2 Replies - 1029 Views - Last Post: 29 June 2017 - 03:17 AM

#1 mercy_angel  Icon User is offline

  • D.I.C Regular

Reputation: 0
  • View blog
  • Posts: 330
  • Joined: 28-February 13

strange behaviour icons change font

Posted 24 June 2017 - 09:59 AM

Anyone have idea what is this? font of my icons got changed and some strange calendar shows up.

This is hijack log

Logfile of AnVir Task Manager Free v8.1.2 http://www.anvir.com
Log saved at 6/24/2017 18:58
Platform: Windows Windows10_64
MSIE: Internet Explorer v11.0

Running processes:
{Not Microsoft}
C:\Windows\System32\atiesrxx.exe {CPU time=0:00, Memory=5 MB, PageFile=1.3 MB}
C:\Windows\System32\atieclxx.exe {CPU time=0:02, Memory=10 MB, PageFile=2 MB}
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe {CPU time=0:00, Memory=5 MB, PageFile=1.2 MB}
C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe {CPU time=0:00, Memory=4 MB, PageFile=1.0 MB}
C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe {CPU time=0:00, Memory=14 MB, PageFile=3 MB, Security risk=30%}
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe {CPU time=0:00, Memory=16 MB, PageFile=4 MB}
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe {CPU time=0:00, Memory=4 MB, PageFile=3 MB}
E:\Program Files (x86)\Steam\Steam.exe {CPU time=0:05, Memory=45 MB, PageFile=29 MB}
C:\Program Files\CCleaner\CCleaner64.exe {CPU time=0:00, Memory=5 MB, PageFile=6 MB}
C:\Program Files\PowerISO\PWRISOVM.EXE {CPU time=0:00, Memory=6 MB, PageFile=1.4 MB}
E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe {CPU time=0:00, Memory=33 MB, PageFile=22 MB, Security risk=28%}
C:\Program Files (x86)\Common Files\Steam\SteamService.exe {CPU time=0:00, Memory=12 MB, PageFile=6 MB, Security risk=22%}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:25, Memory=140 MB, PageFile=77 MB}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:00, Memory=8 MB, PageFile=1.9 MB, Security risk=28%}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:00, Memory=9 MB, PageFile=1.9 MB, Security risk=28%}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:06, Memory=68 MB, PageFile=73 MB, Security risk=28%}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:14, Memory=102 MB, PageFile=83 MB, Security risk=28%}
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe {CPU time=0:01, Memory=50 MB, PageFile=38 MB, Security risk=28%}
C:\Program Files (x86)\AnVir Task Manager Free\AnVir.exe {CPU time=0:18, Memory=44 MB, PageFile=20 MB}
C:\Program Files (x86)\AnVir Task Manager Free\anvirlauncher.exe {CPU time=0:00, Memory=6 MB, PageFile=3 MB}
C:\Program Files (x86)\AnVir Task Manager Free\anvir64.exe {CPU time=0:00, Memory=8 MB, PageFile=1.6 MB}
C:\Program Files (x86)\AnVir Task Manager Free\OpenHardwareMonitor\OpenHardwareMonitor.exe {CPU time=0:01, Memory=45 MB, PageFile=26 MB}
{Microsoft}
C:\Windows\System32\smss.exe {CPU time=0:00, Memory=1.1 MB}
C:\Windows\System32\csrss.exe {CPU time=0:00, Memory=4 MB, PageFile=1.4 MB}
C:\Windows\System32\wininit.exe {CPU time=0:00, Memory=5 MB, PageFile=1.2 MB}
C:\Windows\System32\csrss.exe {CPU time=0:04, Memory=6 MB, PageFile=1.9 MB}
C:\Windows\System32\services.exe {CPU time=0:01, Memory=8 MB, PageFile=3 MB}
C:\Windows\System32\winlogon.exe {CPU time=0:00, Memory=8 MB, PageFile=1.8 MB, Security risk=24%}
C:\Windows\System32\lsass.exe {CPU time=0:01, Memory=14 MB, PageFile=5 MB}
C:\Windows\System32\svchost.exe {CPU time=0:01, Memory=22 MB, PageFile=8 MB}
C:\Windows\System32\svchost.exe {CPU time=0:03, Memory=11 MB, PageFile=5 MB}
C:\Windows\System32\dwm.exe {CPU time=0:08, Memory=42 MB, PageFile=55 MB, Security risk=24%}
C:\Windows\System32\svchost.exe {CPU time=0:11, Memory=67 MB, PageFile=37 MB}
C:\Windows\System32\svchost.exe {CPU time=0:01, Memory=25 MB, PageFile=17 MB}
C:\Windows\System32\svchost.exe {CPU time=0:02, Memory=20 MB, PageFile=7 MB}
C:\Windows\System32\svchost.exe {CPU time=0:02, Memory=24 MB, PageFile=14 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=19 MB, PageFile=8 MB}
C:\Windows\System32\svchost.exe {CPU time=0:01, Memory=18 MB, PageFile=8 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=9 MB, PageFile=2 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=7 MB, PageFile=2 MB}
C:\Windows\System32\spoolsv.exe {CPU time=0:00, Memory=14 MB, PageFile=5 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=24 MB, PageFile=7 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=10 MB, PageFile=4 MB}
C:\Windows\System32\svchost.exe {CPU time=0:04, Memory=23 MB, PageFile=10 MB}
C:\Windows\System32\sihost.exe {CPU time=0:02, Memory=23 MB, PageFile=5 MB, Security risk=24%}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=18 MB, PageFile=3 MB}
C:\Windows\System32\taskhostw.exe {CPU time=0:00, Memory=26 MB, PageFile=12 MB}
C:\Windows\explorer.exe {CPU time=0:06, Memory=81 MB, PageFile=29 MB}
C:\Windows\System32\RuntimeBroker.exe {CPU time=0:06, Memory=47 MB, PageFile=23 MB}
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe {CPU time=0:01, Memory=59 MB, PageFile=29 MB}
C:\Windows\System32\SearchIndexer.exe {CPU time=0:01, Memory=25 MB, PageFile=26 MB}
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe {CPU time=0:02, Memory=108 MB, PageFile=63 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=11 MB, PageFile=4 MB}
C:\Windows\System32\dllhost.exe {CPU time=0:00, Memory=9 MB, PageFile=1.8 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=7 MB, PageFile=2 MB}
C:\Windows\System32\backgroundTaskHost.exe {CPU time=0:02, Memory=43 MB, PageFile=29 MB}
C:\Windows\System32\ApplicationFrameHost.exe {CPU time=0:00, Memory=23 MB, PageFile=8 MB}
C:\Windows\ImmersiveControlPanel\SystemSettings.exe {CPU time=0:01, Memory=53 MB, PageFile=15 MB}
C:\Windows\System32\smartscreen.exe {CPU time=0:00, Memory=26 MB, PageFile=14 MB, Security risk=24%}
C:\Windows\System32\audiodg.exe {CPU time=0:00, Memory=10 MB, PageFile=5 MB}
C:\Windows\System32\mspaint.exe {CPU time=0:04, Memory=75 MB, PageFile=45 MB}
C:\Windows\System32\svchost.exe {CPU time=0:00, Memory=8 MB, PageFile=2 MB}
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.18.614.0_x64__kzf8qxf38zg5c\SkypeHost.exe {CPU time=0:00, Memory=18 MB, PageFile=4 MB}
C:\Windows\System32\SearchProtocolHost.exe {CPU time=0:00, Memory=10 MB, PageFile=2 MB}
C:\Windows\System32\SearchFilterHost.exe {CPU time=0:00, Memory=6 MB, PageFile=1.3 MB}
C:\Windows\System32\wbem\WmiPrvSE.exe {CPU time=0:00, Memory=8 MB, PageFile=2 MB}
C:\Windows\System32\wbem\WmiPrvSE.exe {CPU time=0:00, Memory=11 MB, PageFile=5 MB}
C:\Windows\System32\CompatTelRunner.exe {CPU time=0:00, Memory=12 MB, PageFile=3 MB}
C:\Windows\System32\conhost.exe {CPU time=0:00, Memory=5 MB, PageFile=1.4 MB}

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll {Security risk=24%}
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll {Security risk=24%}
O2 - BHO: Skype for Business Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll {Security risk=24%}
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll {Security risk=24%}
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" {Security risk=24%}
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [OneDrive] "C:\Users\tomu\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Steam] "E:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [YeaDesktop] C:\Program Files (x86)\YeaDesktop\YeaDesktop.exe /autostart {Security risk=36%}
O9 - Extra button or menuitem: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button or menuitem: %CommonProgramFiles%\Microsoft Shared\Office16\oregres.dll,-430 - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button or menuitem: OneNote Linked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O23 - Service: AMD External Events Utility (AMD External Events Utility) - AMD - C:\Windows\System32\atiesrxx.exe
O23 - Service: Microsoft App-V Client (AppVClient) - Microsoft Corporation - C:\Windows\System32\AppVClient.exe
O23 - Service: Microsoft ® Diagnostics Hub Standard Collector Service (diagnosticshub.standardcollector.service) - Microsoft Corporation - C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
O23 - Service: Foxit Reader Service (FoxitReaderService) - Foxit Software Inc. - C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe {Security risk=30%}
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Office Source Engine (ose) - Microsoft Corporation - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
O23 - Service: Performance Counter DLL Host (PerfHost) - Microsoft Corporation - C:\Windows\SysWOW64\perfhost.exe
O23 - Service: Corel License Validation Service V2, Powered by arvato (PSI_SVC_2) - arvato digital services llc - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Corel License Validation Service V2 x64, Powered by arvato (PSI_SVC_2_x64) - arvato digital services llc - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Windows Defender Advanced Threat Protection Service (Sense) - Microsoft Corporation - C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe
O23 - Service: Sensor Data Service (SensorDataService) - Microsoft Corporation - C:\Windows\System32\SensorDataService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Software Protection (sppsvc) - Microsoft Corporation - C:\Windows\System32\sppsvc.exe
O23 - Service: Steam Client Service (Steam Client Service) - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe {Security risk=22%}
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Storage Tiers Management (TieringEngineService) - Microsoft Corporation - C:\Windows\System32\TieringEngineService.exe
O23 - Service: User Experience Virtualization Service (UevAgentService) - Microsoft Corporation - C:\Windows\System32\AgentService.exe
O23 - Service: Interactive Services Detection (UI0Detect) - Microsoft Corporation - C:\Windows\System32\UI0Detect.exe
O23 - Service: Windows Defender Network Inspection Service (WdNisSvc) - Microsoft Corporation - C:\Program Files\Windows Defender\NisSrv.exe
O23 - Service: Windows Defender Service (WinDefend) - Microsoft Corporation - C:\Program Files\Windows Defender\MsMpEng.exe

--
End of file - 11779 bytes

Is This A Good Question/Topic? 0
  • +

Replies To: strange behaviour icons change font

#2 modi123_1  Icon User is online

  • Suitor #2
  • member icon



Reputation: 13495
  • View blog
  • Posts: 53,911
  • Joined: 12-June 08

Re: strange behaviour icons change font

Posted 24 June 2017 - 10:15 AM

Add a screen shot of the icon fonts and calendar thing to imgur and post the link here.

Have you run the usual malwarebytes in safe mode, etc?
Was This Post Helpful? 0
  • +
  • -

#3 mercy_angel  Icon User is offline

  • D.I.C Regular

Reputation: 0
  • View blog
  • Posts: 330
  • Joined: 28-February 13

Re: strange behaviour icons change font

Posted 29 June 2017 - 03:17 AM

View Postmodi123_1, on 24 June 2017 - 10:15 AM, said:

Add a screen shot of the icon fonts and calendar thing to imgur and post the link here.

Have you run the usual malwarebytes in safe mode, etc?



i manage to solve it, i quarantine process YeaDesktop..
Was This Post Helpful? 0
  • +
  • -

Page 1 of 1