I think my pc might be infected with spyware

[kemped5]

Every once in a while I will see remote desktop in my task manager but it disappears as soon as I see it, so I disabled my remote desktop setting and removed an unknown user account which I believe had access to it. Today it happened again but this time it was a strange logo I've never seen before and it closed so fast I couldn't read what it was, it seems like it said ''spyware'' but I could be wrong and misread it. I'd rather be safe than sorry so any help finding and deleting virusses will be appreciated.

FRST.txt

Addition.txt

[kemped5]

Also I forgot to mention my firewall turns off by itself sometimes, I never notice it untill I check the new notifications

[kevinf80]

Hello kemped5 and welcome to Malwarebytes, My screen name is kevinf80, i`m here to help clean up your system, continue as follows please: Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good... Download RKill from here: http://www.bleepingcomputer.com/download/rkill/ There are three buttons to choose from with different names on, select the first one and save it to your desktop.   Double-click on the Rkill desktop icon to run the tool. If using Vista or Windows 7/8/10, right-click on it and Run As Administrator. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log pops up at the end of the run. This log file is located at C:\rkill.log. Please post this in your next reply. If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time. If the tool does not run from any of the links provided, please let me know. Next, Please open Malwarebytes Anti-Malware.   On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits". Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button. A Threat Scan will begin. When the scan is complete Apply Actions to any found entries. Wait for the prompt to restart the computer to appear (if applicable), then click on Yes. After the restart once you are back at your desktop, open MBAM once more. To get the log from Malwarebytes do the following:   Click on the History tab > Application Logs. Double click on the scan log which shows the Date and time of the scan just performed. Click Export > From export you have three options: Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply   Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply… If Malwarebytes is not installed follow these instructions first: Download Malwarebytes Anti-Malware to your desktop. Double-click mbam-setup and follow the prompts to install the program. At the end, be sure a checkmark is placed next to the following: Launch Malwarebytes Anti-Malware A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program. Click Finish. Follow the instructions above.... Next, Download AdwCleaner by Xplode onto your Desktop.   Double click on Adwcleaner.exe to run the tool. Click on the Scan in the Actions box Please wait fot the scan to finish.. When "Waiting for action.Please uncheck elements you want to keep" shows in top line.. Click on the Cleaning box. Next click OK on the "Closing Programs" pop up box. Click OK on the Information box & again OK to allow the necessary reboot After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed... Next, Download Sophos Free Virus Removal Tool and save it to your desktop.   Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View log file... (bottom left hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program If no threats were found please confirm that result.... Let me see those logs, also give an update on any remaining issues or concerns... Thank you, Kevin

[kemped5]

Thanks for the quick reply here are the logs in order.

Rkill 2.8.4 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/12/2016 08:57:41 PM in x64 mode.
Windows Version: Windows 10 Home N

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Patrick\AppData\Local\Temp\B69491A8-5E83-4126-B8B8-657952739003\DismHost.exe (PID: 3668) [T-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * AppMgmt [Missing Service]
 * CSC [Missing Service]
 * CscService [Missing Service]
 * PeerDistSvc [Missing Service]

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 06/12/2016 08:58:09 PM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12-6-2016
Scan Time: 21:00
Logfile: mbyteslog.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.06.12.03
Rootkit Database: v2016.05.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: Patrick

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 288759
Time Elapsed: 9 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

 

 

# AdwCleaner v5.119 - Logfile created 12/06/2016 at 21:22:58
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 10 Home N  (X64)
# Username : Patrick - PATRICK-PC
# Running from : C:\Users\Patrick\Downloads\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : Updater

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLLs ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\s

***** [ Web browsers ] *****

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [790 bytes] - [12/06/2016 21:22:58]
C:\AdwCleaner\AdwCleaner[S1].txt - [839 bytes] - [12/06/2016 21:20:40]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [934 bytes] ##########

 

 

 

Sophos Free Virus Removal Tool  didn´t find anything.

 

 

 

 

 

 

[kevinf80]

We are just seeing clean logs, run the following scan:

Go here: https://www.zemana.com/Download download and install Zemana Anti-malware. Allow a shortcut to be saved to your Desktop.. The tool will be active with a 15 day trial.... Right click on Zemana Antimalware and select "Run as Administrator" From the GUI select "Settings" In the new window Select 1. Updates, when complete Select 2. Real Time Protection. In the next window make sure 1. all boxes are checkmarked and the action is "Quarantine" and then " 2. Select the home icon. In the new window select "Scan" When the scan completes check each found entry (if any). For "Suspicious Browser Settings" choose REPAIR for all other entries choose QUARANTINE then select the "Next" tab The action complete window will open, from there select the "Back" tab. That will take you back to the home screen... On that screen select the "Reports" tab. (Looks like 3 chimneys) On that screen select and highlite the scan details line, then select "Open Report" Copy and paste that log to your reply...   Thank you,   Kevin...

 

 

[kemped5]

Zemana AntiMalware 2.20.2.985 (Geïnstalleerd)

-------------------------------------------------------
Scan resultaat                : Compleet
Scan datum                    : 2016-6-12
Besturingssysteem             : Windows 10 64-bit
Processor                     : 4X Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BIOS modus                    : Legacy
CUID                          : 1270AA1670E88ED961B658
Scan type                     : Slimme scan
Tijdsduur                     : 0m 58s
Gescande objecten             : 4298
Gedetecteerde objecten        : 4
Geexcludeerde objecten        : 0
Lees niveau                   : Normal
Automatische upload           : Aangeschakeld
Alle uitbreidingen includeren : Uitgeschakeld
Documenten scannen            : Uitgeschakeld
Domein informatie             : WORKGROUP,0,2

Gedetecteerde objecten
-------------------------------------------------------

USB\VID_045E&PID_028E (libwdi autogenerated)
Status                     : Gescand
Pad                        : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F5B067F843FEBA6714545C53D60B9345A0EAC403\Blob
MD5                        : -
Uitgever                   : -
Grootte                    : -
Versie                     : -
Detectie                   : Verdacte Root CA
Actie                      : Verwijderen
Gerelateerde objecten      :
                Registervermelding - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F5B067F843FEBA6714545C53D60B9345A0EAC403\Blob = 1900000001000000100000003385A1EA72EE1D3F19E11AA922AC953F0F000000010000001400000081C4355659BBED6414153785F516BAE58A1E67C9030000000100000014000000F5B067F843FEBA6714545C53D60B9345A0EAC4030B000000010000000E0000006C006900620077006400690000001400000001000000140000001ABC7EFF0E5D8BCA74A95EC8ABDCFA859F13B1DF2000000001000000CC020000308202C830820231A003020102021036AD3AC960C702A24DBD0439C1C696C4300D06092A864886F70D010105050030633161305F06035504031E58005500530042005C005600490044005F00300034003500450026005000490044005F003000320038004500200028006C006900620077006400690020006100750074006F00670065006E0065007200610074006500640029301E170D3136303530333034353835365A170D3239303130313030303030305A30633161305F06035504031E58005500530042005C005600490044005F00300034003500450026005000490044005F003000320038004500200028006C006900620077006400690020006100750074006F00670065006E006500720061007400650064002930819F300D06092A864886F70D010101050003818D00308189028181008CE3523A92AD029B897DEFA837D9E36E508229EE8F01CAD3F7FCBE52D271D3661AA673705B09A379C7029C6D7F387A079FC7FC48E3DBD86F5DCD42E84FF928B71A321F30F439FF31717680823D6B48D39BA95B34867CEC9BEF7E4D626C8D1E6962CFBB98FE2C13541569469DB2009A74A3F5EFFF7227B3C567D3F2C63C16F3DB0203010001A37D307B30160603551D250101FF040C300A06082B0601050507030330200603551D07041930178615687474703A2F2F6C69627764692E616B656F2E6965303F0603551D2004383036303406082B060105050702013028302606082B06010505070201161A687474703A2F2F6C69627764692D6370732E616B656F2E696500300D06092A864886F70D01010505000381810074F4C89EDF6C088B05954D9BAAB1FE53AF5467122CFF89D35F903DB3F7961DA7AA9AD3E61ACD57C79AA56DFA5944CF247B8422DC66FF52453EC3FB49F711C40C76E439CED80CC192CB72B7A5E76D38AA449A2B1B1344BEEFAF515B1D07360AAC9A8EECB0A60E650F9AFD7E8D0DEC1CFC872684FABF9868CDCD72D7E2F23B88ED

USB\VID_0079&PID_181B (libwdi autogenerated)
Status                     : Gescand
Pad                        : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\EA2F95897E1B8246E9BB212DECBA94E2412CCF3F\Blob
MD5                        : -
Uitgever                   : -
Grootte                    : -
Versie                     : -
Detectie                   : Verdacte Root CA
Actie                      : Verwijderen
Gerelateerde objecten      :
                Registervermelding - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\EA2F95897E1B8246E9BB212DECBA94E2412CCF3F\Blob = 190000000100000010000000C9D0AB95BEC520F073EFA44948C5048F0F0000000100000014000000181F90CA9ED4F8658CD41F466E5C5A7879CC0426030000000100000014000000EA2F95897E1B8246E9BB212DECBA94E2412CCF3F0B000000010000000E0000006C006900620077006400690000001400000001000000140000005245EEB2F3ED589EF683ADDA71F2AE53191B40C72000000001000000CC020000308202C830820231A003020102021024A0585AAC17D0BF4765154E1677528E300D06092A864886F70D010105050030633161305F06035504031E58005500530042005C005600490044005F00300030003700390026005000490044005F003100380031004200200028006C006900620077006400690020006100750074006F00670065006E0065007200610074006500640029301E170D3136303532363130323932375A170D3239303130313030303030305A30633161305F06035504031E58005500530042005C005600490044005F00300030003700390026005000490044005F003100380031004200200028006C006900620077006400690020006100750074006F00670065006E006500720061007400650064002930819F300D06092A864886F70D010101050003818D0030818902818100A47C0233CB7333E0C78049DF609385AD1E03ECC9FAA157E1CAAFBAA64C0D2E7CFB49C53798BBDA8B8374A216C7D8F1939CA7BE2C22D47528802175404E867EBBCF7601A087952548CFAC032CEACA1B71C230DC9C428760EEBDAA5C896086F95816A82C6CB45E6666ACFFBDE7C646E56AC7C5B9C9C0D16A49E15DAEBCDDF62D410203010001A37D307B30160603551D250101FF040C300A06082B0601050507030330200603551D07041930178615687474703A2F2F6C69627764692E616B656F2E6965303F0603551D2004383036303406082B060105050702013028302606082B06010505070201161A687474703A2F2F6C69627764692D6370732E616B656F2E696500300D06092A864886F70D01010505000381810003A130C6525815160D7789314C2C22BF1E7D8E94F2B57724CCD7B38121EF6B052E0FE80DB1C918499472975421E6D6A5C7D401B203AB49CD2FC346562E3DD87DB33274343CA711FD033F13458C478A1930D4577D68E4F4907300C14B51643C297DB241AFDD7AB57561011A30948F66A1E843DBBCF53883AB0FC908BF6ED26534

USB\VID_054C&PID_0268 (libwdi autogenerated)
Status                     : Gescand
Pad                        : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\95992D0F2C7169854DEAF40DD9832F72D68DAF06\Blob
MD5                        : -
Uitgever                   : -
Grootte                    : -
Versie                     : -
Detectie                   : Verdacte Root CA
Actie                      : Verwijderen
Gerelateerde objecten      :
                Registervermelding - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\95992D0F2C7169854DEAF40DD9832F72D68DAF06\Blob = 190000000100000010000000A5B3631DF886B42AE6675A13BD8C94A60F0000000100000014000000A577AF4689EA0478AA09E716798722E4932AB11E03000000010000001400000095992D0F2C7169854DEAF40DD9832F72D68DAF060B000000010000000E0000006C006900620077006400690000001400000001000000140000009C13B79872185337B085108A8AB670848807975C2000000001000000CC020000308202C830820231A00302010202107C2A311B2E9EF3944488095CDF12FE55300D06092A864886F70D010105050030633161305F06035504031E58005500530042005C005600490044005F00300035003400430026005000490044005F003000320036003800200028006C006900620077006400690020006100750074006F00670065006E0065007200610074006500640029301E170D3136303630383231353235365A170D3239303130313030303030305A30633161305F06035504031E58005500530042005C005600490044005F00300035003400430026005000490044005F003000320036003800200028006C006900620077006400690020006100750074006F00670065006E006500720061007400650064002930819F300D06092A864886F70D010101050003818D0030818902818100A79255F4118F9668FA186E852AA15684974DD6782A8F06A899D8F485E51D2360880BEA91AD8FE021280C3D9AD61CB2969A34923FB7766B740A40B0CB825BCAC8C965534C92EC099AAE57AA951945BEE3F3A6FEEAE83A5C94B4F2556BA4208B14F6567601C7ADFFA21A43AF6B42EAC184A7AE745B53CEEBBEBC264FB51BDE7C990203010001A37D307B30160603551D250101FF040C300A06082B0601050507030330200603551D07041930178615687474703A2F2F6C69627764692E616B656F2E6965303F0603551D2004383036303406082B060105050702013028302606082B06010505070201161A687474703A2F2F6C69627764692D6370732E616B656F2E696500300D06092A864886F70D0101050500038181005852D1962435708922C62363D84DF5F702686139690F400AED700C1EC7ACC9324AAD29C05CEFA12AC80D8F99A04386D27360CEC00C7EE81544052C33ED1250F921FF1B3E2D57F917A1F33F5816A5043B11C55368070B76869765A90639E1CE635219019400BB5B5A2CAF75C068B9052C76237DAF79310B7AF7656F5F9B16FE6B

USB\VID_0079&PID_181A (libwdi autogenerated)
Status                     : Gescand
Pad                        : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\551E52BC5292E8B92659C6F33BDD9F4F194C9A19\Blob
MD5                        : -
Uitgever                   : -
Grootte                    : -
Versie                     : -
Detectie                   : Verdacte Root CA
Actie                      : Verwijderen
Gerelateerde objecten      :
                Registervermelding - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\551E52BC5292E8B92659C6F33BDD9F4F194C9A19\Blob = 190000000100000010000000E2975442AC2683B5B92B49B5F5F1A2320F0000000100000014000000696EFD8458C61B5CC037B97CA22B2478B1BAB033030000000100000014000000551E52BC5292E8B92659C6F33BDD9F4F194C9A190B000000010000000E0000006C006900620077006400690000001400000001000000140000002A604DB0AFB1CDC36EC130687FEF0FD8C885FC172000000001000000CC020000308202C830820231A00302010202102051C7CE6FC6D09C4500A338795AEB42300D06092A864886F70D010105050030633161305F06035504031E58005500530042005C005600490044005F00300030003700390026005000490044005F003100380031004100200028006C006900620077006400690020006100750074006F00670065006E0065007200610074006500640029301E170D3136303532363130333332335A170D3239303130313030303030305A30633161305F06035504031E58005500530042005C005600490044005F00300030003700390026005000490044005F003100380031004100200028006C006900620077006400690020006100750074006F00670065006E006500720061007400650064002930819F300D06092A864886F70D010101050003818D0030818902818100BC427FC9D639BEA5345FFE07DAEE18E27ACF39B53DB51D7940EA39E654E0ADD08B5986E91F7AC1EEB87BC3CAFF6B6299332394A6D1C764F66638205DCEF404F8427C52DC676DF7BA9DCBD17F1F95D36D3D608EEAC658BE052914AC3BD97E347951E827AACA1E7BE25D60D231833127BBA86AA0F3C4C886A05E65B570907C20890203010001A37D307B30160603551D250101FF040C300A06082B0601050507030330200603551D07041930178615687474703A2F2F6C69627764692E616B656F2E6965303F0603551D2004383036303406082B060105050702013028302606082B06010505070201161A687474703A2F2F6C69627764692D6370732E616B656F2E696500300D06092A864886F70D01010505000381810022CEC83780768260E34E750D2CE1DCF85E721C31EBCCA5733AD22795B3CFF5AE95A9197D27215F0B8DB7FCCF2BC2160FDEF62E90CDDCB775FB02CAA92D8ECEA2C46DC6032AE2D2ECEA92A8692508EE3ADADE1D0E6C3EBE93805BB8CF34074F7D7B8946C8F6A071B6881BE343B8D4B611B75FA7D9B4878992DCDA0577B9E647FB

Schoonmaak resultaat
-------------------------------------------------------
Schoongemaakt                 : 4
Als veilig gerapporteerd      : 0
Mislukte objecten             : 0

 

 

 

 

 

[kevinf80]

Run Zemana one more time, change "Smart Scan" to "Deep Scan" post that log..

I also see in RKill log that 4 missing services have been listed, i`ll get those ready for you next...

[kemped5]

Nothing was found when I did a deep scan.

Zemana AntiMalware 2.20.2.985 (Geïnstalleerd)

-------------------------------------------------------
Scan resultaat                : Compleet
Scan datum                    : 2016-6-12
Besturingssysteem             : Windows 10 64-bit
Processor                     : 4X Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
BIOS modus                    : Legacy
CUID                          : 1270AA1670E88ED961B658
Scan type                     : Diepe scan
Tijdsduur                     : 7m 46s
Gescande objecten             : 162932
Gedetecteerde objecten        : 0
Geexcludeerde objecten        : 0
Lees niveau                   : Normal
Automatische upload           : Aangeschakeld
Alle uitbreidingen includeren : Uitgeschakeld
Documenten scannen            : Uitgeschakeld
Domein informatie             : WORKGROUP,0,2

Gedetecteerde objecten
-------------------------------------------------------

Er zijn geen objecten gevonden

 

[kevinf80]

I`ve attached regfile.zip folder, unzip the contents to your Desktop, do not unzip anywhere else. When done you will have 4 reg files on your Desktop, Right click each one in turn and select "Merge" agree any alerts...

Reboot when complete, let me know if you have any remaining issues or concerns....

regfiles.zip

[kemped5]

Thanks, I just merged the 4 files and rebooted. Is there anything else I need to do?

[kevinf80]

The logs do not show any obvious malware or infection, do you still have issues or concerns. If none we will clean up tools etc..

[kemped5]

My firewall just automatically turned off again, I did not do anything that might´ve caused it.

[kemped5]

When I try to turn it on this is what is says now, ´´security and maintenance can´t turn on windows firewall´´

 

When I try to turn it on manually it says ´´windows firewall can´t change some of your settings error code 0x80070437

[kevinf80]

Yes this frustrating, run the following:

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/   Quit all running programs. For Windows XP, double-click to start. For Vista,Windows 7/8/8.1/10, Right-click on the program and select Run as Administrator to start and when prompted allow it to run. Read and accept the EULA (End User Licene Agreement) Click Scan to scan the system. When the scan completes select "Report",in the next window select "Export txt" the log will open as a text file post that log... Also save to your Desktop for reference. log will open. Close the program > Don't Fix anything!

[kemped5]

RogueKiller V12.3.2.0 [Jun  6 2016] (Free) door Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/software/roguekiller/
Blog : http://www.adlice.com

Besturingssysteem : Windows 10 (10.0.10586) 64 bits version
Gestart in : Normale mode
Gebruiker : Patrick [Administrator]
Started from : C:\Users\Patrick\Downloads\RogueKiller.exe
Mode : Scan -- Datum : 06/12/2016 23:53:47

¤¤¤ Processen : 0 ¤¤¤

¤¤¤ Register : 0 ¤¤¤

¤¤¤ Taken : 0 ¤¤¤

¤¤¤ Bestanden : 0 ¤¤¤

¤¤¤ Host-bestand : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Niet geladen [0xc000036b]) ¤¤¤

¤¤¤ Web Browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] 6e1q68ut.default : user_pref("browser.startup.homepage", "https://www.youtube.com/"); -> Gevonden

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000DM003-1ER162 +++++
--- User ---
[MBR] 448ea28d9845626fbb81638fd6980ca1
[BSP] 6ed492ccfbd8e5decc023ddac74224e0 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953317 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 1952600064 | Size: 450 MB
User = LL1 ... OK
User = LL2 ... OK

 

[kevinf80]

mmm another clean log, continue please:

Download Farbar Service Scanner from here: http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/ and run it on the computer with the issue. Make sure the following options are checked:   Internet Services Windows Firewall System Restore Security Center/Action Center Windows Update Windows Defender   Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Thank you, Kevin...

[exile360]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!