Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Virus preventing me from opening antivirus programs


  • Please log in to reply

#1
Dinanight

Dinanight

    New Member

  • Member
  • Pip
  • 3 posts

I did some research about how to remove this virus that I have, but all the programs that I need to remove it won't open.

I believe that the virus is preventing me from opening all these programs.

The programs will open in task manager, but immediately close right after.

I've tried booting in safe mode and opening the antivirus programs, but they still close immediately after.

 

Some minor details included in the pictures attached.

Side note: Windows Process Manager (32bit) seems to be located in the same zaihupn folder

Attached Thumbnails

  • ba83b99d703d1e58155b11b775d05f6d.png
  • 31e4e81c939376473a7163a90abd0d2e.png
  • 40c77691648d0e667c27cbbcd0774bb3.png
  • dd2765ef4ad7e04cacafb27ab9d1e05e.png

  • 0

Advertisements


#2
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,965 posts

Welcome :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.


  • 1

#3
Dinanight

Dinanight

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Welcome :)

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

 

Hi, I did what you said, and here are the files

Attached Files


  • 0

#4
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,965 posts

Follow the instructions in the thread below. Make sure to download the MBAR version linked in it. Let me know if you're not able to launch it and run a scan.

https://forums.malwa...t-malwarebytes/

If you manage to run a scan, delete everything it finds]Upon completion of the scan or after the reboot, two files named  mbar-log.txt and system-log.txt will be created. Both files can be found in the extracted MBAR folder on your Desktop.
Please attach both files in your next reply.
 


  • 0

#5
JSntgRvr

JSntgRvr

    Global Moderator

  • Global Moderator
  • 10,965 posts

Also,

 

 

  • Highlight the entire content of the quote box below.

Start::
C:\Users\Dillon\AppData\Local\zaihupn
2017-08-27 13:06 - 2017-08-27 13:06 - 000619464 _____ () C:\Users\Dillon\AppData\Local\Temp\0KrakenDevProps.dll
2017-11-19 15:22 - 2017-11-19 15:22 - 000000069 _____ () C:\Users\Dillon\AppData\Local\Temp\1e7306d9a5ec8f0e809089ec2dcd11ec.dll
2017-11-19 15:22 - 2017-11-19 15:22 - 000000512 _____ () C:\Users\Dillon\AppData\Local\Temp\e213d06104e180a8194b041123dfe554.dll
2017-10-22 18:37 - 2017-10-22 18:37 - 002761179 _____ () C:\Users\Dillon\AppData\Local\Temp\golm.exe
2017-10-22 18:37 - 2017-10-22 18:37 - 001792071 _____ () C:\Users\Dillon\AppData\Local\Temp\pi.exe
2017-09-15 14:32 - 2017-11-04 01:21 - 000492544 _____ () C:\Users\Dillon\AppData\Local\Temp\s3.exe
FirewallRules: [{8A671A3F-61DE-43C7-B2FB-6B677066B3CE}] => (Allow) LPort=2869
FirewallRules: [{56C623E6-824E-46AA-B689-C195CF467063}] => (Allow) LPort=1900
FirewallRules: [{4DA34445-693E-48E4-8914-FC7FEDB19B10}] => (Allow) LPort=27017
FirewallRules: [{410B00A2-0CE0-4B2B-ACDB-8684FACF3579}] => (Allow) LPort=27017
Task: {4EFE290A-6C2C-4449-94AE-F36289FB78E4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {67C3D70D-C16B-4048-B997-53E03FE6F707} - System32\Tasks\Microsoft\Windows\Maintenance\UP_Scheduler => C:\Users\Dillon\AppData\Local\GCC\Controller.exe <==== ATTENTION
Task: {7E01A6FD-341F-4098-BA3C-C098B05D2AFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7F593227-DF94-4E6D-A2A2-C5A2079CC494} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9DE1FAD7-8AA8-4DC4-96F7-CC9F6692CDF7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A5E0BF91-96B8-466F-8EC9-3EFF470C9DD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AABD88B3-EB89-4562-8876-9988E82EEEB3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B6E1D3F4-6803-4BC1-AC67-6AA3896A72A6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BA49BCFD-1F62-4DB9-8A0C-2716258F6E3A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D43EBB27-9CC2-4EB0-AAC9-345E9899A16C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E0FB5602-287D-457F-8FF7-1F3EE960BD38} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E214B709-280F-45DD-848E-F5815D525FCA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E8932E9D-0437-456E-90EE-9AAA2C1EDAE4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {EEC2D0B5-BBE1-4E09-AB7C-C70D4D895FFF} - System32\Tasks\ParallelExtern => c:\programdata\{93366ccf-9554-1ff8-9336-66ccf955b33e}\6632625126948315687b.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\ParallelExtern.job => c:\programdata\{93366ccf-9554-1ff8-9336-66ccf955b33e}\6632625126948315687b.exe <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\RxAppDocView.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\RxTest.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> A:\Programs\Autodesk\Inventor 2014\Bin\Inventor.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\TestServer.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> A:\Programs\Autodesk\Inventor 2014\Bin\InvResc.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> A:\Programs\Autodesk\Inventor 2014\Bin\InvTXTStack.exe /Automation => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-1564100291-600091279-963294945-1002_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
Task: {4EFE290A-6C2C-4449-94AE-F36289FB78E4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {7E01A6FD-341F-4098-BA3C-C098B05D2AFD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {7F593227-DF94-4E6D-A2A2-C5A2079CC494} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9DE1FAD7-8AA8-4DC4-96F7-CC9F6692CDF7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {A5E0BF91-96B8-466F-8EC9-3EFF470C9DD3} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {AABD88B3-EB89-4562-8876-9988E82EEEB3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {B6E1D3F4-6803-4BC1-AC67-6AA3896A72A6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {BA49BCFD-1F62-4DB9-8A0C-2716258F6E3A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {D43EBB27-9CC2-4EB0-AAC9-345E9899A16C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {E0FB5602-287D-457F-8FF7-1F3EE960BD38} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E214B709-280F-45DD-848E-F5815D525FCA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {E8932E9D-0437-456E-90EE-9AAA2C1EDAE4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
ShortcutTarget: Peace.lnk -> C:\Program Files\EqualizerAPO\config\Peace.exe (No File)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @tongbu.com/tongbu,version=0.1 -> C:\Program Files (x86)\Tongbu\Addin\npTongbuAddin.dll [No File]
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [No File]
FF Plugin HKU\S-1-5-21-1564100291-600091279-963294945-1002: @onlive.com/OnLiveGameClientDetector,version=1.0.0 -> C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll [No File]
2017-08-27 13:06 - 2017-08-27 13:06 - 000619464 _____ () C:\Users\Dillon\AppData\Local\Temp\0KrakenDevProps.dll
2017-11-19 15:22 - 2017-11-19 15:22 - 000000069 _____ () C:\Users\Dillon\AppData\Local\Temp\1e7306d9a5ec8f0e809089ec2dcd11ec.dll
2017-11-22 23:54 - 2017-11-24 12:32 - 000204800 _____ (Sony DADC Austria AG) C:\Users\Dillon\AppData\Local\Temp\drm_dyndata_7370014.dll
2017-11-19 15:22 - 2017-11-19 15:22 - 000000512 _____ () C:\Users\Dillon\AppData\Local\Temp\e213d06104e180a8194b041123dfe554.dll
2017-10-22 18:37 - 2017-10-22 18:37 - 002761179 _____ () C:\Users\Dillon\AppData\Local\Temp\golm.exe
2017-10-27 19:53 - 2017-10-27 19:52 - 032880296 _____ (ArenaNet) C:\Users\Dillon\AppData\Local\Temp\Gw2.exe
2017-09-05 15:45 - 2016-03-09 15:39 - 004839768 ____N (Conexant Systems, Inc.) C:\Users\Dillon\AppData\Local\Temp\KUIU.EXE
2017-12-15 23:04 - 2017-12-15 22:58 - 083316440 _____ (Malwarebytes                                                ) C:\Users\Dillon\AppData\Local\Temp\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-11-02 16:00 - 2017-10-22 19:19 - 071535032 _____ (Malwarebytes                                                ) C:\Users\Dillon\AppData\Local\Temp\mbam-setup.exe
2017-11-17 14:14 - 2017-10-27 11:06 - 000874368 _____ (NVIDIA Corporation) C:\Users\Dillon\AppData\Local\Temp\nvSCPAPI64.dll
2017-12-15 21:27 - 2017-10-27 11:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Dillon\AppData\Local\Temp\nvStInst.exe
2017-10-22 18:37 - 2017-10-22 18:37 - 001792071 _____ () C:\Users\Dillon\AppData\Local\Temp\pi.exe
2017-09-15 14:32 - 2017-11-04 01:21 - 000492544 _____ () C:\Users\Dillon\AppData\Local\Temp\s3.exe
HOSTS:
CMD: Removeproxy
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
CMD: netsh winsock reset catalog
CMD: netsh int ip reset C:\resettcpip.txt
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
CMD: Bitsadmin /Reset /Allusers
EMPTYTEMP:
Reboot:
End::

  • Right click on the highlighted text and select Copy.
  • Start FRST (FRST64) with Administrator privileges
  • Press the Fix button. FRST will process the lines copied above from the clipboard.
  • When finished, a log file (Fixlog.txt) will pop up and saved in the same location the tool was ran from.

Please copy and paste its contents in your next reply.
 

 


  • 0

#6
Dinanight

Dinanight

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Follow the instructions in the thread below. Make sure to download the MBAR version linked in it. Let me know if you're not able to launch it and run a scan.

https://forums.malwa...t-malwarebytes/

If you manage to run a scan, delete everything it finds]Upon completion of the scan or after the reboot, two files named  mbar-log.txt and system-log.txt will be created. Both files can be found in the extracted MBAR folder on your Desktop.
Please attach both files in your next reply.
 

Thanks, I will report back if it works or not


Edited by Dinanight, Today, 08:00 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP