Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

i believe u have a virus

This is a discussion on i believe u have a virus within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. microsoft security essentials says i have a virus and need to restart to clean it but every time i restart


Closed Thread
 
Thread Tools Search this Thread
Old 07-14-2019, 05:57 PM   #1
TSF Enthusiast
 
sirtokesalot's Avatar
 
Join Date: May 2008
Posts: 610
OS: windows 7

My System


microsoft security essentials says i have a virus and need to restart to clean it but every time i restart it says it again anyways. cannot remove it. i have windows 7 64 bit this started out as a lot of issues from browser tabs crashing almost constantly bsod's random pc lock ups where the mouse would move but couldent click or do anytihng unless i force restarted it. this morning i did a system restore and that fixed the lock ups and browser tab issues but the virus cleaning thing is still there.


heres the first log





Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2019
Ran by moo (administrator) on MOO-PC (MSI MS-7721) (14-07-2019 20:49:34)
Running from C:\Users\moo\Downloads
Loaded Profiles: moo (Available Profiles: moo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ALCPU -> ALCPU) C:\Program Files\Core Temp\Core Temp.exe
(Bils) [File not signed] C:\Program Files (x86)\PC Equalizer\PCEqualizer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Razer USA Ltd. -> Razer Inc) C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer USA Ltd. -> Razer Inc.) C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe
(SRS Labs, Inc -> SRS Labs, Inc.) C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM-x32\...\Run: [PCEqualizer] => C:\Program Files (x86)\PC Equalizer\PCEqualizer.exe [5970432 2018-12-30] (Bils) [File not signed]
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\Run: [SRS Audio Sandbox] => C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe [3676952 2010-01-07] (SRS Labs, Inc -> SRS Labs, Inc.)
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\Run: [Google Update] => C:\Users\moo\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-14] (Google Inc -> Google LLC)
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-07-02] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {139ac684-9a9f-11e8-b527-309c233e923a} - G:\setup.exe
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {139ac685-9a9f-11e8-b527-309c233e923a} - H:\Setup.exe
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {139ac686-9a9f-11e8-b527-309c233e923a} - I:\setup.exe
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {139ac687-9a9f-11e8-b527-309c233e923a} - J:\setup.exe
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {9cc79652-9d15-11e8-b27c-806e6f6e6963} - F:\Autorun.exe
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\...\MountPoints2: {de7e9a92-1579-11e0-aeb1-806e6f6e6963} - D:\DVDSetup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [127488 2014-09-29] () [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2005-09-27] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [442368 2005-09-27] (On2.com) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.100\Installer\chrmstp.exe [2019-06-18] (Google LLC -> Google LLC)
GroupPolicy\User: Restriction ? <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15EB8770-E8BE-435A-B898-EBE972FC106A} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1D03792D-DE51-44C6-BBE9-E3B3C61FD9A3} - System32\Tasks\{4922ACCA-2A38-4F62-B3FA-C1A010D23BE2} => C:\Program Files (x86)\Event 0\event0.exe [20671488 2016-09-14] () [File not signed]
Task: {267A3E63-654A-49B3-A229-8C6215A81CEB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-20] (Google Inc -> Google Inc.)
Task: {2819E0ED-C93F-49FD-AB3C-E5C041462CAF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178271911-2487205750-2762887493-1000UA => C:\Users\moo\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-20] (Google Inc -> Google Inc.)
Task: {2F57F06B-40E1-49CB-9A18-7C467FD177E4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648232 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3E4B8360-EC80-45F0-9E1C-1529648F3E6F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4C8BA2C8-5208-4D42-9D95-FB54F26AC723} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4F5B8E7B-5A1D-4E52-8F73-D11E089720BA} - System32\Tasks\{C8C90E3B-E551-47C0-BD09-3C8A4BFC9437} => C:\Program Files (x86)\Event 0\event0.exe [20671488 2016-09-14] () [File not signed]
Task: {5CD8F60C-7643-4601-8429-BB4AA478F703} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590888 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6F424E69-CB0C-4C0F-B029-FEAC2859B4E1} - System32\Tasks\BlueStacksHelper => C:\ProgramData\BlueStacks\Client\Helper\BlueStacksHelper.exe [745480 2019-04-16] (BlueStack Systems, Inc. -> BlueStack Systems, Inc.)
Task: {77D57630-AE2B-4692-A638-7FB505C7DD12} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-178271911-2487205750-2762887493-1000 => C:\Users\moo\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-02-19] (Mega Limited -> Mega Limited)
Task: {7BF72013-BC09-4605-B55D-BF8B64C8F31A} - System32\Tasks\Core Temp Autostart moo => C:\Program Files\Core Temp\Core Temp.exe [1010064 2019-05-18] (ALCPU -> ALCPU)
Task: {85BF06BA-30A6-4F01-AE20-1C2067683C03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728936 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8D0FF65B-0FEB-4E06-A961-96385580F63D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {956BB8F9-2B79-4441-8483-3076B4ED7512} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_192_Plugin.exe [1457208 2019-05-19] (Adobe Inc. -> Adobe)
Task: {A5045116-59F0-4D0B-962D-793FAF91C2D2} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849448 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {C3BEB967-509F-4045-A65B-E4F8D0F9543E} - System32\Tasks\{B2A275B3-D441-41C8-8429-42CCEFD93926} => C:\Windows\system32\pcalua.exe -a C:\Users\moo\Downloads\vcredist_x86(2).exe -d C:\Users\moo\Downloads
Task: {D42E9E17-B0FB-4FED-A183-9BC8DC18D86E} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [410784 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB37F3B8-D7CF-40B0-B968-91C5FF747FC8} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {DE20C62A-3783-4F6F-979B-89F714BB428C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-12-20] (Google Inc -> Google Inc.)
Task: {E7C89670-81FF-4C4E-B5A7-F827E587D81F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-178271911-2487205750-2762887493-1000Core => C:\Users\moo\AppData\Local\Google\Update\GoogleUpdate.exe [156968 2018-12-20] (Google Inc -> Google Inc.)
Task: {EA1B017E-0726-4FD8-92C4-285075728403} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849448 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F819013E-E293-4B70-B1A3-199C4C1C3DEC} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877096 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5A9CAB87-04F7-4F44-BAE2-D7F2ACCB7093}: [DhcpNameServer] 192.168.254.254
Tcpip\..\Interfaces\{C67C534F-48BD-480A-84D4-5D5E92751650}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{D0150125-F58E-44B7-BD52-F2285C6E5B5D}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{EA7CCEAD-1756-4A01-A84F-0D6F3713B0E6}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-178271911-2487205750-2762887493-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-178271911-2487205750-2762887493-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D061619-N0400A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-178271911-2487205750-2762887493-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?pc=COS2&ptag=D061619-N0400A21ABFDD9D88F4162B1F&form=CONBDF&conlogo=CT3332016&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-16] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF DefaultProfile: pxwegxtr.default
FF DefaultProfile: wg8mg47o.Default User-1555246507613
FF ProfilePath: C:\Users\moo\AppData\Roaming\Waterfox\Profiles\pxwegxtr.default [2018-10-27]
FF Homepage: Waterfox\Profiles\pxwegxtr.default -> google.com/
FF ProfilePath: C:\Users\moo\AppData\Roaming\Mozilla\Firefox\Profiles\wg8mg47o.Default User-1555246507613 [2019-07-14]
FF Homepage: Mozilla\Firefox\Profiles\wg8mg47o.Default User-1555246507613 -> google.com
FF NewTab: Mozilla\Firefox\Profiles\wg8mg47o.Default User-1555246507613 -> hxxp://www.bing.com/?pc=COS2&ptag=D061619-N0300A21ABFDD9D88F4162B1F&form=CONMHP&conlogo=CT3332016
FF Extension: (Adblock Plus - free ad blocker) - C:\Users\moo\AppData\Roaming\Mozilla\Firefox\Profiles\wg8mg47o.Default User-1555246507613\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-19]
FF SearchPlugin: C:\Users\moo\AppData\Roaming\Mozilla\Firefox\Profiles\wg8mg47o.Default User-1555246507613\searchplugins\bing-lavasoft-ff59.xml [2019-06-16]
FF Plugin: @ Adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_192.dll [2019-05-19] (Adobe Inc. -> )
FF Plugin: @ Java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ Java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @ microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @ microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ Adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_192.dll [2019-05-19] (Adobe Inc. -> )
FF Plugin-x32: @ ITStructures.com/ffactivex -> C:\Program Files\Firefox ActiveX Plugin\npffax.dll [2011-12-28] () [File not signed]
FF Plugin-x32: @ microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @ tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @ tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin-x32: @ Videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN -> VideoLAN)
FF Plugin-x32: JFGuide -> C:\Program Files (x86)\NetSurveillance\CMS\npGuide.dll [2018-12-13] () [File not signed]
FF Plugin-x32: JFWeb -> C:\Program Files (x86)\NetSurveillance\CMS\npWebPlugin.dll [2018-12-13] () [File not signed]
FF Plugin HKU\S-1-5-21-178271911-2487205750-2762887493-1000: @ Talk.google.com/GoogleTalkPlugin -> C:\Users\moo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-178271911-2487205750-2762887493-1000: @ Talk.google.com/O1DPlugin -> C:\Users\moo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google Inc -> Google)
FF Plugin HKU\S-1-5-21-178271911-2487205750-2762887493-1000: @ tools.google.com/Google Update;version=3 -> C:\Users\moo\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-178271911-2487205750-2762887493-1000: @ tools.google.com/Google Update;version=9 -> C:\Users\moo\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-14] (Google Inc -> Google LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\moo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2019-02-11]
FF Plugin ProgramFiles/Appdata: C:\Users\moo\AppData\Roaming\mozilla\plugins\npo1d.dll [2019-02-11]
StartMenuInternet: Firefox-4752291C603E35AC - C:\Users\moo\AppData\Local\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default [2019-06-16]
CHR Extension: (Slides) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-02-09]
CHR Extension: (Docs) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-02-09]
CHR Extension: (Google Drive) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-02-09]
CHR Extension: (YouTube) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-02-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-05-03]
CHR Extension: (Sheets) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-02-09]
CHR Extension: (Chrome Remote Desktop) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-05-03]
CHR Extension: (Google Docs Offline) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-02-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-02-09]
CHR Extension: (Gmail) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\moo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-03]
CHR Profile: C:\Users\moo\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-09]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-03-23] (Advanced Micro Devices, Inc.) [File not signed]
S4 AnyDesk; C:\Program Files (x86)\AnyDesk\AnyDesk.exe [2066632 2018-11-30] (philandro Software GmbH -> )
S4 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [4091112 2017-11-09] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-15] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781864 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Razer Game Manager Service; C:\Program Files (x86)\Razer\Razer Services\GMS\GameManagerService.exe [253776 2018-12-18] (Razer USA Ltd. -> Razer Inc)
R2 RzActionSvc; C:\Program Files (x86)\Razer\Razer Services\Razer Central\RazerCentralService.exe [535424 2019-01-28] (Razer USA Ltd. -> Razer Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [290352 2018-12-19] (Razer USA Ltd. -> Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11665136 2019-01-16] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Windows -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\drfone\Library\DriverInstaller\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdhub30; C:\Windows\System32\DRIVERS\amdhub30.sys [108256 2015-01-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R3 amdxhc; C:\Windows\System32\DRIVERS\amdxhc.sys [229088 2015-01-21] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, INC.)
R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [83656 2014-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [43720 2014-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 BlueStacksDrv; C:\Program Files\BlueStacks\BstkDrv.sys [303712 2018-12-13] (Bluestack Systems, Inc. -> Bluestack System Inc. )
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [103064 2013-05-01] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.( ???? |))
R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R3 mcdbus; C:\Windows\SysWOW64\DRIVERS\mcdbus.sys [255552 2009-02-24] (JiaPing Gan -> MagicISO, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S1 mrjgvfmu; C:\Windows\system32\drivers\mrjgvfmu.sys [72816 2019-07-14] (Microsoft Corporation -> Microsoft Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [867328 2009-06-10] (Microsoft Windows -> Ralink Technology Corp.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
R3 SRS_SSCFilter; C:\Windows\System32\drivers\srs_sscfilter_amd64.sys [346992 2009-12-15] (SRS Labs, Inc -> )
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [203672 2013-05-01] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.( ???? |))
R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [60640 2014-02-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2018-11-18] (Vincent Burel -> Windows (R) Win 7 DDK provider)
R3 ALSysIO; \??\C:\Users\moo\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S1 MpKslf5df9b9a; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{CD16507F-D807-4AF5-98D4-62C78301D699}\MpKslf5df9b9a.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-14 20:49 - 2019-07-14 20:50 - 000025481 _____ C:\Users\moo\Downloads\FRST.txt
2019-07-14 20:43 - 2019-07-14 20:48 - 000000000 _____ C:\Users\moo\Downloads\Addition.txt
2019-07-14 20:37 - 2019-07-14 20:49 - 000000000 ____D C:\FRST
2019-07-14 20:37 - 2019-07-14 20:37 - 002095104 _____ (Farbar) C:\Users\moo\Desktop\FRST64.exe
2019-07-14 20:34 - 2019-07-14 20:34 - 001268344 _____ (ALCPU ) C:\Users\moo\Downloads\Core-Temp-setup(2).exe
2019-07-14 20:33 - 2019-07-14 20:33 - 000072816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrjgvfmu.sys
2019-07-14 09:00 - 2019-07-14 15:08 - 000065291 _____ C:\Users\moo\Desktop\bookmarks-2019-07-14.json
2019-07-14 08:59 - 2019-07-14 08:59 - 062611872 _____ (Skype Technologies S.A.) C:\Users\moo\Downloads\Skype-8.49.0.49.exe
2019-07-14 08:59 - 2019-07-14 08:59 - 000001348 _____ C:\Users\Public\Desktop\Skype.lnk
2019-07-14 08:59 - 2019-07-14 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-07-13 19:52 - 2019-07-14 20:32 - 000000000 ____D C:\Users\moo\Desktop\neon
2019-07-11 19:49 - 2019-07-14 08:50 - 000000000 ____D C:\Windows\Minidump
2019-07-02 23:35 - 2019-07-02 23:35 - 000000000 ____D C:\Temp
2019-06-29 22:40 - 2019-06-29 21:58 - 2576747849 ____N C:\Users\moo\Desktop\20190629_213044.mp4
2019-06-18 21:28 - 2019-06-18 21:28 - 000001008 _____ C:\Users\moo\Desktop\Start Tor Browser.lnk
2019-06-18 21:25 - 2019-06-18 22:31 - 000000000 ____D C:\Users\moo\Downloads\Tailspin
2019-06-16 10:17 - 2019-06-16 10:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BabelSoft
2019-06-16 10:17 - 2019-06-16 10:17 - 000000000 ____D C:\Program Files\Media Preview
2019-06-16 10:17 - 2019-06-16 10:17 - 000000000 ____D C:\Program Files (x86)\Media Preview
2019-06-16 10:16 - 2019-06-16 10:16 - 015438021 _____ (BabelSoft) C:\Users\moo\Downloads\MediaPreviewSetup-1.4.3.429.sfx.exe
2019-06-16 10:09 - 2019-06-16 10:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xiph.Org
2019-06-16 10:09 - 2019-06-16 10:09 - 000000000 ____D C:\Program Files (x86)\Xiph.Org
2019-06-16 10:08 - 2019-06-16 10:08 - 002653944 _____ (Xiph.Org) C:\Users\moo\Downloads\opencodecs_0.85.17777.exe
2019-06-16 10:08 - 2019-06-16 10:08 - 000739671 _____ C:\Users\moo\Downloads\webmdshow-0.9.12.0-20101216.zip
2019-06-16 10:03 - 2019-06-16 10:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow x64
2019-06-16 10:03 - 2019-06-16 10:03 - 000000000 ____D C:\Program Files\ffdshow
2019-06-16 10:03 - 2014-09-29 12:24 - 000127488 _____ C:\Windows\system32\ff_vfw.dll
2019-06-16 10:02 - 2019-06-16 10:02 - 005028439 _____ (ffdshow ) C:\Users\moo\Downloads\ffdshow_rev4533_20140929_clsid_x64.exe
2019-06-16 10:01 - 2019-06-16 10:01 - 002140816 _____ ( ) C:\Users\moo\Downloads\FFDSHOW_64-bit_1181268023.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-14 20:49 - 2018-08-07 17:47 - 000000000 ____D C:\Users\moo\AppData\LocalLow\Mozilla
2019-07-14 20:43 - 2018-08-19 04:39 - 000000000 ____D C:\Users\moo\AppData\Local\CrashDumps
2019-07-14 20:34 - 2018-08-07 19:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2019-07-14 20:34 - 2018-08-07 19:16 - 000000000 ____D C:\Program Files\Core Temp
2019-07-14 20:33 - 2018-08-07 19:06 - 000000000 ____D C:\ProgramData\NVIDIA
2019-07-14 20:31 - 2019-02-09 22:37 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-14 20:30 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-07-14 14:07 - 2018-08-07 01:57 - 000000000 ____D C:\Users\moo\AppData\Local\ElevatedDiagnostics
2019-07-14 12:06 - 2019-04-25 17:31 - 000000000 ____D C:\Users\moo\Documents\subaru rust
2019-07-14 11:51 - 2018-10-14 22:55 - 000000000 ____D C:\Users\moo\Downloads\Malwarebytes Anti-Malware Premium 3.6.1.2711 - Repack elchupacabra [4REALTORRENTZ.COM]
2019-07-14 11:38 - 2018-08-11 00:45 - 000000000 ____D C:\Users\moo\Documents\TeknoGods_Beta22
2019-07-14 10:10 - 2018-08-09 14:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-07-14 09:26 - 2018-08-19 13:34 - 000000000 ____D C:\Program Files (x86)\Removewat 2.2.7
2019-07-14 09:22 - 2018-10-12 01:09 - 000000000 ____D C:\Program Files (x86)\Need For Speed Payback
2019-07-14 09:07 - 2018-11-02 00:51 - 000000000 ____D C:\Program Files\DiRT 4
2019-07-14 08:51 - 2019-05-03 21:30 - 000000000 ____D C:\Users\moo\AppData\Local\Mozilla Firefox
2019-07-14 08:51 - 2018-08-07 01:54 - 000000000 ____D C:\Users\moo
2019-07-14 08:50 - 2019-05-23 18:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-14 08:50 - 2019-05-03 21:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-14 08:50 - 2019-04-10 19:31 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-14 08:50 - 2018-10-10 21:48 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2019-07-14 08:50 - 2018-08-17 00:58 - 000000000 ____D C:\Windows\system32\unknown
2019-07-14 08:50 - 2018-08-07 19:05 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2019-07-14 08:50 - 2018-08-07 19:03 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2019-07-14 08:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\security
2019-07-14 08:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\registration
2019-07-14 08:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2019-07-14 08:50 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\AppCompat
2019-07-14 08:49 - 2018-08-09 14:34 - 000000000 ____D C:\Windows\system32\Macromed
2019-07-14 08:48 - 2018-09-06 23:02 - 000000000 ____D C:\ProgramData\Razer
2019-07-13 23:21 - 2018-08-09 14:33 - 000000000 ____D C:\Users\moo\AppData\Local\Adobe
2019-07-09 15:05 - 2018-08-06 22:14 - 000741432 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2019-07-08 07:32 - 2009-07-13 23:45 - 000019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-07-08 07:32 - 2009-07-13 23:45 - 000019904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-06-29 19:31 - 2018-12-26 14:40 - 000000000 ____D C:\Users\moo\Desktop\New folder
2019-06-28 18:34 - 2019-02-02 21:50 - 000000000 ____D C:\Users\moo\Documents\samsung j3 contents
2019-06-19 00:33 - 2018-08-17 01:39 - 000000000 ___SD C:\Users\moo\AppData\LocalLow\Temp
2019-06-19 00:33 - 2018-08-15 20:48 - 000000000 ____D C:\Users\moo\AppData\Roaming\uTorrent
2019-06-18 21:29 - 2018-12-11 09:36 - 000000000 ____D C:\Users\moo\Documents\phone pictures facebook
2019-06-18 21:28 - 2019-01-27 00:19 - 000000000 ____D C:\Users\moo\Desktop\New folder (2)
2019-06-18 21:28 - 2018-08-21 17:16 - 000644096 ___SH C:\Users\moo\Documents\Thumbs.db
2019-06-18 21:28 - 2018-08-07 19:12 - 000000000 ____D C:\Users\moo\Documents\desktop pics
2019-06-18 21:27 - 2018-08-10 23:53 - 000000000 ____D C:\Users\moo\Documents\Camera
2019-06-18 21:26 - 2018-08-11 00:42 - 000000000 ____D C:\Users\moo\Documents\Old Firefox Data
2019-06-18 21:23 - 2019-03-27 11:22 - 000000000 ____D C:\Users\moo\AppData\Local\BitTorrentHelper
2019-06-18 18:12 - 2019-02-09 20:52 - 000002260 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-18 03:08 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\system32\NDF
2019-06-16 10:12 - 2018-11-19 17:29 - 000000000 ____D C:\Users\moo\AppData\Roaming\vlc

==================== Files in the root of some directories ================

2018-10-11 17:57 - 2018-10-11 17:57 - 000000260 _____ () C:\ProgramData\fontcacheev1.dat
2018-10-13 01:10 - 2018-10-13 01:10 - 000000000 _____ () C:\Users\moo\AppData\Roaming\FC29FA0894FE.ini
2018-12-08 11:33 - 2018-12-11 02:28 - 000007606 _____ () C:\Users\moo\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\User32.dll
[2018-08-09 20:44] - [2018-08-19 13:51] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79

C:\Windows\SysWOW64\User32.dll
[2018-08-09 20:43] - [2018-08-19 13:51] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE


LastRegBack: 2019-07-12 00:04
==================== End of FRST.txt ============================
Attached Files
File Type: txt Addition.txt (35.1 KB, 11 views)
sirtokesalot is offline  
Sponsored Links
Advertisement
 
Old 07-14-2019, 06:53 PM   #2
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi sirtokesalot, Welcome to the TSF malware removal forum.

I am iMacg3 and will be helping you with your computer problems.

Please keep the following information in mind before we begin:
  • Back up any important data before we continue.
    • Back up any important data on your computer to external media. I will not knowingly suggest any steps that will damage your computer; however, malware infections are often unpredictable and it may be necessary to reformat and reinstall your operating system depending on the infection.
  • Do not run any fixes or tools on your system unless I request that you do so.
    • Running additional tools on your system can interfere with the clean-up process, or cause issues such as false positives.
  • Please read all instructions carefully, and complete them in the order listed.
    • Items that are especially important will be highlighted in bold or red.
  • If your computer seems to start working normally, please don't abandon the topic.
    • Even if your system is behaving normally, there may still be some malware remnants left over. Additionally, malware can re-infect the computer if some remnants are left. Therefore, please complete all requested steps to make sure any malware is successfully eradicated from your PC.
  • If you have pirated or illegal software on your computer, uninstall it now before proceeding.
    • Using pirated/cracked software is an easy way to infect your computer - almost as easy as intentionally downloading malware. Therefore, please remove any, if present, before we begin the clean-up.
  • If you don't respond to your topic in 3 days, it will be closed.
    • If your topic is closed and you still need assistance, please start a new topic with a link to this one.
  • If you have questions at any time during the cleanup, feel free to ask.

---------------------------------------------------

Is this computer used for business purposes?

---------------------------------------------------
CKScanner

Download CKScanner by askey127 from here

Important : Save it to your desktop.
  • Doubleclick CKScanner.exe and click Search For Files.
  • After a very short time, when the cursor hourglass disappears, click Save List To File.
  • A message box will verify that the file is saved.
  • Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

---------------------------------------------------
Download and Run a Diagnostic Tool (MGADiag.exe) from here and save it to your desktop.
  • Double-click on MGADiag.exe
  • Click Continue
  • When the program has finished, click Copy
  • Open Notepad, and press Ctrl + V to paste the contents of the report into the text file
  • Save the file to your desktop as MGAdiag.txt
  • Post the content of MGAdiag.txt to your reply.

---------------------------------------------------

In your next reply, please include:
  • CKFiles.txt
  • MGAdiag.txt
__________________
Proud member of UNITE
iMacg3 is offline  
Old 07-14-2019, 07:03 PM   #3
TSF Enthusiast
 
sirtokesalot's Avatar
 
Join Date: May 2008
Posts: 610
OS: windows 7

My System


both files in attachments.
Attached Files
File Type: txt ckfiles.txt (4.5 KB, 13 views)
File Type: txt MGAdiag.txt (4.2 KB, 18 views)
sirtokesalot is offline  
Sponsored Links
Advertisement
 
Old 07-15-2019, 11:50 AM   #4
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



Hi sirtokesalot,

Is your operating system properly activated?
__________________
Proud member of UNITE
iMacg3 is offline  
Old 07-15-2019, 03:38 PM   #5
TSF Enthusiast
 
sirtokesalot's Avatar
 
Join Date: May 2008
Posts: 610
OS: windows 7

My System


i believe so yes.
sirtokesalot is offline  
Old 07-15-2019, 04:51 PM   #6
TSF Enthusiast
 
sirtokesalot's Avatar
 
Join Date: May 2008
Posts: 610
OS: windows 7

My System


quick update the constant browser tab crashing has returned.
sirtokesalot is offline  
Old 07-16-2019, 12:42 PM   #7
Security Team Moderator
 
iMacg3's Avatar
 
Join Date: Nov 2018
Location: US
Posts: 220
OS: Windows 10



It looks like you may have pirated/improperly licensed software on your computer. As per the forum rules, P2P programs/pirated software must be uninstalled, or assistance may be discontinued.

This topic is now closed.
__________________
Proud member of UNITE
iMacg3 is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 05:12 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts