Back to having problems. Malware? Hardware? – Windows 10 Support – BleepingComputer

Hi Luis!

 

Thanks for helping me. I’m in good hands.

 

http://speccy.piriform.com/results/Dd0D0Y6oQi3z7lIw8cNYuIk

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by bkara (administrator) on 04-12-2021 at 19:52:48
Running from “G:appsutilsmalware”
Microsoft Windows 10 Pro  (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/04/2021 05:38:52 PM) (Source: SecurityCenter) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (12/04/2021 01:41:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.1170, time stamp: 0x618d79a6
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x603971ce
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0x3374
Faulting application start time: 0xmbamtray.exe0
Faulting application path: mbamtray.exe1
Faulting module path: mbamtray.exe2
Report Id: mbamtray.exe3
Faulting package full name: mbamtray.exe4
Faulting package-relative application ID: mbamtray.exe5

Error: (12/04/2021 01:37:41 PM) (Source: SecurityCenter) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (12/01/2021 05:39:27 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 94.0.2.7993 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 628
Start Time: 01d7e6c5059ee5f9
Termination Time: 40
Application Path: C:Program FilesMozilla Firefoxfirefox.exe
Report Id: 70bf8442-e1da-4d65-90fd-c5ae03ebf650
Faulting package full name:
Faulting package-relative application ID:
Hang type: firefox.exe0

Error: (11/15/2021 06:18:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: CNCLSD39d.dll, version: 3.9.0.1, time stamp: 0x5138214f
Exception code: 0xc0000005
Fault offset: 0x00000000000051b4
Faulting process id: 0x1938
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
Faulting package full name: svchost.exe_stisvc4
Faulting package-relative application ID: svchost.exe_stisvc5

Error: (11/14/2021 12:00:19 PM) (Source: SecurityCenter) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (11/11/2021 10:20:14 AM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_stisvc, version: 10.0.19041.546, time stamp: 0x058e175a
Faulting module name: CNCLST39d.dll, version: 3.9.0.1, time stamp: 0x5138214b
Exception code: 0xc0000005
Fault offset: 0x0000000000005d37
Faulting process id: 0xc54
Faulting application start time: 0xsvchost.exe_stisvc0
Faulting application path: svchost.exe_stisvc1
Faulting module path: svchost.exe_stisvc2
Report Id: svchost.exe_stisvc3
Faulting package full name: svchost.exe_stisvc4
Faulting package-relative application ID: svchost.exe_stisvc5

Error: (11/10/2021 11:23:16 AM) (Source: SecurityCenter) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (11/09/2021 12:47:26 AM) (Source: Application Error) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.19041.1151, time stamp: 0x6985bf98
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0xc9db1934
Exception code: 0xc000027b
Fault offset: 0x000000000010be3e
Faulting process id: 0x30fc
Faulting application start time: 0xShellExperienceHost.exe0
Faulting application path: ShellExperienceHost.exe1
Faulting module path: ShellExperienceHost.exe2
Report Id: ShellExperienceHost.exe3
Faulting package full name: ShellExperienceHost.exe4
Faulting package-relative application ID: ShellExperienceHost.exe5

Error: (11/09/2021 12:26:54 AM) (Source: Application Error) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.19041.1151, time stamp: 0x6985bf98
Faulting module name: KERNELBASE.dll, version: 10.0.19041.1202, time stamp: 0xc9db1934
Exception code: 0xc000027b
Fault offset: 0x000000000010be3e
Faulting process id: 0x20c8
Faulting application start time: 0xShellExperienceHost.exe0
Faulting application path: ShellExperienceHost.exe1
Faulting module path: ShellExperienceHost.exe2
Report Id: ShellExperienceHost.exe3
Faulting package full name: ShellExperienceHost.exe4
Faulting package-relative application ID: ShellExperienceHost.exe5

System errors:
=============
Error: (12/04/2021 05:59:08 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:56:27 PM on ‎12/‎4/‎2021 was unexpected.

Error: (12/04/2021 05:56:27 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 5:47:56 PM on ‎12/‎4/‎2021 was unexpected.

Error: (12/04/2021 02:30:20 PM) (Source: Service Control Manager) (User: )
Description: The Macrium Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (12/04/2021 02:29:42 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:22:42 PM on ‎12/‎4/‎2021 was unexpected.

Error: (12/04/2021 02:22:37 PM) (Source: volmgr) (User: )
Description: Crash dump initialization failed!

Error: (12/04/2021 02:22:42 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:57:56 PM on ‎12/‎4/‎2021 was unexpected.

Error: (12/04/2021 01:57:56 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 1:48:13 PM on ‎12/‎4/‎2021 was unexpected.

Error: (12/03/2021 03:00:10 PM) (Source: DCOM) (User: DESKTOP-AN3RDRA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (11/30/2021 09:42:50 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:56:48 AM on ‎11/‎30/‎2021 was unexpected.

Error: (11/30/2021 09:42:41 AM) (Source: Microsoft-Windows-Kernel-Boot) (User: NT AUTHORITY)
Description: 3221225684A fatal error occurred processing the restoration data.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2021-12-04 13:40:27.5760000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:27.5760000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:24.0940000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:24.0940000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:23.1020000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:23.0990000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:18.9500000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:18.9500000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:14.2920000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

  Date: 2021-12-04 13:40:14.2920000Z
  Description: Code Integrity determined that a process (DeviceHarddiskVolume4Program FilesMozilla Firefoxfirefox.exe) attempted to load DeviceHarddiskVolume4Program FilesMalwarebytesAnti-Malwarembae64.dll that did not meet the Microsoft signing level requirements.

=========================== Installed Programs ============================
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISER_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISER_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISER_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  – Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 3 (SP3) (HKLM-x32…{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  – Microsoft)
7-Zip 16.04 (x64) (HKLM…7-Zip) (Version: 16.04 – Igor Pavlov)
7-Zip 9.20 (HKLM-x32…7-Zip) (Version:  – )
ABBYY FineReader 12 Professional (HKLM-x32…{F12000FE-0001-0000-0000-074957833700}) (Version: 12.0.501 – ABBYY Production LLC)
AMD Software (HKLM…AMD Catalyst Install Manager) (Version: 9.0.000.8 – Advanced Micro Devices, Inc.)
Asmedia USB Host Controller Driver (HKLM-x32…{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.35.1 – Asmedia Technology)
ASUS Wireless Router Firmware Restoration Utility (HKLM-x32…{8CA9C449-C551-4DA2-A423-F0F62E6A04CB}) (Version: 2.0.0.0 – ASUS)
Audacity 2.3.3 (HKLM-x32…Audacity_is1) (Version: 2.3.3 – Audacity Team)
Bria 5 (HKCU…Bria 5) (Version: 5.8.51.5447 – CounterPath Corporation)
Canon D1300/MF6700 (HKLM…{DC61FFB7-A6FE-4237-B836-EDE8CA85B5AE}) (Version: 3.9.0.1 – CANON INC.)
Cisco Webex Meetings (HKCU…ActiveTouchMeetingClient) (Version: 41.10.5 – Cisco Webex LLC)
FastStone Photo Resizer 3.8 (HKLM-x32…FastStone Photo Resizer) (Version: 3.8 – FastStone Soft.)
Foxit PDF Reader (HKLM-x32…Foxit Reader_is1) (Version: 11.0.1.49938 – Foxit Software Inc.)
Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 – Google Inc.) Hidden
ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)
KeepNote 0.7.8 (HKLM-x32…KeepNote_is1) (Version:  – Matt Rasmussen)
Kits Configuration Installer (HKLM-x32…{29B915AE-013F-151F-3E61-67F7363C3A09}) (Version: 10.1.17763.132 – Microsoft) Hidden
Macrium Reflect Free Edition (HKLM…{8E0D2C1A-C209-4E34-B31A-89F4471D47CB}) (Version: 7.3.6391 – Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM…MacriumReflect) (Version: 7.3 – Paramount Software (UK) Ltd.)
Microsoft Edge (HKLM-x32…Microsoft Edge) (Version: 96.0.1054.43 – Microsoft Corporation)
Microsoft Edge Update (HKLM-x32…Microsoft Edge Update) (Version: 1.3.153.53 – )
Microsoft Office Enterprise 2007 (HKLM-x32…ENTERPRISER) (Version: 12.0.6612.1000 – Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32…{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 – Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM…{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 – Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM…{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 – Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM…{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 – Microsoft Corporation)
Microsoft Update Health Tools (HKLM…{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 – Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) – 14.28.29325 (HKLM-x32…{33628a12-6787-4b9f-95a1-92449f69fae0}) (Version: 14.28.29325.2 – Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.29.30040 (HKLM-x32…{a8968509-65be-4c09-a460-fd1584b1cdbf}) (Version: 14.29.30040.0 – Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM…Mozilla Firefox 94.0.2 (x64 en-US)) (Version: 94.0.2 – Mozilla)
Mozilla Maintenance Service (HKLM…MozillaMaintenanceService) (Version: 69.0 – Mozilla)
MyPhoneExplorer (HKLM-x32…MPE) (Version: 1.8.9 – F.J. Wechselberger)
Npcap (HKLM-x32…NpcapInst) (Version: 1.31 – Nmap Project)
NVIDIA HD Audio Driver 1.3.38.35 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.35 – NVIDIA Corporation)
SDK Debuggers (HKLM-x32…{A9F06890-9892-817F-EAD3-3E457AAC40B5}) (Version: 10.1.17763.132 – Microsoft Corporation) Hidden
TeamViewer (HKLM-x32…TeamViewer) (Version: 15.24.5 – TeamViewer)
Visual Syslog Server 1.6.3.15 (HKLM-x32…Visual Syslog Server_is1) (Version:  – Max Belkov)
VLC media player (HKLM…VLC media player) (Version: 3.0.16 – VideoLAN)
Windows PC Health Check (HKLM…{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 – Microsoft Corporation)
Windows Software Development Kit – Windows 10.0.17763.132 (HKLM-x32…{5fe95b9d-9219-4d8b-a031-71323ae48a81}) (Version: 10.1.17763.132 – Microsoft Corporation)
WinSCP 5.19 (HKCU…winscp3_is1) (Version: 5.19 – Martin Prikryl)
Wireshark 3.4.8 32-bit (HKLM-x32…Wireshark) (Version: 3.4.8 – The Wireshark developer community, https://www.wireshark.org)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32…Open Codecs) (Version: 0.85.17777 – Xiph.Org)
Zoom (HKCU…ZoomUMX) (Version: 5.4.7 (59784.1220) – Zoom Video Communications, Inc.)

========================= Memory info: ===================================
Percentage of memory in use: 37%
Total physical RAM: 8085.63 MB
Available physical RAM: 5075.03 MB
Total Virtual: 10773.63 MB
Available Virtual: 6589.6 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:232.25 GB) (Free:164.13 GB) NTFS
3 Drive g: (EVO860_500GB) (Fixed) (Total:465.76 GB) (Free:281.79 GB) NTFS

========================= Users: ========================================
User accounts for \DESKTOP-AN3RDRA

Administrator            myusername                    DefaultAccount           
Guest                    WDAGUtilityAccount       

**** End of log ****

 

 

*I am also looking into overheating as a possible cause of these problems, since the antimalware scans often push my CPU usage up to 100%.

Edited by hamluis, Yesterday, 08:21 PM.

Source: https://www.bleepingcomputer.com/forums/t/764586/back-to-having-problems-malware-hardware/