Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP! - Chorme is hijacked! Unable to Print & DNS redirected


  • Please log in to reply
13 replies to this topic

#1 nicholasongsl

nicholasongsl

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 27 May 2015 - 11:44 PM

Hi guys, i think i am infected by "chromenotice" or smth.

My print feature is broken, also any fail link site will be redirected

 



BC AdBot (Login to Remove)

 


#2 Ionnakis

Ionnakis

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:08:28 PM

Posted 28 May 2015 - 01:54 AM

Are you getting popups?

 

Is this happening in any other browser?



#3 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:28 PM

Posted 28 May 2015 - 02:25 AM

This sounds like a hijack that will automatically redirect typosquatted lines.

Let's see what is going on.

MiniToolbox by Farbar

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

===

AdwCleaner by Xplode

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • DO NOT CLEAN ANYTHING! Removal will be done after analysis of the log.
  • After the scan has finished, click on the Logfile button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
Regards,
Alex

#4 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 28 May 2015 - 09:13 PM

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by Nicholas (administrator) on 29-05-2015 at 10:09:06
Running from "C:\Users\Nicholas\Downloads"
Microsoft Windows 8.1  (X64)
Model: HP Pavilion 15 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Broadcom BCM43142 802.11 bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : SendMyStuffs
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-AD-97-CE-AD-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 9C-AD-97-CE-AD-9C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : 9C-AD-97-CE-AD-9B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b456:36df:84e8:462a%4(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.7(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, 29 May 2015 10:05:39 AM
   Lease Expires . . . . . . . . . . : Friday, 29 May 2015 2:05:39 PM
   Default Gateway . . . . . . . . . : fe80::407a:13bf:a7a8:1ab%4
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 77376919
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-73-5D-D0-8C-DC-D4-7A-00-70
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 8C-DC-D4-7A-00-70
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:cd4:2124:3f57:fef8(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::cd4:2124:3f57:fef8%9(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-73-5D-D0-8C-DC-D4-7A-00-70
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{EB62A8A3-5CC9-49DE-9582-B8E6AAB1A104}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Singtel
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  173.194.117.14
 173.194.117.3
 173.194.117.1
 173.194.117.7
 173.194.117.2
 173.194.117.6
 173.194.117.9
 173.194.117.0
 173.194.117.5
 173.194.117.4
 173.194.117.8
 
 
Pinging google.com [74.125.130.139] with 32 bytes of data:
Reply from 74.125.130.139: bytes=32 time=281ms TTL=43
Reply from 74.125.130.139: bytes=32 time=174ms TTL=43
 
Ping statistics for 74.125.130.139:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 174ms, Maximum = 281ms, Average = 227ms
Server:  Singtel
Address:  192.168.1.254
 
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  98.139.183.24
 206.190.36.45
 98.138.253.109
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=270ms TTL=46
Reply from 98.139.183.24: bytes=32 time=340ms TTL=44
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 270ms, Maximum = 340ms, Average = 305ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  7...9e ad 97 ce ad 9b ......Microsoft Wi-Fi Direct Virtual Adapter
  5...9c ad 97 ce ad 9c ......Bluetooth Device (Personal Area Network)
  4...9c ad 97 ce ad 9b ......Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
  3...8c dc d4 7a 00 70 ......Realtek PCIe FE Family Controller
  1...........................Software Loopback Interface 1
  9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254      192.168.1.7     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.7    281
      192.168.1.7  255.255.255.255         On-link       192.168.1.7    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.7    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.7    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.7    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9    306 ::/0                     On-link
  4    281 ::/0                     fe80::407a:13bf:a7a8:1ab
  1    306 ::1/128                  On-link
  9    306 2001::/32                On-link
  9    306 2001:0:9d38:6abd:cd4:2124:3f57:fef8/128
                                    On-link
  4    281 fe80::/64                On-link
  9    306 fe80::/64                On-link
  9    306 fe80::cd4:2124:3f57:fef8/128
                                    On-link
  4    281 fe80::b456:36df:84e8:462a/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    281 ff00::/8                 On-link
  9    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/28/2015 00:17:34 PM) (Source: Application Error) (User: )
Description: Faulting application name: wwahost.exe, version: 6.3.9600.17415, time stamp: 0x545036ce
Faulting module name: MSHTML.dll, version: 11.0.9600.17801, time stamp: 0x55368224
Exception code: 0xc0000005
Fault offset: 0x000000000006daf2
Faulting process id: 0xe2c
Faulting application start time: 0xwwahost.exe0
Faulting application path: wwahost.exe1
Faulting module path: wwahost.exe2
Report Id: wwahost.exe3
Faulting package full name: wwahost.exe4
Faulting package-relative application ID: wwahost.exe5
 
Error: (05/28/2015 11:35:25 AM) (Source: Application Error) (User: )
Description: Faulting application name: senddoc.exe, version: 0.0.0.0, time stamp: 0x53d74da0
Faulting module name: smapi.dll, version: 16.4.3528.331, time stamp: 0x533a4011
Exception code: 0xc0000005
Fault offset: 0x0000886f
Faulting process id: 0x367c
Faulting application start time: 0xsenddoc.exe0
Faulting application path: senddoc.exe1
Faulting module path: senddoc.exe2
Report Id: senddoc.exe3
Faulting package full name: senddoc.exe4
Faulting package-relative application ID: senddoc.exe5
 
Error: (05/26/2015 03:53:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (05/26/2015 03:53:25 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (05/26/2015 03:53:23 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifest.
 
Error: (05/20/2015 11:33:04 AM) (Source: Application Hang) (User: )
Description: The program LiveComm.exe version 17.5.9600.20856 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: dd4
 
Start Time: 01d092acf71acb90
 
Termination Time: 4294967295
 
Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe
 
Report Id: eaa85b19-fea0-11e4-828a-9cad97cead9c
 
Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe
 
Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/19/2015 04:13:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: wlmail.exe, version: 16.4.3528.331, time stamp: 0x533a3fce
Faulting module name: MSMAIL.DLL, version: 16.4.3528.331, time stamp: 0x533a408a
Exception code: 0xc0000005
Fault offset: 0x000c4921
Faulting process id: 0x%9
Faulting application start time: 0xwlmail.exe0
Faulting application path: wlmail.exe1
Faulting module path: wlmail.exe2
Report Id: wlmail.exe3
Faulting package full name: wlmail.exe4
Faulting package-relative application ID: wlmail.exe5
 
Error: (05/18/2015 03:47:54 PM) (Source: Application Hang) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a8c
 
Start Time: 01d0913e31233afd
 
Termination Time: 4294967295
 
Application Path: C:\Windows\syswow64\wwahost.exe
 
Report Id: 294d2293-fd32-11e4-828a-9cad97cead9c
 
Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c
 
Faulting package-relative application ID: App
 
Error: (05/18/2015 01:59:41 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (05/12/2015 07:13:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13546
 
 
System errors:
=============
Error: (05/22/2015 05:07:23 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 05:07:23 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (05/21/2015 00:28:28 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/21/2015 00:11:58 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/21/2015 00:09:47 PM) (Source: DCOM) (User: SENDMYSTUFFS)
Description: {820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}
 
Error: (05/20/2015 02:13:46 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/20/2015 11:40:38 AM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/20/2015 11:39:27 AM) (Source: DCOM) (User: SENDMYSTUFFS)
Description: {820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}
 
Error: (05/18/2015 02:15:06 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (05/14/2015 11:11:53 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application Local Management Service service hung on starting.
 
 
Microsoft Office Sessions:
=========================
Error: (05/28/2015 00:17:34 PM) (Source: Application Error)(User: )
Description: wwahost.exe6.3.9600.17415545036ceMSHTML.dll11.0.9600.1780155368224c0000005000000000006daf2e2c01d098fd367d3066C:\Windows\system32\wwahost.exeC:\Windows\system32\MSHTML.dll76fcdb02-04f0-11e5-828e-9cad97cead9cAD2F1837.HPConnectedPhotopoweredbySnapfish_2.5.6.4614_neutral__v10z8vjag6ke6App
 
Error: (05/28/2015 11:35:25 AM) (Source: Application Error)(User: )
Description: senddoc.exe0.0.0.053d74da0smapi.dll16.4.3528.331533a4011c00000050000886f367c01d098f75420ea38C:\Program Files (x86)\OpenOffice 4\program\senddoc.exeC:\Program Files (x86)\Windows Live\Mail\smapi.dll93392a31-04ea-11e5-828e-9cad97cead9c
 
Error: (05/26/2015 03:53:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Users\Nicholas\AppData\Local\Temp\oct18EF.tmp.exe
 
Error: (05/26/2015 03:53:25 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Users\Nicholas\AppData\Local\Temp\oct150E.tmp.exe
 
Error: (05/26/2015 03:53:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_a9f497a901334c74.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17784_none_624760d1ecb7236e.manifestC:\Users\Nicholas\AppData\Local\Temp\octB17C.tmp.exe
 
Error: (05/20/2015 11:33:04 AM) (Source: Application Hang)(User: )
Description: LiveComm.exe17.5.9600.20856dd401d092acf71acb904294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exeeaa85b19-fea0-11e4-828a-9cad97cead9cmicrosoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
 
Error: (05/19/2015 04:13:02 PM) (Source: Application Error)(User: )
Description: wlmail.exe16.4.3528.331533a3fceMSMAIL.DLL16.4.3528.331533a408ac0000005000c4921
 
Error: (05/18/2015 03:47:54 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.3.9600.174151a8c01d0913e31233afd4294967295C:\Windows\syswow64\wwahost.exe294d2293-fd32-11e4-828a-9cad97cead9cMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp
 
Error: (05/18/2015 01:59:41 PM) (Source: Microsoft-Windows-LocationProvider)(User: NT AUTHORITY)
Description: -2147024883
 
Error: (05/12/2015 07:13:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13546
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-05-27 13:49:21.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-20 12:48:37.295
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-18 14:52:56.479
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-15 11:54:53.457
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-05-08 11:30:42.688
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-30 10:05:00.245
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-21 11:23:06.190
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-17 10:44:24.314
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-04-06 11:40:06.134
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2015-03-23 09:49:08.725
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
4 Elements II (HKLM-x32\...\WTA-642a7463-a735-4b21-9ba9-3f3c7151fb63) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-5507307e-90f4-40d0-b766-e406fc362c69) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-6f961e69-331f-4bad-b1a5-7dc305f86b46) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.223.215.5 - Broadcom Corporation)
Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.0.9130 - Broadcom Corporation)
Build-a-lot (HKLM-x32\...\WTA-5bfda4e8-d5b5-4fc7-b448-901023438439) (Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-671d1192-ddda-44b1-bef7-4e4e5de7e81d) (Version: 3.0.2.48 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)
Curse at Twilight (HKLM-x32\...\WTA-1b518900-4905-4f84-a7d3-0dbac5cd1eaf) (Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3604 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious - Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-e7c24e83-1e3d-4f25-b52b-7e9694f29829) (Version: 3.0.2.48 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dota 2 Workshop Tools Alpha (HKLM-x32\...\Steam App 316570) (Version:  - )
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy (HKLM-x32\...\WTA-afb49352-5614-4df4-b06c-7b690d818d13) (Version: 2.2.0.98 - WildTangent) Hidden
FileZilla Client 3.10.2 (HKLM-x32\...\FileZilla Client) (Version: 3.10.2 - Tim Kosse)
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-70a54507-7219-4690-9ef8-a7ce51f6cced) (Version: 3.0.2.38 - WildTangent) Hidden
Football Manager 2015 (HKLM-x32\...\Steam App 295270) (Version:  - Sports Interactive)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-aa48ce38-6e46-45f8-966f-49c00638c25b) (Version: 2.2.0.110 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{36F80C5F-DC0D-4DF4-AF09-DC1867F0EB0A}) (Version: 2.4.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-136c02b4-a8d6-473b-8e0f-7a7e34033265) (Version: 2.2.0.98 - WildTangent) Hidden
Joining Hands 2 (HKLM-x32\...\WTA-ac1baaa4-8884-4a9a-b76f-e9f3c3031a9c) (Version: 3.0.2.51 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (HKLM-x32\...\WTA-48983c6b-55bd-4f69-b596-00656e606e75) (Version: 2.2.0.97 - WildTangent) Hidden
Lost in Reefs 2 (HKLM-x32\...\WTA-c65cca90-8f42-401d-9b9b-d2d3a0d340c8) (Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-29049567-ed08-48a2-b560-7fdb14c6f0a7) (Version: 2.2.0.98 - WildTangent) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.5860.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.60 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Peggle Nights (HKLM-x32\...\WTA-ffc67786-c14b-444d-b63f-cd59f2273f73) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-d245391d-db5c-4e25-9f6c-956d6549a3f8) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-b9848e96-bd51-44da-a64d-ab9af5706140) (Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-a0df0a9f-be61-408f-bd27-e317eecc0269) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.40 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7231 - Realtek Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-d5946122-6405-4a1a-93f3-5afcb5617236) (Version: 2.2.0.98 - WildTangent) Hidden
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Solitaire Mystery Four Seasons (HKLM-x32\...\WTA-d58391ce-52bb-438f-8adb-04fb0b2872bd) (Version: 3.0.2.51 - WildTangent) Hidden
Sparkle 2 (HKLM-x32\...\WTA-a49cbef6-96ed-4b7d-ad1a-9a43fbbf8e18) (Version: 3.0.2.51 - WildTangent) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.5.2 - Synaptics Incorporated)
Trinklit Supreme (HKLM-x32\...\WTA-631ae7ba-8e27-4a9d-ab3c-be836b35bd4f) (Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-71e433d2-e89f-473c-8dba-963f2f692cc5) (Version: 3.0.2.32 - WildTangent) Hidden
Viking Saga (HKLM-x32\...\WTA-77ade424-6316-4d39-9775-81e1391e2ade) (Version: 3.0.2.48 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Youda Jewel Shop (HKLM-x32\...\WTA-269520a1-c8a2-4f50-8944-828b16dc6cc4) (Version: 3.0.2.51 - WildTangent) Hidden
 
========================= Devices: ================================
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_0BDA&PID_5775\200901010001
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Realtek PCIe FE Family Controller
Description: Realtek PCIe FE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8168
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_2281103C&REV_08\4&62D6DC3&0&00E3
 
Name: Microsoft ACPI-Compliant Embedded Controller
Description: Microsoft ACPI-Compliant Embedded Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C09\1
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1
 
Name: HGST HTS541010A9E680
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_HGST&PROD_HTS541010A9E6800\4&3ABF2405&0&000000
 
Name: NICHOLAS-PC: Nicholas:
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\DAFUPNPPROVIDER\UUID:7342CDF5-466B-4179-9126-DE62CFA96B44
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid
Device ID: HID\VID_04F2&PID_1032\7&36B8A6ED&0&0000
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: SWD\MSRRAS\MS_PPPOEMINIPORT
 
Name: HP ePrint
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: HP
Service: 
Device ID: SWD\PRINTENUM\{FFE4FACA-C3B0-4013-9DA7-17E7761AAE8F}
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: Intel® 8 Series PCI Express Root Port #3 - 9C14
Description: Intel® 8 Series PCI Express Root Port #3 - 9C14
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C14&SUBSYS_2281103C&REV_E4\3&11583659&1&E2
 
Name: Microsoft IPv4 IPv6 Transition Adapter Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\IP_TUNNEL_VBUS\IP_TUNNEL_DEVICE_ROOT
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\TZ01
 
Name: Intel® 8 Series LPC Controller (Premium SKU) - 9C43
Description: Intel® 8 Series LPC Controller (Premium SKU) - 9C43
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_9C43&SUBSYS_2281103C&REV_04\3&11583659&1&F8
 
Name: Microsoft RRAS Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSRRAS\{5E259276-BC7E-40E3-B93B-8F89B5F3ABC0}
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\0
 
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: SWD\MSRRAS\MS_PPTPMINIPORT
 
Name: Broadcom 43142 Bluetooth 4.0 Adapter
Description: Broadcom 43142 Bluetooth 4.0 Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Device ID: USB\VID_0A5C&PID_216C\9CAD97CEAD9C
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: SWD\MSRRAS\MS_AGILEVPNMINIPORT
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: Intel® 8 Series USB Enhanced Host Controller #1 - 9C26
Description: Intel® 8 Series USB Enhanced Host Controller #1 - 9C26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_9C26&SUBSYS_2281103C&REV_04\3&11583659&1&E8
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\ISATAP_1
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\2&DABA3FF&3
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: HP Mobile Data Protection Sensor
Description: HP Mobile Data Protection Sensor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service: Accelerometer
Device ID: ACPI\HPQ6007\3&11583659&1
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{D943D8D8-F7EB-4400-8EEE-A8CFF8C894B5}
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT2
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT3
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT4
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&33F20E3B&0
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\SDC4951\4&727993B&0&UID68092928
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{00044FCD-1D10-11E4-8259-806E6F6E6963}#000000E390300000
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0D\2&DABA3FF&3
 
Name: THOMAS: Thomas Tan:
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft Corporation
Service: 
Device ID: SWD\DAFUPNPPROVIDER\UUID:94E1F0FF-F248-4240-92A6-9E41FEE46835
 
Name: Microsoft Bluetooth LE Enumerator
Description: Microsoft Bluetooth LE Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthLEEnum
Device ID: BTH\MS_BTHLE\7&297DB6E7&0&0
 
Name: Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
Description: Broadcom BCM43142 802.11 bgn Wi-Fi Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Broadcom
Service: BCM43XX
Device ID: PCI\VEN_14E4&DEV_4365&SUBSYS_2230103C&REV_01\4&969F29D&0&00E2
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&33F20E3B&0
 
Name: Synaptics SMBus TouchPad
Description: Synaptics SMBus TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\SYN1EC0\4&33F20E3B&0
 
Name: Intel® HD Graphics Family
Description: Intel® HD Graphics Family
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0A16&SUBSYS_2281103C&REV_0B\3&11583659&1&10
 
Name: Intel® 8 Series PCI Express Root Port #4 - 9C16
Description: Intel® 8 Series PCI Express Root Port #4 - 9C16
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C16&SUBSYS_2281103C&REV_E4\3&11583659&1&E3
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{00044FCD-1D10-11E4-8259-806E6F6E6963}#0000000000100000
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Speaker/HP (Realtek High Definition Audio)
Description: Speaker/HP (Realtek High Definition Audio)
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{BD2259E2-728A-428B-81D0-8D5484BC276C}
 
Name: HP Truevision HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_0BDA&PID_5775&MI_00\7&6CE6CE6&0&0000
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\HPQ6001\4&3E5393D&0&0000
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&2AA3A9E1&0&01
 
Name: NVIDIA GeForce 840M       
Description: NVIDIA GeForce 840M       
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm
Device ID: PCI\VEN_10DE&DEV_1341&SUBSYS_2281103C&REV_A2\4&376AD3C8&0&00E4
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_9C20&SUBSYS_2281103C&REV_04\3&11583659&1&D8
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&33F20E3B&0
 
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANBH
 
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIP
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&2A66A3FB&0
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: RICOH Aficio MP C3002 PCL 6
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Ricoh
Service: 
Device ID: SWD\PRINTENUM\{61825999-9E16-4F0F-ABD1-8330937EED7F}
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\HPQ8001\4&33F20E3B&0
 
Name: Intel® Core™ i7-4510U CPU @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I7-4510U_CPU_@_2.00GHZ\_1
 
Name: Intel® Core™ i7-4510U CPU @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I7-4510U_CPU_@_2.00GHZ\_2
 
Name: Intel® Core™ i7-4510U CPU @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I7-4510U_CPU_@_2.00GHZ\_3
 
Name: Intel® Core™ i7-4510U CPU @ 2.00GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_69_-_INTEL®_CORE™_I7-4510U_CPU_@_2.00GHZ\_4
 
Name: Intel® USB 3.0 eXtensible Host Controller - 0100 (Microsoft)
Description: USB xHCI Compliant Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Generic USB xHCI Host Controller
Service: USBXHCI
Device ID: PCI\VEN_8086&DEV_9C31&SUBSYS_2281103C&REV_04\3&11583659&1&A0
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0290&SUBSYS_103C2281&REV_1000\4&33D95124&0&0001
 
Name: Intel® 8 Series Chipset Family SATA AHCI Controller
Description: Intel® 8 Series Chipset Family SATA AHCI Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: iaStorA
Device ID: PCI\VEN_8086&DEV_9C03&SUBSYS_2281103C&REV_04\3&11583659&1&FA
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\2&DABA3FF&3
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Device ID: HTREE\ROOT\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{9D7DBACD-D102-4149-B2DB-FFEC94371EAB}
 
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: SWD\MSRRAS\MS_SSTPMINIPORT
 
Name: USB Root Hub (xHCI)
Description: USB Root Hub (xHCI)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB HUBs)
Service: USBHUB3
Device ID: USB\ROOT_HUB30\4&D2BD188&0&0
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_9C3A&SUBSYS_2281103C&REV_04\3&11583659&1&B0
 
Name: HP Wireless Button Driver
Description: HP Wireless Button Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Hewlett-Packard
Service: WirelessButtonDriver
Device ID: ACPI\HPQ6001\3&11583659&1
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&3
 
Name: Intel® 8 Series PCI Express Root Port #1 - 9C10
Description: Intel® 8 Series PCI Express Root Port #1 - 9C10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C10&SUBSYS_2281103C&REV_E4\3&11583659&1&E0
 
Name: Stereo Mix (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{25020F4E-CA26-437C-A38C-9F7838749AEE}
 
Name: ACPI Wake Alarm
Description: ACPI Wake Alarm
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: acpitime
Device ID: ACPI\ACPI000E\2&DABA3FF&3
 
Name: Intel® 8 Series PCI Express Root Port #5 - 9C18
Description: Intel® 8 Series PCI Express Root Port #5 - 9C18
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C18&SUBSYS_2281103C&REV_E4\3&11583659&1&E4
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\MXM2
 
Name: Microsoft Bluetooth Enumerator
Description: Microsoft Bluetooth Enumerator
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Microsoft
Service: BthEnum
Device ID: BTH\MS_BTHBRB\7&297DB6E7&0&1
 
Name: Intel® Smart Connect Technology Device
Description: Intel® Smart Connect Technology Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: ISCT
Device ID: ACPI\INT33A0\0
 
Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: PCI\VEN_8086&DEV_0A04&SUBSYS_2281103C&REV_0B\3&11583659&1&00
 
Name: USB Input Device
Description: USB Input Device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: HidUsb
Device ID: USB\VID_04F2&PID_1032\6&2AC36972&0&2
 
Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvvad_WaveExtensible
Device ID: ROOT\UNNAMED_DEVICE\0000
 
Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_9C22&SUBSYS_2281103C&REV_04\3&11583659&1&FB
 
Name: RICOH Aficio MP C3002 PCL 6 - 2
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Ricoh
Service: 
Device ID: SWD\PRINTENUM\{2EAD41A1-16C2-4044-9620-73F1E10FA94D}
 
Name: Bluetooth Device (RFCOMM Protocol TDI)
Description: Bluetooth Device (RFCOMM Protocol TDI)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RFCOMM
Device ID: BTH\MS_RFCOMM\7&297DB6E7&0&0
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_8000\5&38BB16E7&0&1
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Device ID: BTH\MS_BTHPAN\7&297DB6E7&0&2
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{58C88F07-4CE5-48A1-9D8D-44BDA17AC8F4}
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{00044FCD-1D10-11E4-8259-806E6F6E6963}#0000000040F00000
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
 
Name: hp DVDRW  SU208FB
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_HP&PROD_DVDRW__SU208FB\4&3ABF2405&0&010000
 
Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&33F20E3B&0
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{00044FCD-1D10-11E4-8259-806E6F6E6963}#0000000038F00000
 
Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap
Device ID: STORAGE\VOLUME\{00044FCD-1D10-11E4-8259-806E6F6E6963}#0000000028B00000
 
Name: Intel® 8 Series PCI Express Root Port #2 - 9C12
Description: Intel® 8 Series PCI Express Root Port #2 - 9C12
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_9C12&SUBSYS_2281103C&REV_E4\3&11583659&1&E1
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT340E\2&DABA3FF&3
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&33F20E3B&0
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Device ID: ROOT\SYSTEM\0001
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIPV6
 
Name: CyberLink WebCam Virtual Driver
Description: CyberLink WebCam Virtual Driver
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: CyberLink
Service: clwvd
Device ID: ROOT\MEDIA\0000
 
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: SWD\MSRRAS\MS_L2TPMINIPORT
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 34%
Total physical RAM: 8122.15 MB
Available physical RAM: 5335.08 MB
Total Pagefile: 9402.15 MB
Available Pagefile: 6312.12 MB
Total Virtual: 4095.88 MB
Available Virtual: 3970.42 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:909.24 GB) (Free:810.93 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:21.25 GB) (Free:2.17 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\SENDMYSTUFFS
 
Administrator            Guest                    Nicholas                 
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
05-05-2015 02:03:35 Windows Update
13-05-2015 03:02:45 Windows Update
18-05-2015 06:10:07 Removed Java 8 Update 45 (64-bit)
26-05-2015 03:58:08 Scheduled Checkpoint
 
**** End of log ****


#5 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 28 May 2015 - 09:17 PM

# AdwCleaner v4.205 - Logfile created 29/05/2015 at 10:16:00
# Updated 21/05/2015 by Xplode
# Database : 2015-05-25.3 [Server]
# Operating system : Windows 8.1  (x64)
# Username : Nicholas - SENDMYSTUFFS
# Running from : C:\Users\Nicholas\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Google Chrome v39.0.2171.95
 
 
-\\ Comodo Dragon v
 
 
-\\ Chrome Canary v
 
 
*************************
 
AdwCleaner[R0].txt - [13070 bytes] - [05/05/2015 18:33:59]
AdwCleaner[R1].txt - [706 bytes] - [29/05/2015 10:16:00]
AdwCleaner[S0].txt - [8617 bytes] - [05/05/2015 18:34:57]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [823 bytes] ##########


#6 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:28 PM

Posted 29 May 2015 - 02:55 AM

Hi there,

Do you play WildTangent games?

Since AdwCleaner has apparently been used in the past and did not find anything... let's try something else.

Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
===

Emsisoft Emergency Kit

Please download Emsisoft Emergency Kit and save it to your desktop. Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop. Leave all settings as they are and click the Extract button at the bottom. A folder named EEK will be created in the root of the drive (usually c:\).
  • After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.
  • The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates. Please click Yes so that it downloads the latest database updates.
  • When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.
  • Click on Scan to be taken to the scan options. If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.
  • Click on the Full Scan button to start the scan.
  • When the scan is completed click the Quarantine selected objects button. Note, this option is only available if malicious objects were detected during the scan.
  • When the threats have been quarantined, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.
  • Please save the log in Notepad on your desktop, and attach it to your next reply.
  • When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.
===

Security Check by screen317
  • Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
A Notepad document should open automatically called checkup.txt. Please copy and paste the contents of the log in your next reply.

Regards,
Alex

#7 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 29 May 2015 - 03:22 AM

I'm noticing quarantin items in adwcleaner, should i clear them? Are they the cause? 



#8 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 29 May 2015 - 03:28 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.3 (05.28.2015:2)
OS: Windows 8.1 x64
Ran by Nicholas on Fri 29/05/2015 at 16:24:45.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Chrome
 
 
[C:\Users\Nicholas\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\Nicholas\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\Nicholas\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\Nicholas\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 29/05/2015 at 16:26:32.98
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#9 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 29 May 2015 - 03:30 AM

 Results of screen317's Security Check version 1.002  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome 39.0.2171.71 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#10 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:28 PM

Posted 29 May 2015 - 03:48 AM

I'm noticing quarantin items in adwcleaner, should i clear them? Are they the cause?

Hi there,

Items in Quarantine are harmless, so they are not the culprit.

Please proceed with Emsisoft Emergency Kit. Thank you.

Alex

#11 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 02 June 2015 - 10:23 PM

Emsisoft Emergency Kit - Version 9.0
Last update: 29/5/2015 4:39:12 PM
User account: SENDMYSTUFFS\Nicholas
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 29/5/2015 4:40:06 PM
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.Bundle (A)
Key: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.Bundle (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.Bundle (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR detected: Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS detected: Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN detected: Setting.NoRun (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS detected: Setting.NoFolderOptions (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} detected: Application.AdFix (A)
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir detected: Adware.SearchProtect.W (
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir detected: Adware.Generic.1214222 (
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\update\update.exe.vir detected: Application.Elex.C (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\0E48329F-00000562.eml -> [From: Telstra Online <account@online.telstra][Date: Mon, 29 Dec 2014 10:16:41 +0800] -> (MIME part) -> -image-id_4099008.jpg.zip -> -image-id_6002771.jpg.exe detected: Trojan.GenericKD.2055836 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\140C78E8-000004DE.eml -> [Subject: Signature Invoice 44281][Date: Wed, 24 Dec 2014 12:03:38 +0200] -> (MIME part) -> Signature Invoice.doc detected: Exploit.JPEV (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\20497B0F-000004E0.eml -> [Subject: Signature Invoice 44281][Date: Wed, 24 Dec 2014 03:07:15 -0700] -> (MIME part) -> Signature Invoice.doc detected: Exploit.JPEV (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\24B93693-00000495.eml -> [Subject: Telstra MMS Service: Last photoshot][Date: Tue, 23 Dec 2014 09:43:57 +0700] -> (MIME part) -> Telstra-image-ID2707509.zip -> Telstra-image-ID0054011.jpeg.pif detected: Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\25B24AE7-00000487.eml -> [From: booking@qantas.com.au][Date: Tue, 23 Dec 2014 00:16:56 +0200] -> (MIME part) -> Advance Seat Selection_your e-ticket.zi -> Advance Seat Selection_your e-ticket.pdf.pif detected: Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml -> [Subject: 5FCL to Texas][Date: Mon, 08 Dec 2014 00:42:12 +0000] -> (MIME part) -> Company Profile.ppsx -> ppt/embeddings/oleObject6.bin detected: Exploit.CVE-2014-4114.Gen (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml -> [Subject: 5FCL to Texas][Date: Mon, 08 Dec 2014 00:42:12 +0000] -> (MIME part) -> Company Profile.ppsx -> ppt/slides/slide1.xml detected: Exploit.CVE-2014-6352.Gen (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml -> [Subject: 5FCL to Texas][Date: Mon, 08 Dec 2014 00:42:12 +0000] -> (MIME part) -> Official PO.doc -> (objdata) -> (Embedded DocFile g) detected: Exploit.CVE-2012-0158.Gen (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml -> [Subject: 5FCL to Texas][Date: Mon, 08 Dec 2014 00:42:12 +0000] -> (MIME part) -> Official PO.doc -> (objdata) -> () detected: Exploit.CVE-2012-0158.Gen (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml -> [Subject: 5FCL to Texas][Date: Mon, 08 Dec 2014 00:42:12 +0000] -> (MIME part) -> TT transfer - HSBC.7z -> TT transfer - HSBC.com detected: Trojan.GenericKD.2019476 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2D2F71F4-000004DF.eml -> [Subject: Signature Invoice 44281][Date: Wed, 24 Dec 2014 18:27:20 +0800] -> (MIME part) -> Signature Invoice.doc detected: W97M.Downloader.DS (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\313100B2-0000048C.eml -> [From: "Tracey Smith" <tracey.smith@aquaid.co][Date: Mon, 22 Dec 2014 09:07:10 -0300] -> (MIME part) -> CAR014 151239.doc detected: W97M.Downloader.DR (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\3BB80441-000004B5.eml -> [Subject: CHRISTMAS OFFERS.docx][Date: Tue, 23 Dec 2014 06:52:47 -0400] -> (MIME part) -> CHRISTMAS OFFERS.doc detected: W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\468D0515-0000048B.eml -> [Subject: your e-ticket][Date: Mon, 22 Dec 2014 22:02:02 +0100] -> (MIME part) -> Advance Seat Selection_your e-ticket.zi -> Advance Seat Selection_your e-ticket.pdf.pif detected: Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\47E759F6-0000048A.eml -> [Subject: The seat requests have been added][Date: Mon, 22 Dec 2014 22:02:21 +0100] -> (MIME part) -> Advance Seat Selection_your e-ticket.zi -> Advance Seat Selection_your e-ticket.pdf.pif detected: Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\51AD2236-000004DD.eml -> [Subject: Signature Invoice 44281][Date: Wed, 24 Dec 2014 12:26:50 +0200] -> (MIME part) -> Signature Invoice.doc detected: W97M.Downloader.DS (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\55EA1855-000004B6.eml -> [From: "Jayne" <Jayne@route2fitness.co.uk>][Date: Tue, 23 Dec 2014 13:55:38 +0300] -> (MIME part) -> CHRISTMAS OFFERS.doc detected: W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\56434087-00000486.eml -> [From: DTan@optusnet.com.au][Date: Mon, 22 Dec 2014 09:06:21 +0200] -> (MIME part) -> img-12-21-2014-10201_photo_jpg.zip -> img-12-21-2014-10201_photo_jpg.exe detected: Trojan.GenericKD.2044031 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\577C4D98-00000485.eml -> [From: Elyse@bigpond.net.au][Date: Mon, 22 Dec 2014 09:06:30 +0200] -> (MIME part) -> img-12-21-2014-10201_photo_jpg.zip -> img-12-21-2014-10201_photo_jpg.exe detected: Trojan.GenericKD.2044031 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\65891A5F-0000048D.eml -> [Subject: Card Receipt][Date: Mon, 22 Dec 2014 12:23:48 +0200] -> (MIME part) -> CAR014 151239.doc detected: W97M.Downloader.DR ( B)
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\663A3C69-00000488.eml -> [Subject: your itinerary][Date: Tue, 23 Dec 2014 01:02:11 +0300] -> (MIME part) -> Advance Seat Selection_your e-ticket.zi -> Advance Seat Selection_your e-ticket.pdf.pif detected: Trojan.GenericKD.2045373 ( B)
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\672D0978-0000054D.eml -> [Subject: Telstra MMS Service: id 2363851402][Date: Mon, 29 Dec 2014 11:12:14 +0900] -> (MIME part) -> -image-id_4993046.jpg.zip -> -image-id_6002771.jpg.exe detected: Trojan.GenericKD.2055836 ( B)
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\71F34110-0000054C.eml -> [Subject: Telstra MMS Service: id 4619843370][Date: Mon, 29 Dec 2014 03:26:10 +0100] -> (MIME part) -> -image-id_2780292.jpg.zip -> -image-id_6002771.jpg.exe detected: Trojan.GenericKD.2055836 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\7403719B-000004B7.eml -> [From: "Jayne" <Jayne@route2fitness.co.uk>][Date: Tue, 23 Dec 2014 12:16:08 +0300] -> (MIME part) -> CHRISTMAS OFFERS.doc detected: W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\7B6A3FC4-0000054B.eml -> [Subject: Telstra MMS Service: id 6593821954][Date: Mon, 29 Dec 2014 09:28:12 +0700] -> (MIME part) -> -image-id_2335197.jpg.zip -> -image-id_6002771.jpg.exe detected: Trojan.GenericKD.2055836 (
 
Scanned 322998
Found 38
 
Scan end: 29/5/2015 5:51:17 PM
Scan time: 1:11:11
 
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\7B6A3FC4-0000054B.eml Quarantined Trojan.GenericKD.2055836 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\7403719B-000004B7.eml Quarantined W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\71F34110-0000054C.eml Quarantined Trojan.GenericKD.2055836 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\672D0978-0000054D.eml Quarantined Trojan.GenericKD.2055836 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\663A3C69-00000488.eml Quarantined Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\65891A5F-0000048D.eml Quarantined W97M.Downloader.DR (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\577C4D98-00000485.eml Quarantined Trojan.GenericKD.2044031 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\56434087-00000486.eml Quarantined Trojan.GenericKD.2044031 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\55EA1855-000004B6.eml Quarantined W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\51AD2236-000004DD.eml Quarantined W97M.Downloader.DS (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\47E759F6-0000048A.eml Quarantined Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\468D0515-0000048B.eml Quarantined Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\3BB80441-000004B5.eml Quarantined W97M.Downloader.DU (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\313100B2-0000048C.eml Quarantined W97M.Downloader.DR (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2D2F71F4-000004DF.eml Quarantined W97M.Downloader.DS (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\2AD62FE0-0000060C.eml Quarantined Trojan.GenericKD.2019476 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\25B24AE7-00000487.eml Quarantined Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\24B93693-00000495.eml Quarantined Trojan.GenericKD.2045373 (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\20497B0F-000004E0.eml Quarantined Exploit.JPEV (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\140C78E8-000004DE.eml Quarantined Exploit.JPEV (
C:\Users\Nicholas\AppData\Local\Microsoft\Windows Live Mail\SENDMYSTUFF a5b\Deleted Items\0E48329F-00000562.eml Quarantined Trojan.GenericKD.2055836 (
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\update\update.exe.vir Quarantined Application.Elex.C (
C:\AdwCleaner\Quarantine\C\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe.vir Quarantined Adware.Generic.1214222 (
C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ProtectService.exe.vir Quarantined Adware.SearchProtect.W (
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.AdFix (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NOFOLDEROPTIONS Quarantined Setting.NoFolderOptions (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER -> NORUN Quarantined Setting.NoRun (A)
Value: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantined Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Quarantined Setting.DisableTaskMgr (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.Bundle (A)
Key: HKEY_USERS\S-1-5-21-3346746062-4057785768-519831226-1001\SOFTWARE\APPDATALOW\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Quarantined Application.Bundle (A)
 
Quarantined 33
 
--------------------------
 
Emsisoft Emergency Kit - Version 9.0
Last update: 2/6/2015 6:43:51 PM
User account: SENDMYSTUFFS\Nicholas
 
Scan settings:
 
Scan type: Full Scan
Objects: Rootkits, Memory, Traces, C:\, D:\
 
Detect PUPs: On
Scan archives: On
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off
 
Scan start: 2/6/2015 6:44:30 PM
C:\Users\Nicholas\AppData\Local\Temp\18be6784_.exe detected: Gen:Variant.Adware.Mplug.26 (
C:\Users\Nicholas\AppData\Local\Temp\294823_.exe detected: Gen:Variant.Adware.MPlug.12 (
C:\Users\Nicholas\AppData\Local\Temp\gl_tmp\WinTools.exe detected: Adware.Generic.1214222 (
 
Scanned 643948
Found 3
 
Scan end: 2/6/2015 9:06:23 PM
Scan time: 2:21:53
 
C:\Users\Nicholas\AppData\Local\Temp\gl_tmp\WinTools.exe Quarantined Adware.Generic.1214222 (
C:\Users\Nicholas\AppData\Local\Temp\294823_.exe Quarantined Gen:Variant.Adware.MPlug.12 (
C:\Users\Nicholas\AppData\Local\Temp\18be6784_.exe Quarantined Gen:Variant.Adware.Mplug.26 (
 
Quarantined 3
 
 

 



#12 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:28 PM

Posted 03 June 2015 - 01:29 AM

Hi there,

Reset Chrome using instructions here.

How is the computer doing?

Regards,
Alex

#13 nicholasongsl

nicholasongsl
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:01:28 AM

Posted 04 June 2015 - 09:26 PM

No alex, sadly it doesnt work



#14 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:06:28 PM

Posted 05 June 2015 - 01:36 AM

Hi there,

Download OldTimer's Temp File Cleaner and use it to clean out temporary files. After that please run this.

Malwarebytes Anti-Malware

Download Malwarebytes Anti-Malware from here.

Double click on the file mbam-setup-2.x.x.xxxx.exe to install the application. (x.x.xxxx is the version)
  • Follow the prompt. At the end place a checkmark in Launch Malwarebytes Anti-Malware, then choose Finish.
  • When MBAM opens it will says Your database is out of date. Choose Fix Now.
  • Click on the Scan tab at the top of the window, choose Threat Scan, then Scan Now.
  • If you receive a message that updates are available, choose Update Now button (the scan will start after updates are completed).
  • Please be patient as the scan will take some time.
  • If MBAM detected threats, choose Quarantine for all items, then click Apply Actions.
  • While still on the Scan tab, choose View detailed log. In the window that opens, click the Export button, choose Text file (*.txt) and save the log to your Desktop.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.


===

ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
After that reset your router using instructions here.

Regards,
Alex




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users