Hi iMacg3,
fixlog file attached below.
Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!
Hi iMacg3,
fixlog file attached below.
Finally, system can boot up normally. Really thanks you a lot.
Hi, both files attached below.
HKU\S-1-5-21-2804506713-796569667-501129852-1001\...\Policies\Explorer: [NoSecurityTab] 1
Chromium
Start:: CreateRestorePoint: EmptyTemp: CloseProcesses: HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-2804506713-796569667-501129852-1001\...\Run: [GoogleChromeAutoLaunch_CD4000C31A87C4AB51AF348EE25F0D6B] => C:\Users\Winson\AppData\Local\Chromium\Application\chrome.exe [1527808 2018-09-18] (The Chromium Authors) [File not signed] CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION HKU\S-1-5-21-2804506713-796569667-501129852-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10057_292_190717 SearchScopes: HKU\S-1-5-21-2804506713-796569667-501129852-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File FF Homepage: Mozilla\Firefox\Profiles\vwtqtef6.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10057_292_190717 FF NewTab: Mozilla\Firefox\Profiles\vwtqtef6.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10057_292_190717 2019-07-17 21:35 - 2019-07-17 21:35 - 000000258 __RSH C:\Users\Winson\ntuser.pol 2019-07-17 21:23 - 2019-07-17 22:16 - 000000000 ____D C:\Program Files (x86)\Sending 2019-07-17 21:22 - 2019-07-18 11:03 - 000000000 ____D C:\Users\Winson\AppData\Roaming\1337 2019-07-17 21:22 - 2019-07-18 11:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\System 2019-07-17 21:22 - 2019-07-17 21:22 - 000000000 ____D C:\ProgramData\Lamia 2019-07-17 20:06 - 2019-07-17 21:36 - 000722944 _____ C:\Users\Winson\AppData\Local\sha.db 2019-07-17 20:06 - 2019-07-17 20:06 - 000140800 _____ C:\Users\Winson\AppData\Local\installer.dat 2019-07-17 20:06 - 2019-07-17 20:06 - 000126464 _____ C:\Users\Winson\AppData\Local\lobby.dat 2019-07-17 20:06 - 2019-07-17 20:06 - 000054272 _____ C:\Users\Winson\AppData\Local\ApplicationHosting.dat 2019-07-17 22:58 - 2018-09-22 15:47 - 000002517 _____ C:\Users\Winson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk 2019-07-17 21:23 - 2019-04-15 23:28 - 000000258 __RSH C:\ProgramData\ntuser.pol CustomCLSID: HKU\S-1-5-21-2804506713-796569667-501129852-1001_Classes\CLSID\{635EFA6F-08D6-4EC9-BD14-8A0FDE975159}\localserver32 -> C:\Users\Winson\AppData\Local\Chromium\Application\69.0.3497.100\notification_helper.exe (The Chromium Authors) [File not signed] <==== ATTENTION ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll -> No File IE trusted site: HKU\S-1-5-21-2804506713-796569667-501129852-1001\...\webcompanion.com -> hxxp://webcompanion.com FirewallRules: [TCP Query User{24DFFBAF-4123-4273-8AFA-C51D31B40231}C:\users\winson\appdata\local\chromium\application\chrome.exe] => (Allow) C:\users\winson\appdata\local\chromium\application\chrome.exe (The Chromium Authors) [File not signed] FirewallRules: [UDP Query User{3B2ED776-2C9D-4D22-AC40-9BB7CCA0D75B}C:\users\winson\appdata\local\chromium\application\chrome.exe] => (Allow) C:\users\winson\appdata\local\chromium\application\chrome.exe (The Chromium Authors) [File not signed] C:\Users\Winson\AppData\Local\Chromium Folder: C:\ProgramData\{C519007A-4F5B-8ABC-C99D-14FE53DF9F30} Folder: C:\WINDOWS\System32\Tasks\{5AD17DCA-2298-B66F-227F-4D6238E86F16} VirusTotal: C:\WINDOWS\system32\Drivers\aswc7a99de7a98d29e7.tmp CMD: type "C:\Program Files (x86)\ASUS\GameFirst IV\startGameFirstIV.bat" cmd: ipconfig /flushdns cmd: ipconfig /release cmd: ipconfig /renew cmd: netsh winsock reset cmd: netsh int ip reset c:\resetlog.txt cmd: netsh int ipv4 reset cmd: netsh int ipv6 reset Removeproxy: CMD: Bitsadmin /Reset /Allusers End::
Due to lack of feedback, this topic has been closed.
If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
Security →
Virus, Spyware, Malware Removal →
Having Powersheel.exe Issues ... Need fixlist.txtStarted by raj0171 , 19 Mar 2024 Virus, HELP, Malwarebytes |
|
|
||
Security →
Virus, Spyware, Malware Removal →
Help removing a suspected TrojanStarted by RobJames , 01 Feb 2024 FXSAPIDebugLogFile and 2 more... |
|
|
||
|
Hardware →
Hardware, Components and Peripherals →
Recover the hard driveStarted by Andrew Board , 16 Jan 2024 data recovery, hard drive, help and 1 more... |
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
Possible Malware infection - help request [Solved]Started by Maffu , 07 May 2023 malware, advapi and 1 more... |
|
|
|
|
Security →
Virus, Spyware, Malware Removal →
Help getting started checking laptop for malware [Solved]Started by triedeverything , 12 Apr 2023 help, malware, spyware |
|
|
0 members, 0 guests, 0 anonymous users
Community Forum Software by IP.Board
Licensed to: Geeks to Go, Inc.