In Progress "Explorer.exe Error" CMD Window Opening During Start-Up

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi.

Currently reviewing your logs.

Meanwhile, please, don't try to fix anything by your self. Also, do not download/install anything else in the computer for now. :)
 

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
Hi, Mdmonster.

Run FRST fix

Please do the following to run a FRST fix.


NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End::", including both lines. Right-click and select "Copy ". No need to paste anything to anywhere.
Code:
Start::
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-3147712138-149798194-388908004-1001\...\Run: [cmd.exe] => C:\Users\Owner\AppData\Roaming\cmd.exe <==== ATTENTION
HKU\S-1-5-21-3147712138-149798194-388908004-1001\...\Policies\Explorer: [NoSecurityTab] 1
InternetURL: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webhelper\nuiJqaZsUW.url -> URL: "file:///C:\ProgramData\BhPshNRuQB\WebHelper.exe"
Task: {2E804A03-128D-4F2E-9E3D-CAC62905C296} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe
Task: {30688F3A-EF33-450F-9D22-8E9351AC4122} - System32\Tasks\iexplore => "C:\Users\Owner\AppData\Roaming\iexplore.exe"
S2 SU10Guard; C:\Program Files\UPDATE\SU10Guard.exe [X]
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Webhelper
C:\ProgramData\RPIgzVkIEk
C:\Users\Owner\AppData\Roaming\wveWx.vbs
C:\Users\Owner\AppData\Roaming\RTFib.vbs
C:\Users\Owner\AppData\Roaming\klEAO.vbs
C:\WINDOWS\system32\Tasks\iexplore
C:\ProgramData\BhPshNRuQB
HKU\S-1-5-21-3147712138-149798194-388908004-1001\...\StartupApproved\StartupFolder: => "nuiJqaZsUW.url"
FirewallRules: [UDP Query User{58BD721F-DCEF-48B1-9FD8-DE99E1D79339}C:\programdata\oracle\java\javapath_target_5748328\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_5748328\java.exe => No File
FirewallRules: [TCP Query User{02C18475-BA69-4AEB-8E42-5CAA83A56FD8}C:\programdata\oracle\java\javapath_target_5748328\java.exe] => (Allow) C:\programdata\oracle\java\javapath_target_5748328\java.exe => No File
FirewallRules: [UDP Query User{27987A4A-597C-4B05-B39F-A57E47B38231}C:\users\owner\downloads\anydesk.exe] => (Allow) C:\users\owner\downloads\anydesk.exe => No File
FirewallRules: [TCP Query User{D3494A1E-5571-4DF0-B516-D0B8E08694EA}C:\users\owner\downloads\anydesk.exe] => (Allow) C:\users\owner\downloads\anydesk.exe => No File
FirewallRules: [UDP Query User{4F69C6EF-A7A7-4DA3-AEC1-75AA10AABB64}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{19EEA94A-BEC7-4096-BA83-6464669D8493}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe => No File
FirewallRules: [TCP Query User{77B4B82E-195E-4A21-B822-E5B5D9AD1766}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
FirewallRules: [UDP Query User{F8626D4A-1CF7-4A96-BC66-A79D9D0717BC}C:\program files (x86)\call of duty modern warfare\modernwarfare.exe] => (Allow) C:\program files (x86)\call of duty modern warfare\modernwarfare.exe => No File
C:\Users\Owner\AppData\Roaming\cmd.exe
C:\ProgramData\BhPshNRuQB\WebHelper.exe
C:\Users\Owner\AppData\Roaming\iexplore.exe
C:\Program Files\AVAST Software
C:\Users\Owner\AppData\Roaming\klEAO.vbs
C:\Users\Owner\AppData\Roaming\RTFib.vbs
C:\Users\Owner\AppData\Roaming\wveWx.vbs
C:\Users\Owner\AppData\Local\d2ee9ea4d2
AlternateDataStreams: C:\Users\Owner\Local Settings:12-09-2020 [211]
AlternateDataStreams: C:\Users\Owner\Local Settings:13-09-2020 [20896]
AlternateDataStreams: C:\Users\Owner\Local Settings:14-09-2020 [7803]
AlternateDataStreams: C:\Users\Owner\AppData\Local:12-09-2020 [211]
AlternateDataStreams: C:\Users\Owner\AppData\Local:13-09-2020 [20896]
AlternateDataStreams: C:\Users\Owner\AppData\Local:14-09-2020 [7803]
AlternateDataStreams: C:\Users\Owner\AppData\Local\Application Data:12-09-2020 [211]
AlternateDataStreams: C:\Users\Owner\AppData\Local\Application Data:13-09-2020 [20896]
AlternateDataStreams: C:\Users\Owner\AppData\Local\Application Data:14-09-2020 [7803]
AlternateDataStreams: C:\Users\Public\AppData:CSM [476]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [484]
IFEO\dismHost.exe: [Debugger] *
IFEO\EOSNOTIFY.EXE: [Debugger] *
IFEO\InstallAgent.exe: [Debugger] *
IFEO\MusNotification.exe: [Debugger] *
IFEO\MUSNOTIFICATIONUX.EXE: [Debugger] *
IFEO\remsh.exe: [Debugger] *
IFEO\SIHClient.exe: [Debugger] *
IFEO\UpdateAssistant.exe: [Debugger] *
IFEO\UPFC.EXE: [Debugger] *
IFEO\UsoClient.exe: [Debugger] *
IFEO\WaaSMedic.exe: [Debugger] *
IFEO\WaasMedicAgent.exe: [Debugger] *
IFEO\Windows10Upgrade.exe: [Debugger] *
IFEO\WINDOWS10UPGRADERAPP.EXE: [Debugger] *
cmd: Type C:\Program Files (x86)\0AD9D926.log
cmd: Type C:\Users\Owner\AppData\Roaming\kbe_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
cmd: Type C:\Users\Owner\AppData\Roaming\_mc_loc.txt
Folder: C:\Users\Owner\AppData\Roaming\.ias
Folder: C:\Users\Owner\AppData\Roaming\your-app
VirusTotal: C:\Users\Owner\AppData\Roaming\curl.exe
EmptyTemp:
End::
  • Please right-click on FRST64 on your Desktop, to run it as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt on your Desktop.
  • Please post the log in your next reply.
 
Last edited:

DR.M

Malware Trainee
Joined
Sep 4, 2019
Messages
667
I'm leaving this thread due to lack of feedback. If you still need assistance, you can post here again, or, if the thread is closed, send me a personal message (Start a conversation) with a link to the topic.
 

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top