Log file, could someone scan it for me please #45
Labels
Comments
|
Hi,
Please, note that only members of VIRUSNET-Association are allowed to respond in PC cure topics. Assistance is provided free of charge at our free time. If you found our help useful, you can thank us with any amount using this form or you can leave a feedback in Guestbook. |
|
Closed. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi
I have been having a problem with overheating cpu that is working hard even when there is limited work being done.
Olpair seems to have invaded Chrome and is popping up ads even sometimes when Chrome has been closed.
Many thanks
Logfile of HiJackThis Fork (Beta) by Alex Dragokas v.2.8.0.4
Platform: x64 Windows 10 (Pro), 10.0.17134.345 (ReleaseId: 1803), Service Pack: 0
Time: 11.10.2018 - 18:10 (UTC+01:00)
Language: OS: English (0x409). Display: English (0x809). Non-Unicode: English (0x809)
Elevated: Yes
Ran by: Think (group: Administrator) on THINK-PC, FirstRun: yes
Chrome: 69.0.3497.100
Edge: 11.0.17134.345
Internet Explorer: 11.0.17134.1
Default: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Chrome)
Boot mode: Normal
Running processes:
Number | Path
13 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
1 C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
1 C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
1 C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
1 C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Program Files (x86)\Windscribe\WindscribeService.exe
1 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
1 C:\Program Files\AVAST Software\Avast\AvastUI.exe
1 C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
2 C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
1 C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
1 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
1 C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
1 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
1 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
1 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
1 C:\Program Files\Windows Defender\MSASCuiL.exe
1 C:\Program Files\WindowsApps\Microsoft.BingNews_4.27.2643.0_x64__8wekyb3d8bbwe\Microsoft.Msn.News.exe
1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
1 C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
1 C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1808.2461.0_x64__8wekyb3d8bbwe\Calculator.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20137.0_x64__8wekyb3d8bbwe\HxOutlook.exe
1 C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10827.20137.0_x64__8wekyb3d8bbwe\HxTsr.exe
1 C:\Users\Think\AppData\Local\Apps\2.0\6G6P2LDL.JXQ\NG54Y1LD.2VW\lsb...tion_2d7b41b05b24775e_0001.0006_3b0a905c8de4f74a\LSB.exe
1 C:\Users\Think\AppData\Roaming\Dashlane\Dashlane.exe
1 C:\Users\Think\AppData\Roaming\Dashlane\DashlanePlugin.exe
1 C:\Users\Think\Desktop\HiJackThis\HiJackThis.exe
1 C:\Users\Think\Desktop\HiJackThis\MemCompression
1 C:\Users\Think\Desktop\HiJackThis\Registry
1 C:\Windows\ImmersiveControlPanel\SystemSettings.exe
1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
1 C:\Windows\System32\ApplicationFrameHost.exe
2 C:\Windows\System32\LPlatSvc.exe
9 C:\Windows\System32\RuntimeBroker.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
2 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\SecurityHealthService.exe
1 C:\Windows\System32\SettingSyncHost.exe
1 C:\Windows\System32\SgrmBroker.exe
1 C:\Windows\System32\SystemSettingsBroker.exe
1 C:\Windows\System32\WUDFHost.exe
1 C:\Windows\System32\audiodg.exe
1 C:\Windows\System32\browser_broker.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\ctfmon.exe
2 C:\Windows\System32\dasHost.exe
3 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
2 C:\Windows\System32\fontdrvhost.exe
1 C:\Windows\System32\hkcmd.exe
1 C:\Windows\System32\ibmpmsvc.exe
1 C:\Windows\System32\igfxpers.exe
1 C:\Windows\System32\igfxtray.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\rundll32.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\sihost.exe
1 C:\Windows\System32\smartscreen.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
80 C:\Windows\System32\svchost.exe
2 C:\Windows\System32\taskhostw.exe
2 C:\Windows\System32\wbem\WmiPrvSE.exe
1 C:\Windows\System32\wbem\unsecapp.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
1 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
12 C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
1 C:\Windows\explorer.exe
O2-32 - HKLM..\BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\Think\AppData\Roaming\Dashlane\ie\Dashlanei.dll
O3-32 - HKLM..\Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\Think\AppData\Roaming\Dashlane\ie\KWIEBar.dll
O4 - HKCU..\Run: [DashlanePlugin] = C:\Users\Think\AppData\Roaming\Dashlane\DashlanePlugin.exe ws
O4 - HKCU..\Run: [Dashlane] = C:\Users\Think\AppData\Roaming\Dashlane\Dashlane.exe autoLaunchAtStartup
O4 - HKCU..\Run: [Windscribe] = C:\Program Files (x86)\Windscribe\Windscribe.exe -os_restart
O4 - HKCU..\StartupApproved\Run: [GoogleChromeAutoLaunch_E88856B6B5DF275909287BC7482DE870] (2018/09/07) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5
O4 - HKCU..\StartupApproved\Run: [OneDrive] (2018/09/07) = C:\Users\Think\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background
O4 - HKCU..\StartupApproved\StartupFolder: C:\Users\Think\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\adu213uasdk123jim12.vbs (2018/09/07)
O4 - HKCU..\StartupApproved\StartupFolder: C:\Users\Think\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\asdu123jnjasodi9i13.vbs (2018/09/07)
O4 - HKCU..\StartupApproved\StartupFolder: C:\Users\Think\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\asdzu1762z3hnsajmd.vbs (2018/09/07)
O4 - HKLM..\Run: [AvastUI.exe] = C:\Program Files\AVAST Software\Avast\AvLaunch.exe /gui
O4 - HKLM..\StartupApproved\Run: [HotKeysCmds] = C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM..\StartupApproved\Run: [IgfxTray] = C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM..\StartupApproved\Run: [Persistence] = C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM..\StartupApproved\Run: [SecurityHealth] = C:\Program Files\Windows Defender\MSASCuiL.exe
O4 - HKU\S-1-5-19..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - HKU\S-1-5-20..\RunOnce: [WAB Migrate] = C:\Program Files\Windows Mail\wab.exe /Upgrade
O4 - User Startup: C:\Users\Think\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\laskdadn81237sausinadsh.vbs
O4-32 - HKLM..\Run: [HP Software Update] = C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O9 - Button: HKLM..{22CC3EBD-C286-43aa-B8E6-06B115F74162} - HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9 - Tools menu item: HKLM..{22CC3EBD-C286-43aa-B8E6-06B115F74162} - HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Button: HKLM..{22CC3EBD-C286-43aa-B8E6-06B115F74162} - HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O9-32 - Tools menu item: HKLM..{22CC3EBD-C286-43aa-B8E6-06B115F74162} - HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
O17 - DHCP DNS 1: 194.168.4.100
O17 - DHCP DNS 2: 194.168.8.100
O21 - HKLM..\ShellIconOverlayIdentifiers: avast - {472083B0-C522-11CF-8763-00608CC02F24} - C:\Program Files\AVAST Software\Avast\ashShA64.dll
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndContinueUpdates - {0DC331EE-8438-49D5-A721-E10B937CE459} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: (disabled) \Microsoft\Windows\InstallService\WakeUpAndScanForUpdates - {D5A04D91-6FE6-4FE4-A98A-FEB4500C5AF7} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: Avast Emergency Update - C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
O22 - Task: GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task: GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task: HPCustParticipation HP ENVY 4500 series - C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe /UA 12.5 /DDV 0x0b00
O22 - Task: WpsExternal_Think_20180806190351 - C:\Users\Think\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe /wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll /task=wpsexternal /launchtask /ver=1.0 /start_from=task_external
O22 - Task: WpsUpdateTask_Think - C:\Users\Think\AppData\Local\Kingsoft\WPS Office\10.2.0.7456\wtoolex\wpsupdate.exe -from=task
O22 - Task: \Avast Software\Overseer - C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe /from_scheduler:1
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Monitor - C:\WINDOWS\system32\ImController.InfInstaller.exe -checkremoval
O22 - Task: \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
O22 - Task: \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
O22 - Task: \Lenovo\ImController\TimeBasedEvents\8ed7f941-e68a-4863-8b4e-c5f9a9ebb713 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 8ed7f941-e68a-4863-8b4e-c5f9a9ebb713
O22 - Task: \Lenovo\ImController\TimeBasedEvents\d7d5a0a3-f422-4c51-bf57-a00bcf54fb91 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger d7d5a0a3-f422-4c51-bf57-a00bcf54fb91
O22 - Task: \Lenovo\ImController\TimeBasedEvents\ec23bdf7-269a-45af-b41a-15f2453ca479 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger ec23bdf7-269a-45af-b41a-15f2453ca479
O22 - Task: \Lenovo\Lenovo Hardware Settings - C:\WINDOWS\system32\rundll32.exe "C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.dll",PwrMgrBkGndMonitor
O22 - Task: \Lenovo\Lenovo Service Bridge\S-1-5-21-1371865374-2896238855-448623355-1000 - C:\WINDOWS\system32\rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Think\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceLocationRightsChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePolicyChange - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -SettingChange - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -Periodic - C:\WINDOWS\system32\DeviceDirectoryClient.dll (Microsoft)
O22 - Task: \Microsoft\Windows\DirectX\DXGIAdapterCache - C:\WINDOWS\system32\dxgiadaptercache.exe (Microsoft)
O22 - Task: \Microsoft\Windows\HelloFace\FODCleanupTask - C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdates - {A558C6A5-B42B-4C98-B610-BF9559143139} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\ScanForUpdatesAsUser - {DDAFAEA2-8842-4E96-BADE-D44A8D676FDB} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\InstallService\SmartRetry - {F3A219C3-2698-4CBF-9C07-037EDB8E72E6} - C:\Windows\System32\InstallServiceTasks.dll (Microsoft)
O22 - Task: \Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources - {D0582E3B-3126-4CAA-9155-AC37C912A489} - C:\WINDOWS\System32\LanguageOverlayServer.dll (Microsoft)
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ClientTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Client"
O22 - Task: \Microsoft\Windows\SMB\UninstallSMB1ServerTask - C:\WINDOWS\system32\WindowsPowerShell\v1.0\powershell.exe -ExecutionPolicy Unrestricted -NonInteractive -NoProfile -WindowStyle Hidden "& C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\SmbShare\DisableUnusedSmb1.ps1 -Scenario Server"
O22 - Task: \Microsoft\Windows\Setup\Notifier - C:\WINDOWS\system32\Notifier.exe (file missing)
O22 - Task: \Microsoft\Windows\Speech\HeadsetButtonPress - C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe StartedFromTask (Microsoft)
O22 - Task: \Microsoft\Windows\WaaSMedic\PerformRemediation - {72566E27-1ABB-4EB3-B4F0-EB431CB1CB32},None - C:\WINDOWS\System32\WaaSMedicSvc.dll (Microsoft)
O23 - Service R2: Avast Antivirus - (avast! Antivirus) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service R2: Lenovo PM Service - (IBMPMSVC) - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service R2: Lenovo Platform Service - (LPlatSvc) - C:\WINDOWS\system32\LPlatSvc.exe
O23 - Service R2: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service R2: SynTPEnh Caller Service - (SynTPEnhService) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
O23 - Service R2: WindscribeService - C:\Program Files (x86)\Windscribe\WindscribeService.exe
O23 - Service R3: aswbIDSAgent - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /svc
O23 - Service S3: AvastWscReporter - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe /runassvc
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /medsvc
O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service S3: Windows Defender Advanced Threat Protection Service - (Sense) - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service S3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\NisSrv.exe
O23 - Service S3: Windows Defender Antivirus Service - (WinDefend) - C:\ProgramData\Microsoft\Windows Defender\platform\4.14.17639.18041-0\MsMpEng.exe
--
End of file - Time spent: 13 sec. - 31766 bytes, CRC32: FFFFFFFF. Sign: 篕
The text was updated successfully, but these errors were encountered: