Laptop Is Not Working Right Seems To Be Hacked?

Greetings and welcome to the Major Geeks Malware Forum.

Please do this

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------

• Download FRST64 and save the file on your Desktop
• If your computer language is other than English right click on the FRST64 icon and rename it to FRST64english
• Right click on the icon and select Run as administrator
• Note: If you receive any warning about the download it is a false positive and you can ignore it. Click on More info to get the Run anyway option
• Click Yes to the disclaimer
• Click Scan and allow the program to run
• When completed, FRST.txt and Addition.txt reports will be saved on the Desktop
• Please attach the reports to your reply

===================================================

Things I would like to see in your next reply.

• Attached reports

 

Thank you for all of the files. Please allow me a bit of time to review all of the information.

 

Delete the FRST64.exe file, download a fresh copy and run the scan without modifying any of the settings.

 

Thank you for the new reports.

Let's start with this.

===================================================

Farbar Recovery Scan Tool Fix

--------------------

• Right click on the FRST64 icon and select Run as administrator
• Highlight the below information then hit the Ctrl + C keys at the same time and the text will be copied
• There is no need to paste the information anywhere, FRST64 will do it for you

Code:

Start::
SystemRestore: On
CreateRestorePoint:
CloseProcesses:
Folder: C:\Windows\MTSN
File: C:\Users\clint\AppData\Local\elecgbk
S2 GoogleUpdaterInternalService134.0.6985.0; "C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update-internal [X] 
S2 GoogleUpdaterService134.0.6985.0; "C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe" --system --windows-service --service=update [X] 
S3 NdisTapi; System32\DRIVERS\ndistapi.sys [X] 
S3 pmem; \??\C:\Users\clint\Temp\_MEI85282\drivers\winpmem32.sys [X] 
U3 TrueSight; \??\C:\Windows\System32\drivers\truesight.sys [X] 
S0 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X] 
HKU\S-1-5-21-1896102556-2770611597-2937492192-1001\...\Run: [HijackThis startup scan] => C:\Users\clint\Downloads\HijackThis.exe /startupscan (No File) 
Task: {D1902FEC-B170-4A1F-9DD3-881E888DFD56} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem134.0.6985.0{235E5C20-C31D-42E4-B079-288875D2C8CB} => "C:\Program Files (x86)\Google\GoogleUpdater\134.0.6985.0\updater.exe"  --wake --system (No File) 
Task: {C17648DE-B6CA-4658-A93F-0D8BE6457A28} - System32\Tasks\Lenovo\Vantage\Schedule\VantageCoreAddinIdleScheduleTask => C:\ProgramData\Lenovo\Vantage\Addins\VantageCoreAddin\1.0.0.190\ARM64\IdleScheduleEventAction.exe  (No File) 
Task: {F06E5BC6-9F46-4D43-B505-6A47DEDCA14C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File) 
Task: {777921C2-8217-46A7-A874-86A947D5D61A} - System32\Tasks\UnHackMe Task Scheduler => C:\Program Files (x86)\UnHackMe\hackmon.exe  $(Arg0) (No File) 
BHO: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> No File 
BHO-x32: IEToEdge BHO -> {1FD49718-1D00-4B19-AF5F-070AF6D5D54C} -> C:\Program Files (x86)\Microsoft\Edge\Application\133.0.3065.59\BHO\ie_to_edge_bho.dll => No File 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll => No File 
2025-02-11 17:57 - 2024-09-30 12:31 - 1978728448 _____ C:\Users\clint\OneDrive\Documents\Unconfirmed 726179.crdownload 
cmd: netsh winsock reset catalog
cmd: netsh int ip reset resetlog.txt
cmd: bitsadmin /reset /allusers
cmd: ipconfig /flushdns
cmd: ipconfig /all
Removeproxy:
cmd: sfc /scannow
cmd: DISM /Online /Cleanup-Image /CheckHealth
End::

• Click Fix
• When completed the tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.

===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it.

• Fixlog

 

Looks like we have some system issues to overcome.

• Click Start, type cmd, then select Run as administrator
• Type sfc /scannow then hit Enter
• Let me know the results when it has completed

 

Are you with us?