Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adware.Trace HELP ME


  • Please log in to reply
15 replies to this topic

#1 ImMRB

ImMRB

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 08 November 2015 - 02:38 AM

hi i was on google chrome on 11-8-2015 and i noticed that my internet was EXTREMLY SLOW (i could not open anything but it let me call my friend on skype for some reason) so i ran a scan on malwarebytes anti-malware and it told me i have Adware.Trace but it says the location is C:\END so i was talking to my friend and he said it slows internet but we dont know how to remove it thats why i am here. can anyone help me i am afraid to remove this with a program. thanks -matt



BC AdBot (Login to Remove)

 


#2 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 08 November 2015 - 02:54 AM

Hello and welcome to BC,

 

I will post you instructions for some removal tools. This should help you. 

 

Please download Rkill to your Desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe
http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

§  Double-click on the Rkill desktop icon to run the tool.

§  If using Windows Vista, 7, 8 or 10 right-click on it and choose Run As Administrator.

§  black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.

§  If not, delete the file, then download and use the one provided in Link 2.

§  Do not reboot until instructed.

§  If the tool does not run from any of the links provided, please let me know.

If normal mode still doesn't work, run the tool from Safe Mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

---------

 

Please download AdwCleaner by Xplode onto your desktop.

§  Close all open programs and internet browsers.

§  Double click on adwcleaner.exe to run the tool.

§  In EULA window click I agree.

§  In Options uncheck Reset Winsock settings.

§  Click on Scan button.

§  When the scan has finished click on Cleaning button.

§  Your computer will be rebooted automatically. A text file will open after the restart.

§  Please post the contents of that logfile with your next reply.

§  You can find the logfile at C:\AdwCleaner[C1].txt as well.

------

 

Please download Junkware Removal Tool  to your desktop.

§  Shut down your protection software now to avoid potential conflicts.

§  Run the tool by double-clicking it. If you are using Windows Vista, 7, 8 or 10; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

§  The tool will open and start scanning your system.

§  Please be patient as this can take a while to complete depending on your system's specifications.

§  On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

§  Post the contents of JRT.txt into your next message.

----------


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#3 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 08 November 2015 - 01:05 PM

 


Edited by ImMRB, 08 November 2015 - 02:25 PM.


#4 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 08 November 2015 - 01:07 PM

here is the rkill log 77cc4031174b92ca41754784c8529ff9.png



#5 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 08 November 2015 - 03:44 PM

Please post other logs. 


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#6 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 08 November 2015 - 04:50 PM

# AdwCleaner v5.019 - Logfile created 08/11/2015 at 15:04:05
# Updated 08/11/2015 by Xplode
# Database : 2015-11-08.2 [Local]
# Operating system : Windows 8.1  (x64)
# Username : matt - MATTSPC
# Running from : C:\Users\matt\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[-] Service Deleted : QMUdisk
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\Software Updater
[-] Folder Deleted : C:\Program Files (x86)\tencent
[-] Folder Deleted : C:\Program Files (x86)\Common Files\tencent
[-] Folder Deleted : C:\Program Files\Common Files\tencent
[-] Folder Deleted : C:\ProgramData\EmailNotifier
[-] Folder Deleted : C:\ProgramData\tencent
[-] Folder Deleted : C:\Users\matt\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\matt\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd
[-] Folder Deleted : C:\Users\matt\AppData\LocalLow\AVG SafeGuard toolbar
[-] Folder Deleted : C:\Users\matt\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\matt\AppData\Roaming\SuperEasy Software
[-] Folder Deleted : C:\Users\matt\AppData\Roaming\tencent
[-] Folder Deleted : C:\Users\matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tencent
[-] Folder Deleted : C:\Users\matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
[-] Folder Deleted : C:\Users\matt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????
[-] Folder Deleted : C:\Users\matt\Documents\Updater
[-] Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent
 
***** [ Files ] *****
 
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\matt\daemonprocess.txt
[-] File Deleted : C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\le9rs78y.default\invalidprefs.js
[-] File Deleted : C:\WINDOWS\Reimage.ini
[-] File Deleted : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : SuperEasyDriverUpdater_UPDATES
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@qq.com/TXSSO
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key Deleted : HKLM\SOFTWARE\CLASSES\METNSD
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP
[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP
[-] Key Deleted : HKLM\SOFTWARE\34e0e42e-d9ec-4614-8a6f-321bf824ce56
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B3732AA-F6D4-4F16-9E22-49EDC52C9514}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\Reimage
[-] Key Deleted : HKCU\Software\SuperEasy Software
[-] Key Deleted : HKLM\SOFTWARE\Email Notifier
[-] Key Deleted : HKLM\SOFTWARE\SuperEasy Software
[-] Key Deleted : [x64] HKLM\SOFTWARE\Reimage
[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\Crossrider
 
***** [ Web browsers ] *****
 
[-] [C:\Users\matt\AppData\Roaming\Mozilla\Firefox\Profiles\le9rs78y.default\prefs.js] [Preference] Deleted : user_pref("extensions.ae38c01fbffb24c7eb4c71f47c844d855gmailcom62170.62170.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[-] [C:\Users\matt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\matt\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\matt\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : poohjpljfecljomfhhimjhddddlidhdd
 
*************************
 
:: "Tracing" keys removed
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6079 bytes] ##########
 
 
 
 
 
 
 
 
 
 
 
 
 
 
that is the adw cleaner log 


#7 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 09 November 2015 - 02:52 AM

As you can see AdwCleaner removed C:\END so it was bad.

 

Now run JRT and post log. And tell me the status.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#8 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 09 November 2015 - 08:11 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 8.1 x64
Ran by matt on Sun 11/08/2015 at 16:53:02.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_1B01EAED208ABC9C7AD3F0A0DAFA55C0
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550655215570}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666216670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440644214470}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550655215570}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666216670}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644214470}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550655215570}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666216670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440644214470}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550655215570}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666216670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440644214470}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Users\matt\AppData\Roaming\speedrunnerslog.txt
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\Users\matt\Appdata\Local\crashrpt
 
 
 
~~~ Chrome
 
 
[C:\Users\matt\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\matt\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\matt\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\matt\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/08/2015 at 16:57:18.62
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#9 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 10 November 2015 - 03:29 AM

Do you still have problems?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#10 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 10 November 2015 - 04:09 PM

yes i am my internet is being slow and randomly my pc will be slow which never happened before 



#11 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 10 November 2015 - 05:17 PM

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

§  Flush DNS

§  Report IE Proxy Settings

§  Reset IE Proxy Settings

§  Report FF Proxy Settings

§  Reset FF Proxy Settings

§  List content of Hosts

§  List IP configuration

§  List Winsock Entries

§  List last 10 Event Viewer log

§  List Installed Programs

Click Go and post the result (MTB.txt). A copy of MTB.txt will be saved in the same directory the tool is run.

-------

 

Run MBAM again:

 

§  On the Dashboard, click the 'Update Now >>' link.

§  After the update completes, on Settings tab, set under Detection and Protection next options: 

1. 'Scan for rootkits'

2. Non-Malware Protection, for 'PUP detections', check, 'Threat detections as malware' option.

§  Return to Dashboard, click the Scan Now >> button.

§  A Threat Scan will begin.

§  When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.

§  In most cases, a restart will be required.

§  Wait for the prompt to restart the computer to appear, than click on Yes.

§  After the restart once you are back at your desktop, open MBAM once more.

§  Click on the History tab > Application Logs.

§  Double click on the Scan Log which shows the Date and time of the scan just performed.

§  Click 'Export'.

§  Click 'Copy to Clipboard'

§  Paste the contents of the clipboard into your reply.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#12 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 10 November 2015 - 05:26 PM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by matt (administrator) on 10-11-2015 at 17:25:10
Running from "C:\Users\matt\Desktop"
Microsoft Windows 8.1  (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
LogMeIn Hamachi Virtual Ethernet Adapter = Ethernet 3 (Connected)
Realtek PCIe GBE Family Controller = Ethernet 2 (Connected)
XCETAP0 Adapter = Pogoplug (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Ethernet 3" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled metric=9000 nud=enabled ignoredefaultroutes=disabled
set subinterface interface= subinterface=ethernet_8 mtu=1438
add address name="Pogoplug" address=10.67.101.1 mask=255.255.255.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : MattsPC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : fios-router.home
 
Ethernet adapter Pogoplug:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : XCETAP0 Adapter
   Physical Address. . . . . . . . . : 00-FF-16-14-3A-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 2:
 
   Connection-specific DNS Suffix  . : fios-router.home
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller #2
   Physical Address. . . . . . . . . : 08-62-66-26-26-3A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9dd4:c627:5f9e:eef0%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.153(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, November 9, 2015 4:43:28 PM
   Lease Expires . . . . . . . . . . : Wednesday, November 11, 2015 3:39:33 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 386425446
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-22-9E-92-D4-3D-7E-E4-08-21
   DNS Servers . . . . . . . . . . . : 8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet 3:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : LogMeIn Hamachi Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 7A-79-19-0E-69-62
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::190e:6962(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::12:7efb:5723:3838%20(Preferred) 
   IPv4 Address. . . . . . . . . . . : 25.14.105.98(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 10, 2015 3:39:42 PM
   Lease Expires . . . . . . . . . . : Wednesday, November 9, 2016 3:39:41 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 318918898
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-22-9E-92-D4-3D-7E-E4-08-21
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{26D64C73-47F2-4A11-A23F-3CACBF686389}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:c3f:3e26:9f03:b79c(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::c3f:3e26:9f03:b79c%17(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 369098752
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-22-9E-92-D4-3D-7E-E4-08-21
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.fios-router.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : fios-router.home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  8.8.8.8
 
Name:    google.com
Addresses:  2607:f8b0:4006:80e::200e
 74.125.226.35
 74.125.226.40
 74.125.226.39
 74.125.226.37
 74.125.226.38
 74.125.226.32
 74.125.226.36
 74.125.226.33
 74.125.226.34
 74.125.226.41
 74.125.226.46
 
 
Pinging google.com [74.125.226.35] with 32 bytes of data:
Request timed out.
Reply from 74.125.226.35: bytes=32 time=17ms TTL=57
 
Ping statistics for 74.125.226.35:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 17ms, Average = 17ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 98.138.253.109
 98.139.183.24
 206.190.36.45
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Request timed out.
Reply from 98.138.253.109: bytes=32 time=49ms TTL=53
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 49ms, Maximum = 49ms, Average = 49ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
Reply from 127.0.0.1: bytes=32 time=2ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 2ms, Maximum = 2ms, Average = 2ms
===========================================================================
Interface List
 21...00 ff 16 14 3a e0 ......XCETAP0 Adapter
 15...08 62 66 26 26 3a ......Realtek PCIe GBE Family Controller #2
 20...7a 79 19 0e 69 62 ......LogMeIn Hamachi Virtual Ethernet Adapter
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.153     10
          0.0.0.0          0.0.0.0         25.0.0.1     25.14.105.98   9256
         25.0.0.0        255.0.0.0         On-link      25.14.105.98   9256
     25.14.105.98  255.255.255.255         On-link      25.14.105.98   9256
   25.255.255.255  255.255.255.255         On-link      25.14.105.98   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.153    266
    192.168.1.153  255.255.255.255         On-link     192.168.1.153    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.153    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.153    266
        224.0.0.0        240.0.0.0         On-link      25.14.105.98   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.153    266
  255.255.255.255  255.255.255.255         On-link      25.14.105.98   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20   9005 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 17    306 2001::/32                On-link
 17    306 2001:0:9d38:6abd:c3f:3e26:9f03:b79c/128
                                    On-link
 20    261 2620:9b::/64             On-link
 20    261 2620:9b::/96             On-link
 20    261 2620:9b::190e:6962/128   On-link
 15    266 fe80::/64                On-link
 20    261 fe80::/64                On-link
 17    306 fe80::/64                On-link
 20    261 fe80::12:7efb:5723:3838/128
                                    On-link
 17    306 fe80::c3f:3e26:9f03:b79c/128
                                    On-link
 15    266 fe80::9dd4:c627:5f9e:eef0/128
                                    On-link
  1    306 ff00::/8                 On-link
 15    266 ff00::/8                 On-link
 17    306 ff00::/8                 On-link
 20    261 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0   9000 ::/0                     2620:9b::1900:1
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/10/2015 04:13:24 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 3.8.23.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 12d0
 
Start Time: 01d11bf83b2d91aa
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Steam\Steam.exe
 
Report Id: deb6d6a9-87ef-11e5-8491-08626626263a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/10/2015 03:51:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
 
Error: (11/10/2015 03:41:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: Creative Cloud.exe, version: 3.3.0.151, time stamp: 0x55fab2fa
Faulting module name: ContainerUI.dll, version: 3.3.0.151, time stamp: 0x55fab383
Exception code: 0xc0000005
Fault offset: 0x00016870
Faulting process id: 0x3984
Faulting application start time: 0xCreative Cloud.exe0
Faulting application path: Creative Cloud.exe1
Faulting module path: Creative Cloud.exe2
Report Id: Creative Cloud.exe3
Faulting package full name: Creative Cloud.exe4
Faulting package-relative application ID: Creative Cloud.exe5
 
Error: (11/10/2015 03:41:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: Avira.OE.Systray.exe, version: 1.1.25.25617, time stamp: 0x5447ad92
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x5c8
Faulting application start time: 0xAvira.OE.Systray.exe0
Faulting application path: Avira.OE.Systray.exe1
Faulting module path: Avira.OE.Systray.exe2
Report Id: Avira.OE.Systray.exe3
Faulting package full name: Avira.OE.Systray.exe4
Faulting package-relative application ID: Avira.OE.Systray.exe5
 
Error: (11/10/2015 03:41:10 PM) (Source: .NET Runtime) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Configuration.ConfigurationErrorsException
Stack:
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (11/09/2015 04:46:24 PM) (Source: Application Error) (User: )
Description: Faulting application name: Avira.OE.Systray.exe, version: 1.1.25.25617, time stamp: 0x5447ad92
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x16d8
Faulting application start time: 0xAvira.OE.Systray.exe0
Faulting application path: Avira.OE.Systray.exe1
Faulting module path: Avira.OE.Systray.exe2
Report Id: Avira.OE.Systray.exe3
Faulting package full name: Avira.OE.Systray.exe4
Faulting package-relative application ID: Avira.OE.Systray.exe5
 
Error: (11/09/2015 04:46:23 PM) (Source: .NET Runtime) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Configuration.ConfigurationErrorsException
Stack:
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (11/09/2015 04:45:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: Avira.OE.ServiceHost.exe, version: 1.1.25.25607, time stamp: 0x5447ad7e
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x16a4
Faulting application start time: 0xAvira.OE.ServiceHost.exe0
Faulting application path: Avira.OE.ServiceHost.exe1
Faulting module path: Avira.OE.ServiceHost.exe2
Report Id: Avira.OE.ServiceHost.exe3
Faulting package full name: Avira.OE.ServiceHost.exe4
Faulting package-relative application ID: Avira.OE.ServiceHost.exe5
 
Error: (11/09/2015 04:45:53 PM) (Source: .NET Runtime) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.TypeInitializationException
Stack:
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.get_Configuration()
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/09/2015 04:45:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: Avira.OE.ServiceHost.exe, version: 1.1.25.25607, time stamp: 0x5447ad7e
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eeb460
Exception code: 0xe0434352
Fault offset: 0x00012f71
Faulting process id: 0x152c
Faulting application start time: 0xAvira.OE.ServiceHost.exe0
Faulting application path: Avira.OE.ServiceHost.exe1
Faulting module path: Avira.OE.ServiceHost.exe2
Report Id: Avira.OE.ServiceHost.exe3
Faulting package full name: Avira.OE.ServiceHost.exe4
Faulting package-relative application ID: Avira.OE.ServiceHost.exe5
 
 
System errors:
=============
Error: (11/10/2015 02:25:01 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 5
 
Error: (11/09/2015 04:45:55 PM) (Source: Service Control Manager) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 3 time(s).
 
Error: (11/09/2015 04:45:43 PM) (Source: Service Control Manager) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/09/2015 04:45:31 PM) (Source: Service Control Manager) (User: )
Description: The Avira Service Host service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/09/2015 04:45:27 PM) (Source: Microsoft-Windows-GroupPolicy) (User: NT AUTHORITY)
Description: The processing of Group Policy failed. Windows could not apply the registry-based policy settings for the Group Policy object LocalGPO. Group Policy settings will not be resolved until this event is resolved. View the event details for more information on the file name and path that caused the failure.
 
Error: (11/09/2015 04:43:20 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 4:35:00 PM on ‎11/‎9/‎2015 was unexpected.
 
Error: (11/09/2015 12:53:37 AM) (Source: Microsoft-Windows-Kernel-Power) (User: )
Description: 5
 
Error: (11/08/2015 05:03:50 PM) (Source: Service Control Manager) (User: )
Description: The WRSVC service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (11/08/2015 04:54:16 PM) (Source: Service Control Manager) (User: )
Description: The HBAdmin service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/08/2015 04:54:13 PM) (Source: Service Control Manager) (User: )
Description: The TrueVector Internet Monitor service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (11/10/2015 04:13:24 PM) (Source: Application Hang)(User: )
Description: Steam.exe3.8.23.712d001d11bf83b2d91aa4294967295C:\Program Files (x86)\Steam\Steam.exedeb6d6a9-87ef-11e5-8491-08626626263a
 
Error: (11/10/2015 03:51:55 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestc:\program files (x86)\Adobe\adobe creative cloud\Utils\Creative Cloud Uninstaller.exe
 
Error: (11/10/2015 03:41:29 PM) (Source: Application Error)(User: )
Description: Creative Cloud.exe3.3.0.15155fab2faContainerUI.dll3.3.0.15155fab383c000000500016870398401d11bf818b51835C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeC:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\ContainerUI.dll6ae12c72-87eb-11e5-8491-08626626263a
 
Error: (11/10/2015 03:41:12 PM) (Source: Application Error)(User: )
Description: Avira.OE.Systray.exe1.1.25.256175447ad92KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f715c801d11bf81b82381aC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll6105a029-87eb-11e5-8491-08626626263a
 
Error: (11/10/2015 03:41:10 PM) (Source: .NET Runtime)(User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Configuration.ConfigurationErrorsException
Stack:
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (11/09/2015 04:46:24 PM) (Source: Application Error)(User: )
Description: Avira.OE.Systray.exe1.1.25.256175447ad92KERNELBASE.dll6.3.9600.1727853eeb460e043435200012f7116d801d11b3810533023C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll5252a8ae-872b-11e5-8491-08626626263a
 
Error: (11/09/2015 04:46:23 PM) (Source: .NET Runtime)(User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Configuration.ConfigurationErrorsException
Stack:
   at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(System.String, Boolean, Boolean, Boolean, Boolean, System.Object ByRef, System.Object ByRef)
   at System.Configuration.BaseConfigurationRecord.GetSection(System.String)
   at System.Configuration.ClientConfigurationSystem.System.Configuration.Internal.IInternalConfigSystem.GetSection(System.String)
   at System.Configuration.ConfigurationManager.get_AppSettings()
   at Avira.OE.WinCore.OeProductInfo.get_Culture()
   at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
   at Avira.OE.Systray.Program.Main(System.String[])
 
Error: (11/09/2015 04:45:54 PM) (Source: Application Error)(User: )
Description: Avira.OE.ServiceHost.exe1.1.25.256075447ad7eKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f7116a401d11b3801d4be11C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll402105c5-872b-11e5-8491-08626626263a
 
Error: (11/09/2015 04:45:53 PM) (Source: .NET Runtime)(User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.TypeInitializationException
Stack:
   at NLog.Common.InternalLogger.Debug(System.String, System.Object[])
   at NLog.LogFactory.get_Configuration()
   at NLog.LogFactory.GetLogger(LoggerCacheKey)
   at NLog.LogFactory.GetLogger(System.String)
   at NLog.LogManager.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetLogger(System.String)
   at Avira.OE.WinCore.Utility.LoggerFacade.GetCurrentClassLogger()
   at Avira.OE.WinCore.Lazy`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].get_Value()
   at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
   at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/09/2015 04:45:42 PM) (Source: Application Error)(User: )
Description: Avira.OE.ServiceHost.exe1.1.25.256075447ad7eKERNELBASE.dll6.3.9600.1727853eeb460e043435200012f71152c01d11b37fae24845C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\WINDOWS\SYSTEM32\KERNELBASE.dll390b42d7-872b-11e5-8491-08626626263a
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-10 17:18:42.951
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-10 17:18:42.873
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-10 13:21:33.139
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-10 13:21:33.061
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-08 11:11:31.799
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-08 11:11:31.679
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-07 10:09:09.635
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-07 10:09:09.573
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-05 11:20:21.796
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
 
  Date: 2014-07-05 11:20:21.734
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Settings Manager\systemk\sysapcrt.dll that did not meet the Windows signing level requirements.
 
 
=========================== Installed Programs ============================
 
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
A3Launcher version 0.0.1.3 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.1.3 - Maca134)
Adobe Audition CC 2015 (HKLM-x32\...\{839A3566-AED6-4787-A849-5CBE2B1DC6AE}) (Version: 8.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{529C5283-F484-94CA-8D10-3A69FD0776D3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG PC TuneUp 2014 (en-US) (HKLM-x32\...\{8CD86D42-C4DD-4E40-9211-164DFFBCA4DB}) (Version: 14.0.1001.423 - AVG) Hidden
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{D2763B4E-5BF4-468B-BB00-9B3B121E0FB2}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Combined Community Codec Pack 2014-07-13 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.07.13.0 - CCCP Project)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CubeExperimentalUninstaller (HKLM-x32\...\Cube Experimental_is1) (Version: 1.0.4 - SureAI)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DayZLauncher version 0.0.2.1 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.2.1 - Maca134)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version:  - Techland)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
DivX H.264 decoder 8.2.0.26 (HKLM-x32\...\divxh264_is1) (Version: 8.2.0.26 - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Draw a Stickman: EPIC (HKLM-x32\...\Steam App 248650) (Version:  - Hitcents)
Dxtory version 2.0.127 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.127 - ExKode Co. Ltd.)
Equalify Pro (HKLM-x32\...\{B5C7C69E-FD88-4F77-93BA-71CE5F0AC5CA}) (Version: 1.0.0.2269 - Equalify.me / Kenneth Leonardsen)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22490) (Version:  - Obsidian Entertainment)
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
Floating Point (HKLM-x32\...\Steam App 302380) (Version:  - Suspicious Developments)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Drive (HKLM-x32\...\{9C350701-AC04-48BA-A435-BD5E0D82897E}) (Version: 1.25.0523.2491 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.15 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Daybreak Games)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
join.me (HKCU\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version:  - JC2-MP Team)
K-Lite Codec Pack 5.5.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.5.0 - )
K-Lite Mega Codec Pack 5.4.4 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.4.4 - )
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Left 4 Dead 2 Beta (HKLM-x32\...\Steam App 223530) (Version:  - )
LogMeIn Hamachi (HKLM-x32\...\{38DAAEA7-903D-4FBF-A5D3-F7EB8F83782A}) (Version: 2.2.0.406 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.406 - LogMeIn, Inc.)
MainConcept MJPEG Codec (HKLM-x32\...\{805A7890-3138-44E4-8DAA-480C55516989}) (Version: 3.02.0004.0000 - MainConcept AG) Hidden
MainConcept MJPEG Codec (HKLM-x32\...\InstallShield_{805A7890-3138-44E4-8DAA-480C55516989}) (Version: 3.02.0004.0000 - MainConcept AG)
MainConcept MJPG software codec (Remove Only) (HKLM-x32\...\MCMJPG) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Miscreated (HKLM-x32\...\Steam App 299740) (Version:  - Entrada Interactive LLC)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - TaleWorlds Entertainment)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Studio 13.0 (HKLM-x32\...\{B299FFF0-7CA2-11E3-9D65-F04DA23A5C58}) (Version: 13.0.154 - Sony)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.55.3 - Black Tree Gaming)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.9001 - ooVoo LLC.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenEncodeVFW codec (Remove Only) (HKLM\...\OpenEncode) (Version:  - )
OpenEncodeVFW codec (Remove Only) (HKLM-x32\...\OpenEncode) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.76.1.0 - Overwolf Ltd.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Pogoplug PC (HKLM\...\PogoplugPC) (Version: 1.2.0.2 - Cloud Engines Inc.)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.3.25.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.23944 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version:  - Code}{atch)
Remote Mouse version 2.70 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.70 - Remote Mouse)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version:  - Obsidian Entertainment)
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKCU\...\Spotify) (Version: 1.0.16.104.g3b776c9e - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
System Requirements Lab (HKLM-x32\...\{8DCAB1D8-F20C-4733-9B5F-646DDFEB59C9}) (Version: 6.1.1.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version:  - Telltale Games)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
TwitchAlerts (HKCU\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.6.14 - Webroot)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D BOY)
x264vfw - H.264/MPEG-4 AVC codec (remove only) (HKLM-x32\...\x264vfw) (Version:  - )
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
ZoneAlarm Firewall (HKLM-x32\...\{FDCC4123-4583-4C2C-99FC-567C0C4C0448}) (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.2.015.000 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{7677CB3A-6524-45C1-A49B-276952242519}) (Version: 13.2.015.000 - Check Point Software Technologies Ltd.) Hidden
 
**** End of log ****
 

Edited by ImMRB, 10 November 2015 - 05:28 PM.


#13 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 11 November 2015 - 02:22 PM

And MBAM log?


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 


#14 ImMRB

ImMRB
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:22 AM

Posted 11 November 2015 - 03:22 PM

is that malware bytes anti malware?



#15 severac

severac

  • Members
  • 872 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Serbia
  • Local time:03:22 PM

Posted 11 November 2015 - 04:32 PM

Yes.


I would like to help you to remove malware. Let's look inside.   :busy:

But I don't know to solve all PC problems.  :smash: 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users