:55 AM
I scanned =o
Hi. I was redirected from this thread and told to virus scan and stuff. So here it is! Dds: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 10.0.0 Run by Pojo at 11:59:08 on 2012-09-28 Microsoft Windows 7 Home Premium ...
Paranite Resolved HJT Threads 18 10-21-2012 07:25 AM
Virus slowing down my PC and blocking me out to remove it.
Hi. I've been having this problem with a virus for sometime now it is slowing down my computer blocks me to use famous antiviruses websites and i keep getting this msg telling me that MBAM cough a Trojan.Downloader virus in system32 i keep getting it like every 15 minutes and i have alot of...
Znoti Resolved HJT Threads 15 04-18-2012 02:49 PM
dwm.exe / csrss.exe / conhost.exe?
I am trying to clean up this computer for a friend - unfortunately someone else has already been messing around with it and trying to sort it out (I found various cleanup programs on the desktop) but to no avail. As far as I can see/have been told the symptoms have been - Hiding all documents...
lm03929z Resolved HJT Threads 20 05-09-2011 03:42 PM
computer freezes redirects to different sites on google
Please help. My computer has been running slow and many times when I upload a page it says it is not responding. The other issue is that when I do a search on google and click on the correct search,it directs me to another soliciting site. I have tried to run GMER both ways and it just will not...
lubo1 Inactive Malware Help Topics 8 02-21-2011 09:28 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:10 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts