Moe2001
Honorary Members-
Posts
28 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by Moe2001
-
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Can you find me new hard driver for my pc -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
It's brand new tho I think this happens because I did some command yesterday to get into desktop -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
It Scanned in 30 seconds here the logs Self-Test Logs.txt Attributes.txt -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Also My desktop isn't working whenever I restart also it's slow -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
@Aura can you help me? -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
How can i fix these problem?? Also i ran FRST Scan here the logs FRST.txt Addition.txt Shortcut.txt How can i fix the startup problems and the opening items problems, etc also when i restart my laptop it takes very long for explorer.exe to load desktop items (Sometimes never load till i do it manually everytime from the taskbar manager -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
These are the some problem I have now also I have hard disk1 (301) problem at startup also here the startup error some more are in the last reply can u help me to fix these please -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
-
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
After I restarted again I got blue screen it says "Event tracing Fatal Error" it keeps going to that screen after it auto restarts and I can't login -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Here the exported log Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/25/17 Scan Time: 9:11 PM Log File: 7ea940b0-89fb-11e7-855c-a08cfd2dffe4.json Administrator: Yes -Software Information- Version: 3.2.2.2018 Components Version: 1.0.186 Update Package Version: 1.0.2660 License: Trial -System Information- OS: Windows 10 (Build 14393.1593) CPU: x64 File System: NTFS User: AZIZ_FAMILY\Aziz Family -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 471101 Threats Detected: 109 Threats Quarantined: 109 Time Elapsed: 31 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 3 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, [1196], [380352],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Quarantined, [1196], [396386],1.0.2660 Module: 3 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Quarantined, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Quarantined, [1196], [380352],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Quarantined, [1196], [396386],1.0.2660 Registry Key: 29 PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, Delete-on-Reboot, [1050], [327193],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, Delete-on-Reboot, [1050], [327193],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, Delete-on-Reboot, [1050], [327193],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\TASKENG.EXE, Delete-on-Reboot, [5341], [425125],1.0.2660 PUP.Optional.ByteFence, HKU\S-1-5-21-1905450224-4209342522-2315450864-1003\SOFTWARE\ByteFence, Delete-on-Reboot, [619], [388728],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, Delete-on-Reboot, [5341], [425124],1.0.2660 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, Delete-on-Reboot, [619], [389038],1.0.2660 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, Delete-on-Reboot, [619], [389038],1.0.2660 PUP.Optional.Reimage, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., Delete-on-Reboot, [1050], [327203],1.0.2660 PUP.Optional.BlockAdsPro, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BlockAdsPro, Delete-on-Reboot, [8688], [419770],1.0.2660 PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService10, Delete-on-Reboot, [1196], [380352],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\NTService.Control.1, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}\InprocServer32, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}\InprocServer32, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Delete-on-Reboot, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Delete-on-Reboot, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, Delete-on-Reboot, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, Delete-on-Reboot, [1050], [327205],1.0.2660 Registry Value: 4 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, Delete-on-Reboot, [5341], [425126],1.0.2660 PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ADVANCED SYSTEMCARE 10, Delete-on-Reboot, [1196], [380353],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, Delete-on-Reboot, [5341], [425125],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, Delete-on-Reboot, [5341], [425124],1.0.2660 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 11 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data655, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\dump, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\LLSSOFT\WINVMX, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.BlockAdsPro, C:\USERS\AZIZ FAMILY\APPDATA\ROAMING\MICROSOFT\BLOCKADSPRO, Delete-on-Reboot, [8688], [421128],1.0.2660 PUP.Optional.Yelloader, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\LLSSOFT, Delete-on-Reboot, [1681], [424515],1.0.2660 File: 59 PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_PerformanceMonitor, Delete-on-Reboot, [1196], [380341],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_SkipUac_Aziz Family, Delete-on-Reboot, [1196], [380341],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, Delete-on-Reboot, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, Delete-on-Reboot, [1196], [380353],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, Delete-on-Reboot, [1196], [380352],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Cookies, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Cookies-journal, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_0, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_1, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_2, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_3, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\index, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Visited Links, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Cookies, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Cookies-journal, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_0, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_1, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_2, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_3, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\index, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Visited Links, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Cookies, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Cookies-journal, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_0, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_1, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_2, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_3, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\index, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Visited Links, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Cookies, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Cookies-journal, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_0, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_1, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_2, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_3, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\index, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Visited Links, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.ini, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\help_dll.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\NTSVC.ocx, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\en-US.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\zh-CN.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_100_percent.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_200_percent.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_extensions.pak, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\icudtl.dat, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libcef.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\natives_blob.bin, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\snapshot_blob.bin, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdm.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdmadapter.dll, Delete-on-Reboot, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\userdata2, Delete-on-Reboot, [1681], [424515],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, Delete-on-Reboot, [1196], [396386],1.0.2660 Physical Sector: 0 (No malicious items detected) (end) -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
This is before i click quartantite selected Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 8/25/17 Scan Time: 9:11 PM Log File: 7ea940b0-89fb-11e7-855c-a08cfd2dffe4.json Administrator: Yes -Software Information- Version: 3.2.2.2018 Components Version: 1.0.186 Update Package Version: 1.0.2660 License: Trial -System Information- OS: Windows 10 (Build 14393.1593) CPU: x64 File System: NTFS User: AZIZ_FAMILY\Aziz Family -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 471101 Threats Detected: 109 Threats Quarantined: 0 (No malicious items detected) Time Elapsed: 31 min, 23 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 3 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, No Action By User, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, No Action By User, [1196], [380352],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, No Action By User, [1196], [396386],1.0.2660 Module: 3 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, No Action By User, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, No Action By User, [1196], [380352],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, No Action By User, [1196], [396386],1.0.2660 Registry Key: 29 PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\REI_AxControl.DLL, No Action By User, [1050], [327193],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\REI_AxControl.DLL, No Action By User, [1050], [327193],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\REI_AxControl.DLL, No Action By User, [1050], [327193],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\TASKENG.EXE, No Action By User, [5341], [425125],1.0.2660 PUP.Optional.ByteFence, HKU\S-1-5-21-1905450224-4209342522-2315450864-1003\SOFTWARE\ByteFence, No Action By User, [619], [388728],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE, No Action By User, [5341], [425124],1.0.2660 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, No Action By User, [619], [389038],1.0.2660 PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, No Action By User, [619], [389038],1.0.2660 PUP.Optional.Reimage, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\LOCAL APPWIZARD-GENERATED APPLICATIONS\Reimage - Windows Problem Relief., No Action By User, [1050], [327203],1.0.2660 PUP.Optional.BlockAdsPro, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BlockAdsPro, No Action By User, [8688], [419770],1.0.2660 PUP.Optional.AdvancedSystemCare, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\AdvancedSystemCareService10, No Action By User, [1196], [380352],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\NTService.Control.1, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E7BC34A2-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C}, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}\InprocServer32, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E7BC34A3-BA86-11CF-84B1-CBC2DA68BF6C}\InprocServer32, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, No Action By User, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, No Action By User, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\APPID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}, No Action By User, [1050], [332494],1.0.2660 PUP.Optional.Reimage, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{10ECCE17-29B5-4880-A8F5-EAD298611484}, No Action By User, [1050], [327205],1.0.2660 Registry Value: 4 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_WINDOWSPOWERSHELL_V1.0_POWERSHELL.EXE|WINDOWPOSITION, No Action By User, [5341], [425126],1.0.2660 PUP.Optional.AdvancedSystemCare, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ADVANCED SYSTEMCARE 10, No Action By User, [1196], [380353],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\TASKENG.EXE|WINDOWPOSITION, No Action By User, [5341], [425125],1.0.2660 PUP.Optional.PSScriptLoad.ACMB3, HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\CONSOLE\%SYSTEMROOT%_SYSTEM32_SVCHOST.EXE|WINDOWPOSITION, No Action By User, [5341], [425124],1.0.2660 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 11 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data655, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\dump, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\LLSSOFT\WINVMX, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.BlockAdsPro, C:\USERS\AZIZ FAMILY\APPDATA\ROAMING\MICROSOFT\BLOCKADSPRO, No Action By User, [8688], [421128],1.0.2660 PUP.Optional.Yelloader, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\LLSSOFT, No Action By User, [1681], [424515],1.0.2660 File: 59 PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_PerformanceMonitor, No Action By User, [1196], [380341],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\WINDOWS\SYSTEM32\TASKS\ASC10_SkipUac_Aziz Family, No Action By User, [1196], [380341],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\MONITOR.EXE, No Action By User, [1196], [398206],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCTRAY.EXE, No Action By User, [1196], [380353],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASCSERVICE.EXE, No Action By User, [1196], [380352],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Cookies, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Cookies-journal, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_0, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_1, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_2, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\data_3, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\index, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data641\Visited Links, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Cookies, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Cookies-journal, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_0, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_1, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_2, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\data_3, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\index, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data651\Visited Links, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Cookies, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Cookies-journal, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_0, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_1, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_2, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\data_3, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\index, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data660\Visited Links, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Cookies, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Cookies-journal, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_0, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_1, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_2, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\data_3, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\index, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\winvmx\data661\Visited Links, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.exe, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\dataup.ini, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\help_dll.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\dataup\NTSVC.ocx, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\en-US.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\locales\zh-CN.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_100_percent.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_200_percent.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\cef_extensions.pak, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\icudtl.dat, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libcef.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\libGLESv2.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\natives_blob.bin, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\snapshot_blob.bin, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdm.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\ntuserlitelist\svcvmx\widevinecdmadapter.dll, No Action By User, [1681], [422653],1.0.2660 PUP.Optional.Yelloader, C:\Windows\syswow64\config\systemprofile\AppData\Local\llssoft\userdata2, No Action By User, [1681], [424515],1.0.2660 PUP.Optional.AdvancedSystemCare, C:\PROGRAM FILES (X86)\IOBIT\ADVANCED SYSTEMCARE\ASC.EXE, No Action By User, [1196], [396386],1.0.2660 Physical Sector: 0 (No malicious items detected) (end) -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
-
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
In setting im trying to turn windows defenser and it says This app is turned off by group policy To allow this app to run, contact your secuirty administrator to enable the program vira group policy. How can i fix this?? -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Also i Ran Adware scan here the logs # AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 26 01:06:44 2017 # Updated on 2017/05/08 by Malwarebytes # Database: 08-25-2017.1 # Running on Windows 10 Home (X64) # Mode: scan # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** PUP.Optional.Legacy, AdvancedSystemCareService10 ***** [ Folders ] ***** PUP.Optional.AdvancedSystemCare, C:\ProgramData\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\ProgramData\Application Data\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Windows\System32\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Program Files (x86)\Common Files\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Users\All Users\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Users\Aziz Family\AppData\LocalLow\IObit\Advanced SystemCare PUP.Optional.AdvancedSystemCare, C:\Users\Aziz Family\AppData\Roaming\IObit\Advanced SystemCare PUP.Optional.Legacy, C:\ProgramData\IObit\ASCDownloader PUP.Optional.Legacy, C:\ProgramData\Application Data\IObit\ASCDownloader PUP.Optional.Legacy, C:\Users\All Users\IObit\ASCDownloader PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare PUP.Optional.S5Mark, C:\Windows\System32\config\systemprofile\AppData\Local\llssoft PUP.Optional.S5Mark, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\llssoft Adware.Agent, C:\Windows\System32\config\systemprofile\AppData\Local\ntuserlitelist Adware.Agent, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\ntuserlitelist PUP.Adware.Heuristic, C:\ProgramData\{74E9F814-C737-42CC-B721-DBBC4059367A} PUP.Adware.Heuristic, C:\ProgramData\{89DEFA6C-3E75-4DC7-1121-6A1D8F48F6C5} PUP.Adware.Heuristic, C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} PUP.Adware.Heuristic, C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} PUP.Adware.Heuristic, C:\ProgramData\{C6FA530F-BB98-4D9F-BA00-45FD0698077C} PUP.Adware.Heuristic, C:\ProgramData\{D76294E6-03B8-4971-AF2E-3F846161A690} PUP.Adware.Heuristic, C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} ***** [ Files ] ***** PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** PUP.Optional.Legacy, ASC10_PerformanceMonitor PUP.Adware.Heuristic, ASC10_SkipUac_Aziz Family ***** [ Registry ] ***** PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\IOBIT\ASC PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DIRECTORY\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\DRIVE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.AdvancedSystemCare, [Key] - HKLM\SOFTWARE\CLASSES\LNKFILE\SHELLEX\CONTEXTMENUHANDLERS\Advanced SystemCare PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {22DD9399-3DD2-41BC-B903-0FCC5F84E5A8} PUP.Optional.Legacy, [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules | {412F04C4-51BE-494B-87AA-55511227E0E5} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Advanced SystemCare_is1 PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C} PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{E7BC34A0-BA86-11CF-84B1-CBC2DA68BF6C} PUP.Optional.Legacy, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | cpx PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\Software\Microsoft\Windows\CurrentVersion\Run | Advanced SystemCare 10 PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | Advanced SystemCare 10 PUP.Optional.Legacy, [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run | Advanced SystemCare 10 PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | WinResSync PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL PUP.Optional.Reimage, [Key] - HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. PUP.Optional.Reimage, [Key] - HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. Adware.Agent, [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 | svcvmx Adware.pokki, [Value] - HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\TBDEn | SBOEM2 Trojan.Clicker, [Key] - HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services PUP.Optional.BlockTheAds, [Key] - HKU\S-1-5-21-1905450224-4209342522-2315450864-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlockAdsPro PUP.Optional.BlockTheAds, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BlockAdsPro PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ccleaner.en.softonic.com PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\en.softonic.com PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\softonic.com PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ccleaner.en.softonic.com PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\en.softonic.com PUP.Optional.SofTonicAssistant, [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\softonic.com ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries. ************************* ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ########## -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
@Aura Here you go mbar-log-2017-08-25 (17-47-23).txt Also i can run other things now also can you tell what should i run and do to keep my pc protected and fast -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
What do you want me to run after bad? -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Here you go. Addition.txt FRST.txt Shortcut.txt -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Also how do i get the fixlist.txt to use the FIX option in FRST -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Here is the FRST Logs Addition.txt FRST.txt Shortcut.txt -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
But I can't run malware scanner can only run rootkit malwarebyte "The requested resource is in use" -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Seems like it keep freezing or crashing after it reaches system catigory -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Do you want me to reboot after it finishes and am done cleaning it @Aura -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Getting Drivers, sectors, and system scan right now. -
The Requested Resource is in use
Moe2001 replied to Moe2001's topic in Resolved Malware Removal Logs
Here it is, Only scanned for drivers, am doing system and Sector right now. Malwarebytes Anti-Rootkit BETA 1.9.4.1001 www.malwarebytes.org Database version: main: v2017.08.24.06 rootkit: v2017.08.02.01 Windows 10 x64 NTFS Internet Explorer 11.1593.14393.0 Aziz Family :: AZIZ_FAMILY [administrator] 8/24/2017 2:12:38 PM mbar-log-2017-08-24 (14-12-38).txt Scan type: Scan options enabled: Anti-Rootkit | Drivers | MBR Scan options disabled: Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Objects scanned: 455 Time elapsed: 5 minute(s), 46 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\WINDOWS\SYSTEM32\drivers\ndistpr64.sys (Rootkit.Agent.PUA) -> Delete on reboot. [a1184d89fddc3c481bce6ecc1384a192] Physical Sectors Detected: 0 (No malicious items detected) (end) (The one i ran before this ) mbar-log-2017-08-24 (14-11-08) -
Whenever I try to run Malwarebytes I get The Requested Resource Is In Use, i tried to download. I tried running malware many times but i keep getting this message "The Requested Resource is in use" I have FRST Log. Here FRST.txt Addition.txt I also have svchost need help