Thank you for your patience while I analyzed your FRST logs.
Before we start dealing with the problems you are experiencing, I would ask that you to take note of the following points:
- I am a Bleeping Computer volunteer, so I ask you to be patient. I know it is frustrating when your computer is not working properly, but malware removal takes time.
- Please also remember that I only dedicate a limited number of hours a day to helping people. We may live in different time zones, which may cause delays in responding.
- If I have not responded to you within 48 hours, please send me a personal message. Likewise, I expect you to respond within 48 hours, and sooner is better because we can fix your computer faster.
- If I have not heard from you in three days, I will "bump" your post. After five days of no response, I will consider that you no longer need my assistance and this thread will be closed.
- Logs can take a while to research, so please be patient.
- Some issues just cannot be solved so you must be prepared for this.
- Please read and follow the instructions in the exact sequence that they are posted to avoid making a bad situation worse.
- Please print or copy and save the instructions.
- Back up all your data and important files on another (external) drive before starting to run malware removal tools.
- You should try to limit your browsing with this computer until you are given the "All Clear." Some malware applications steal passwords.
- Please do not install or uninstall any applications, unless directed. Don't run any scripts or tools on your own because unsupervised usage may cause more harm than good.
- Please use only the tools you have been instructed to use.
- If you are using CD/DVD emulation software, this should be uninstalled or disabled as it can interfere with the removal of some malware. It can be turned off with Defogger and then turned back on when you get the "All Clear."
- Please copy and paste the requested log files inside your post, unless otherwise instructed. In your case, you will have to split up your FRST log files into separate responses of about 1,200 lines each. You have some 3,390 or so lines of logs, which exceeds the maximum reply post length on this Forum.
- There are no silly questions. Ask for clarification, if you have any questions or concerns.
- Bleeping Computer does not support any piracy. Evidence of illegal OS, software, cracks/keygens, etc., will be revealed by scan logs, and if found, further assistance may be suspended. Uninstall such software before proceeding!
- Any P2P software such as uTorrent, BitTorrent, Kazaa, etc. must be uninstalled or completely disabled. P2P software is a major security risk to your computer and may have been the route the malware used to infect your computer.
- Failure to follow these guidelines may result in assistance being withdrawn and your thread being closed.
- I am volunteering my time to help you, and I will need you to help me. Together, we can, hopefully, disinfect your computer and get if functioning properly again. That is my only aim.
OK, let's get started ...
In going over your logs I noticed that you have BitTorrent and Resilio Sync installed.
- Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
- They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
- Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
- The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall BitTorrent and Resilio Sync, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep them, please do not use them until your computer is declared clean.
In going over your logs, I saw the entry below in Installed Programs:
ePUBee DRM Removal (HKLM-x32\...\ePUBee DRM Removal) (Version: 220.127.116.11 - ePUBee Inc.)
The entry causes me some concern. That program permits users to duplicate ebooks that are protected by Digital Rights Management (DRM). What are using that program for?
The "Addition.txt" file reveals that System Restore is deactivated. For your protection, because malware removal can have unintended consequences, I strongly recommend that you turn on System Restore and configure it. As a part of any FRST "fixes", I will always instruct FRST to create a System Restore Point, so that if something goes wrong, we can get your computer back to where it was BEFORE a FRST fix was run. See this link for instructions as to how to turn on and configure System Restore. In Windows 10, for some reason, it is off by default, presumably to save space, and you don't have a lot of space on your C: drive, which is an issue. I would not allocate more than 5 GB to System Restore points.
The logs indicate that you are a SERIOUS gamer. In my first pass through your logs, I did not see anything really serious, BUT using P2P networks, as I explained above, is a major attack vector for malware, as well consuming considerable computer resources. In addition to P2P software, you are running Steam. This link contains more information about the security vulnerabilities, and the drain on your computer resources, by having Steam installed and running. I don't know the specs of your computer, but with all of the installed programs and all of the allowed communications (see "Firewall Rules" in the "Addition.txt" file), your computer could be just becoming overwhelmed by the drain on its resources and then inevitably grinding to a halt.
I will await your response to my question in . Bleeping Computer does not condone evading software or intellectual property licensing provisions, so I need to understand why you would have such software installed. There could be a legitimate reason. I am making NO allegations. Once we get that settled, I will provide a FRST fix to do some clean-up of your computer - nothing too serious.
Thank you and have a great day.