Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I need to make sure im not infected


  • Please log in to reply
3 replies to this topic

#1 yahfz

yahfz

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 10 May 2015 - 07:31 PM

HI guys, first of all thank you for helping me.

Here's the problem, i am having really bad ping spikes/ packet loss and i have to make sure it is not a virus.

Thank you.



BC AdBot (Login to Remove)

 


m

#2 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:58 AM

Posted 11 May 2015 - 01:03 AM

Hi there,

Bad ping spikes/packet loss can be a multitude of problems - not necessary malware. But we'll do a checkup.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#3 yahfz

yahfz
  • Topic Starter

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Local time:07:58 AM

Posted 11 May 2015 - 07:46 AM

MiniToolBox Log:

MiniToolBox by Farbar  Version: 14-04-2015
Ran by Yahfzz (administrator) on 11-05-2015 at 09:43:54
Running from "D:\Downloads"
Microsoft Windows 8.1 Pro  (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Yahfz
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 14-DA-E9-F3-BE-82
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::159c:30ef:719d:dc8%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.35(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 11 May, 2015 09:42:15 AM
   Lease Expires . . . . . . . . . . : 11 May, 2015 09:52:15 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 51698409
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-90-0D-F8-14-DA-E9-F3-BE-82
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2800:3f0:4001:801::200e
 173.194.118.4
 173.194.118.5
 173.194.118.3
 173.194.118.6
 173.194.118.8
 173.194.118.14
 173.194.118.9
 173.194.118.7
 173.194.118.0
 173.194.118.1
 173.194.118.2
 
 
Pinging google.com [173.194.118.4] with 32 bytes of data:
Reply from 173.194.118.4: bytes=32 time=21ms TTL=49
Reply from 173.194.118.4: bytes=32 time=21ms TTL=49
 
Ping statistics for 173.194.118.4:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=187ms TTL=49
Reply from 98.139.183.24: bytes=32 time=188ms TTL=49
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 187ms, Maximum = 188ms, Average = 187ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  3...14 da e9 f3 be 82 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.35     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.35    276
     192.168.1.35  255.255.255.255         On-link      192.168.1.35    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.35    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.35    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.35    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  3    276 fe80::/64                On-link
  3    276 fe80::159c:30ef:719d:dc8/128
                                    On-link
  1    306 ff00::/8                 On-link
  3    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/19/2015 01:32:38 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error starting the Windows Location Provider
 
Error: (04/18/2015 09:27:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Yahfz)
Description: Activation of app Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/18/2015 06:16:36 PM) (Source: Perflib) (User: )
Description: rdyboost4
 
Error: (04/18/2015 06:16:36 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (04/18/2015 01:45:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: RzStats.Manager.exe, version: 1.0.0.42, time stamp: 0x5503cbee
Faulting module name: KERNELBASE.dll, version: 6.3.9600.16384, time stamp: 0x52158f2d
Exception code: 0xe0434352
Fault offset: 0x00013d67
Faulting process id: 0x1094
Faulting application start time: 0xRzStats.Manager.exe0
Faulting application path: RzStats.Manager.exe1
Faulting module path: RzStats.Manager.exe2
Report Id: RzStats.Manager.exe3
Faulting package full name: RzStats.Manager.exe4
Faulting package-relative application ID: RzStats.Manager.exe5
 
Error: (04/18/2015 01:45:06 PM) (Source: .NET Runtime) (User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
   at RzDataTrackingManager.Form1.InitRiG()
   at RzDataTrackingManager.Form1..ctor()
   at RzDataTrackingManager.Program.Main()
 
Error: (04/18/2015 01:43:24 PM) (Source: Creative Labs SC) (User: )
Description: 98-164
 
Error: (04/18/2015 01:43:24 PM) (Source: Creative Labs SC) (User: )
Description: 98-164
 
Error: (04/18/2015 01:43:16 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (04/16/2015 10:07:46 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: The volume System Reserved was not optimized because an error was encountered: The parameter is incorrect. (0x80070057)
 
 
System errors:
=============
Error: (04/18/2015 09:31:40 PM) (Source: DCOM) (User: Yahfz)
Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (04/18/2015 09:31:40 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (04/18/2015 09:31:40 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness service depends on the Windows Event Log service which failed to start because of the following error: 
%%1058
 
Error: (04/18/2015 09:31:40 PM) (Source: DCOM) (User: Yahfz)
Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (04/18/2015 09:31:40 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (04/18/2015 09:31:40 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness service depends on the Windows Event Log service which failed to start because of the following error: 
%%1058
 
Error: (04/18/2015 09:31:39 PM) (Source: DCOM) (User: Yahfz)
Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (04/18/2015 09:31:39 PM) (Source: Service Control Manager) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (04/18/2015 09:31:39 PM) (Source: Service Control Manager) (User: )
Description: The Network Location Awareness service depends on the Windows Event Log service which failed to start because of the following error: 
%%1058
 
Error: (04/18/2015 09:31:38 PM) (Source: DCOM) (User: Yahfz)
Description: 1068netprofmUnavailable{A47979D2-C419-11D9-A5B4-001185AD2B89}
 
 
Microsoft Office Sessions:
=========================
Error: (04/19/2015 01:32:38 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147023828
 
Error: (04/18/2015 09:27:16 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Yahfz)
Description: Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader-2144927141
 
Error: (04/18/2015 06:16:36 PM) (Source: Perflib)(User: )
Description: rdyboost4
 
Error: (04/18/2015 06:16:36 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
 
Error: (04/18/2015 01:45:06 PM) (Source: Application Error)(User: )
Description: RzStats.Manager.exe1.0.0.425503cbeeKERNELBASE.dll6.3.9600.1638452158f2de043435200013d67109401d079f6ed7b116dC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeC:\Windows\SYSTEM32\KERNELBASE.dll44047791-e5ea-11e4-8270-14dae9f3be82
 
Error: (04/18/2015 01:45:06 PM) (Source: .NET Runtime)(User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.FileNotFoundException
Stack:
   at RzDataTrackingManager.Form1.InitRiG()
   at RzDataTrackingManager.Form1..ctor()
   at RzDataTrackingManager.Program.Main()
 
Error: (04/18/2015 01:43:24 PM) (Source: Creative Labs SC)(User: )
Description: 98-164
 
Error: (04/18/2015 01:43:24 PM) (Source: Creative Labs SC)(User: )
Description: 98-164
 
Error: (04/18/2015 01:43:16 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (04/16/2015 10:07:46 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: System ReservedThe parameter is incorrect. (0x80070057)
 
 
 
"BioShock Infinite" (HKLM-x32\...\{D081C29C-1DDC-4C55-BCBF-DF8519636331}_is1) (Version: 1.1.25.5165 - )
=========================== Installed Programs ============================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
3DMark 11 Demo (HKLM-x32\...\Steam App 221870) (Version:  - Futuremark)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
AP Tuner 3.08 (HKLM-x32\...\AP Tuner 3.08) (Version:  - )
Assassin's Creed Rogue (HKLM-x32\...\Uplay Install 895) (Version:  - Ubisoft)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{64BFBE7A-886C-4CA2-A9B4-0C2B5A5942BC}) (Version: 1.6.0.0 - Electronic Arts)
Bully: Scholarship Edition (HKLM-x32\...\Steam App 12200) (Version:  - Rockstar New England)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: 1.0 - ????? ?? R.G. Steamgames)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version:  - Crytek Studios)
Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.1.0.0 - Electronic Arts)
DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Drizzlepath (HKLM-x32\...\Drizzlepath_is1) (Version:  - )
f.lux (HKCU\...\Flux) (Version:  - )
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.00 - Ubisoft)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{049285D1-9444-42CE-8EB2-9DED22B6FCEC}) (Version: 4.35.507.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
GTA - San Andreas 1.00 (HKLM-x32\...\GTA - San Andreas 1.00) (Version: 1.00 - DonPixels-Pc)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman Absolution (HKLM-x32\...\{95030349-3623-4920-89BF-8BEC5EF311C5}_is1) (Version: 1.0433.1 - Square Enix)
Hotline Miami 2 - Wrong Number (HKLM-x32\...\1424773427_is1) (Version: 2.0.0.1 - GOG.com)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.25.1036 - Intel Corporation)
Intel® Management Engine Components (Version: 10.0.25.1036 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (Version: 1.0.1.0 - Intel Corporation) Hidden
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.40.26 - Oracle Corporation) Hidden
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version:  - Traveller's Tales)
LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version:  - TT Games)
LEGO Batman: The Videogame (HKLM-x32\...\Steam App 21000) (Version:  - Traveller's Tales)
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version:  - TT Games)
LEGO Harry Potter: Years 5-7 (HKLM-x32\...\Steam App 204120) (Version:  - Traveller's Tales )
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version:  - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
Mafia II (HKLM-x32\...\Steam App 50130) (Version:  - 2K Czech)
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
METAL SLUG 3 (HKLM-x32\...\Steam App 250180) (Version:  - DotEmu)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Mortal Kombat X (HKLM-x32\...\Mortal Kombat X_is1) (Version:  - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.0.0.0 - Electronic Arts)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Control Panel 350.12 (Version: 350.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.175.1449 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Miracast Virtual Audio 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 350.12 - NVIDIA Corporation)
NVIDIA Network Service (Version: 2.3 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
NVIDIA ShadowPlay 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 2.4.1.21 (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Particula (HKLM-x32\...\Steam App 343360) (Version:  - Microblast Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
Pro Evolution Soccer 2015 (HKLM-x32\...\UHJvRXZvbHV0aW9uU29jY2VyMjAxNQ==_is1) (Version: 1 - )
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Scribblenauts Unlimited (HKLM-x32\...\Scribblenauts Unlimited_is1) (Version:  - )
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Strife (HKLM-x32\...\Strife) (Version:  - S2 Games)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - Terry Cavanagh)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
System Requirements Lab Detection (HKLM-x32\...\{BE76C015-E416-4C1C-96B5-9AB55BDE84CB}) (Version: 6.1.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
The LEGO® Movie - Videogame (HKLM-x32\...\Steam App 267530) (Version:  - TT Fusion)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version:  - Frozenbyte)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Warcraft III Reign of Chaos & The Frozen Throne (HKLM-x32\...\Warcraft III Reign of Chaos & The Frozen Throne) (Version:  - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.21 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 20%
Total physical RAM: 8156.88 MB
Available physical RAM: 6481.05 MB
Total Pagefile: 9436.88 MB
Available Pagefile: 7522.08 MB
Total Virtual: 4095.88 MB
Available Virtual: 3964.7 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:111.69 GB) (Free:19.03 GB) NTFS
2 Drive d: (Local Disk) (Fixed) (Total:931.51 GB) (Free:306.58 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\YAHFZ
 
Administrator            Guest                    Yahfzz                   
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
 
**** End of log ****


Security Check LOG:

 Results of screen317's Security Check version 1.001  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 40  
 Java version 32-bit out of Date! 
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 


#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:10:58 AM

Posted 11 May 2015 - 08:01 AM

Hi there,

Please uninstall the following software from Programs and Features:

Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.2.0 - IObit)
Driver Booster 2.3 (HKLM-x32\...\Driver Booster_is1) (Version: 2.3 - IObit)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)

If you run into any problems, let me know.

Please take a moment to read about the dangers of using pirated software.

Bleeping Computer does not allow the use of pirated software.

The practice of using keygenshacking toolscracking toolswareztorrents or any pirated software is not only considered illegal activity, but it is a serious security risk which can turn a computer into a virus honeypot or zombie.
 
When you use these kind of programs, be forewarned that some of the worst types of malware infections can be contracted and spread by visiting crack, keygen, warez and other pirated software sites. In many cases, those sites are infested with a smörgåsbord of malware and an increasing source of system infection. Those who attempt to get software for free can end up with a computer system so badly damaged that recovery is not possible, and it cannot be repaired. When that happens there is nothing you can do besides reformatting and reinstalling the OS.
 
If you want to read on then the full post is here.


After that please run this.

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users