kevinf80

ESET log entries are not malicious per se, you can delete them all if you want... Is your system still having problems...?

Your GMER logs are not showing any infected or malicious entries, if you are still unsure run the following please: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 3 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions.... When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > "settings" > "protection tab" Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Go back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Click on the Report tab > from main interface. Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download AdwCleaner by Malwarebytes onto your Desktop. Or from this Mirror Right-click on AdwCleaner.exe and select Run as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users) Accept the EULA (I accept), then click on Scan Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean button. This will kill all the active processes Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin....

Hello rkqm and welcome to Malwarebytes, kfldiuod.sys  is GMER driver, atc.sys is BitDefender driver, all other entries are Windows own files.... Why do you believe you have issues with your system....? Thank you, Kevin

Hello KJC and welcome to Malwarebytes, Use the instructions in the following link, let me know if this helps.. Thank you, Kevin

Hello josebutler123 and welcome to Malwarebytes, Continue with the following: If you do not have Malwarebytes installed do the following: Download Malwarebytes version 3 from the following link: https://www.malwarebytes.com/mwb-download/thankyou/ Double click on the installer and follow the prompts. If necessary select the Blue Help tab for video instructions.... When the install completes or Malwarebytes is already installed do the following: Open Malwarebytes, select > "settings" > "protection tab" Scroll down to "Scan Options" ensure Scan for Rootkits and Scan within Archives are both on.... Go back to "DashBoard" select the Blue "Scan Now" tab...... When the scan completes quarantine any found entries... To get the log from Malwarebytes do the following: Click on the Report tab > from main interface. Double click on the Scan log which shows the Date and time of the scan just performed. Click Export > From export you have two options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… Next, Download Farbar Recovery Scan Tool and save it to your desktop. Alternative download option: http://www.techspot.com/downloads/6731-farbar-recovery-scan-tool.html Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way... Be aware FRST must be run from an account with Administrator status... Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.) Make sure Addition.txt is checkmarked under "Optional scans" Press Scan button to run the tool.... It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The tool will also make a log named (Addition.txt) Please attach that log to your reply. Let me see those logs in your reply... Thank you, Kevin...

I just leave your thread open until you reply, normally I close out threads after 5 days inactivity... Regarding smartservice infection, have a read at the following link, the name is changed but infection is the same... https://www.bleepingcomputer.com/news/security/rootkit-based-adware-wreaks-havoc-among-windows-10-users-in-the-us/

Have you ran ESET...?

Can you reset to defaults, see if there is an improvement....

Thanks for those logs, continue: Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into. "Do not open that file when running FRST fix" NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work. Open FRST and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply. Next, Go here and click 'SCAN NOW' under 'ESET Online Scanner' save to your Desktop. Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how Right click on and select "Run as Administrator" In the new Window accept the terms of service In the new Window select "Enable detection of potentially unwanted applictions" then expand "Advanced Settings" In the new Window checkmark (tick) the entries as shown, make sure "Clean threats automatically" is not checkmarked. Now select "Scan" In the new Window new virus database signatures will download, Do Not Select Stop The Window will progress showing the scan in action.... In the new Window if no threats are found, select "Delete applications data on close" then select "Finish" no log is produced, confirm that in your reply... If threats are found the following Window will open: Click on "Select All" then "Save to Text file" name and save that file, attach to your reply. Now select "Do not clean" and then close out.... Let me see those logs... Thank you, Kevin.. fixlist.txt

Thanks for those logs, is your CPU or Graphics overclocked...?

Hello Zeroneos, Please download VEW by Vino Rosso from HERE and save it to your Desktop. Double-click VEW.exe. to start, Vista and Windows 7/8/10 users Right Click and select "Run as Administrator" Under 'Select log to query...check the boxes for both Application and System. Under 'Select type to list... select both Error and Critical. Click the radio button for 'Number of events...Type 15 in the 1 to 20 box. Then click the Run button. Notepad will open with the output log. It will take a couple of minutes to generate the log, please be patient. Please post the Output log in your next reply. Next, Can you see if the following folder has any contents: C:\Windows\minidump if so zip up the folder and attach to your reply, you will probably have to copy the folder to your desktop first.. Thanks, Kevin..

Click on Start > All Programs > Accessories: Right-click on the Command Prompt entry Select "Run as Administrator" accept the UAC prompt - the Elevated Command Prompt window should pop up. At the Command prompt, type or copy/paste chkdsk /r hit the Enter key. You will get a message that the drive cannot be locked, but that the command can be scheduled to run at the next boot - hit the Y key, press Enter, and then reboot. The CHKDSK may take a few hours depending on the size of the drive, so be patient! After the CHKDSK has run use the following instructions to find the log: Check Disk report: Press the WindowsKey + R on your keyboard at the same time. Type eventvwr into the run box and click OK. In the left panel, expand Windows Logs and then click on Application. Now, on the right side, click on Filter Current Log. Under Event Sources, check only Wininit and click OK. You mayl be presented with one or multiple Wininit logs. Click on an entry corresponding to the date and time of the disk check. On the top main menu, click Action > Copy > Copy Details as Text. Paste the contents into your next reply. Next, Now run SFC. SFC -System File Checker - Instructions Click on Start > All Programs > Accessories Right-click on the Command Prompt entry Select "Run as Administrator" accept the UAC prompt - the Elevated Command Prompt window should pop up. At the Command prompt, type SFC /SCANNOW hit the Enter key Wait for the scan to finish - make a note of any error messages - and then reboot. Copy the CBS.log file created (C:\Windows\Logs\CBS\CBS.log) to your desktop (you can't manipulate it directly) and then compress the copy and upload the zip file to your reply. Any improvement...?

Unfortunately the fix I gave is the only way to defeat smartservice infection other than wipe your hard drive and reinstall windows...

Can you attach FRST.txt

Did you reboot your system..? Has the repair tool made any difference..?