Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Attack HELP!


  • Please log in to reply
38 replies to this topic

#1 Angelgyrl

Angelgyrl

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 19 January 2016 - 09:20 AM

I was using my computer as normal one day browsing through FB. I have Windows 10 and was using Google Chrome.  I clicked on a story about a famous person who had just died, read the story (I think this was safe), then clicked on another link about another famous person who had died (this is where I think the malware got me).  All of a sudden my computer started this VERY LOUD beeping noise, and came up with a message in the middle of the screen telling me to call this number to get help from a "certified Microsoft technician".  It was an '844' number.  I called the number and some Indian guy who I could barely understand answered.  Let me tell you I could REALLY barely understand him.  I stupidly allowed him to log into my computer remotely.  He started telling me all he could do to fix my computer, then told me it would be $100 to fix it.  I knew it was a hacker at that point.  He said it was one of the worse malwares and that the Avira Virus protection i was using couldn't stop it.  Avira is free and I've used it for years with no trouble, but I guess it's time to pay for protection once i get my computer all fixed up.

 

I closed out all the windows the guy had opened, even the screen that he signed in from (don't remember the name of the program that he logged into my machine with).  As of now my computer seems to work normally, except for the fact that this malware shut down several programs, especially my anti-Virus software.  I keep getting notices that my Spyware and Virus Protection is not active,, and to click on the link to reactivate it, but when I do, nothing happens.  My Avira Launcher only allows me to restart my computer, with no correction to the problem.

 

Can anyone help me with this problem? Thanks!!!!



BC AdBot (Login to Remove)

 


#2 Shadow7655

Shadow7655

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:48 PM

Posted 19 January 2016 - 01:59 PM

Hi,

Does any PUPS show up? If so it might be adware. Adware tracks your internet habit and other user information in the form of cookie.

As I'm sophomore , still learning on how to remove malware I can't assist furthermore, I suggest using Adblock to avoid clicking ads. Also if you want to block third parties cookie from being set.

Edited by Shadow7655, 19 January 2016 - 02:15 PM.


#3 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 19 January 2016 - 06:54 PM

Thanks for replying.  I used a program provided in one of the links on here for malware removal.........it seems to have done the trick!  I was able to reload my anti-virus software, all error messages went away, I think I'm good now.  BUT..............how do I know for sure I'm now clean?????



#4 Shadow7655

Shadow7655

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:48 PM

Posted 19 January 2016 - 08:52 PM

Install AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/ Make sure its the same BIT as you're computer

 

Drag AdwCleaner to you're desktop

 

Right click, run as administrator

 

Click Scan

 

Post logs.

 

NOTE: If AdwCleaner detects a malware, it will reboot you're computer. after this process is done a notepad will appear showing logs, please post the logs here


Edited by Shadow7655, 19 January 2016 - 09:14 PM.


#5 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 20 January 2016 - 06:41 AM

Here's the log after running the software, looks like it got a couple of malware hits...........thanks so much!!!!

 

# AdwCleaner v5.030 - Logfile created 20/01/2016 at 06:31:19
# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 10 Home  (x64)
# Username : BJ DeCoeur - HOMEPC
# Running from : C:\Users\BJ DeCoeur\Downloads\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Folders ] *****
 
[-] Folder Deleted : C:\Program Files (x86)\Coupons
[-] Folder Deleted : C:\ProgramData\speedypc software
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Coupons
[-] Folder Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimekcmjahalpgniahhigkfichaihfkp
[-] Folder Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdipifddaiedehdphnflapcinbndgmb
[-] Folder Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdeodmkndpilehggjlhmbimkomlfdalf
[-] Folder Deleted : C:\Users\BJ DeCoeur\AppData\Roaming\speedypc software
 
***** [ Files ] *****
 
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jimekcmjahalpgniahhigkfichaihfkp_0.localstorage
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jimekcmjahalpgniahhigkfichaihfkp_0.localstorage-journal
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kgdipifddaiedehdphnflapcinbndgmb_0.localstorage
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kgdipifddaiedehdphnflapcinbndgmb_0.localstorage-journal
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdeodmkndpilehggjlhmbimkomlfdalf_0.localstorage
[-] File Deleted : C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mdeodmkndpilehggjlhmbimkomlfdalf_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
[-] Task Deleted : SpeedyPC Update Version3_triggeronce
 
***** [ Registry ] *****
 
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
[-] Key Deleted : HKCU\Software\speedypc software
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.1.6
 
***** [ Web browsers ] *****
 
[-] [C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : jimekcmjahalpgniahhigkfichaihfkp
[-] [C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kgdipifddaiedehdphnflapcinbndgmb
[-] [C:\Users\BJ DeCoeur\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : mdeodmkndpilehggjlhmbimkomlfdalf
 
*************************
 
:: "Tracing" keys removed
:: Winsock settings cleared
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3322 bytes] ##########


#6 Shadow7655

Shadow7655

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:48 PM

Posted 20 January 2016 - 10:00 AM

Everything seems to be okay, does any popups still happen?

#7 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 20 January 2016 - 10:38 AM

no I'm not seeing any more pop ups!  You are my hero!!!!  Thanks so much, I really didn't have the $100 it was going to cost me to get this taken care of at Best Buy, and as I"m disabled my computer is my constant companion...........thank you soooooooooooooooo much!!!!!



#8 Shadow7655

Shadow7655

  • Members
  • 70 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:48 PM

Posted 20 January 2016 - 11:04 AM

No problem

#9 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:48 PM

Posted 20 January 2016 - 12:57 PM

Angelgyrl, I notice you are following this topic.

If you receive email notifications of replies, there will be a notice for one which is no longer in the topic. The text of the reply is in the email notification.

DO NOT take up the offer. 

Bleeping Computer rules state

 

 

All help must be provided in the forums or on our IRC Chat channel. We do not allow support to be provided or requested via personal message, email, or remote desktop control programs (Logmein, TeamViewer, etc).

Edited by Queen-Evie, 20 January 2016 - 01:01 PM.


#10 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 20 January 2016 - 05:19 PM

thank you for letting me know this!  My virus software continues to 'catch' "things", I click on the remove button.  Don't know why I keep getting hit by 'stuff', I re-ran the adware software that Shadow7655 told me to and it again removed a couple of 'things'........weird, but my computer is now protected and working fine so I guess I'm ok????



#11 Queen-Evie

Queen-Evie

    Official Bleepin' G.R.I.T.S. (and proud of it)


  • Staff Emeritus
  • 16,485 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:My own little corner of the universe (somewhere in Alabama). It's OK, they know me here
  • Local time:05:48 PM

Posted 20 January 2016 - 05:24 PM

I will put out a call for someone else to assist you.

#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 PM

Posted 20 January 2016 - 05:29 PM

Hi Angelgyrl :)

Queen asked me to assist you with the rest of your clean-up. You can call me Aura :) First, I would like you to run MiniToolBox so I can get an overview of your system.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 20 January 2016 - 06:09 PM

Hi Aura, thanks for responding, here is the report you requested after running the Minitoolbox

 

MiniToolBox by Farbar  Version: 02-11-2015
Ran by BJ DeCoeur (administrator) on 20-01-2016 at 18:07:31
Running from "C:\Users\BJ DeCoeur\Desktop"
Microsoft Windows 10 Home  (X64)
Model: HP 15 TS Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,634 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:48 PM

Posted 20 January 2016 - 06:11 PM

It seems that you copy/pasted only part of the log, can you copy/paste it fully please? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 Angelgyrl

Angelgyrl
  • Topic Starter

  • Members
  • 21 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 20 January 2016 - 06:30 PM

I am so sorry, it's been a long day........here is the WHOLE sordid story!!!!!  lol  thanks, look forward to hearing back from you!!!

 

"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : HomePC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 5C-B9-01-7F-50-F2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 1E-B5-7D-A2-A8-09
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : AC-B5-7D-A2-A8-09
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1c36:5dd3:335c:f603%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 20, 2016 11:39:08 AM
   Lease Expires . . . . . . . . . . : Thursday, January 21, 2016 5:50:57 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 61650301
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-82-14-62-5C-B9-01-7F-50-F2
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.{7A951D84-1FEA-4D75-90D0-81CB5B74E271}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:38d7:d69:5192:9d4(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::38d7:d69:5192:9d4%9(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-82-14-62-5C-B9-01-7F-50-F2
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  2607:f8b0:4002:c06::64
 74.125.196.139
 74.125.196.138
 74.125.196.113
 74.125.196.102
 74.125.196.100
 74.125.196.101
 
 
Pinging google.com [74.125.21.100] with 32 bytes of data:
Reply from 74.125.21.100: bytes=32 time=38ms TTL=40
Reply from 74.125.21.100: bytes=32 time=36ms TTL=40
 
Ping statistics for 74.125.21.100:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 36ms, Maximum = 38ms, Average = 37ms
Server:  UnKnown
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=61ms TTL=43
Reply from 98.139.183.24: bytes=32 time=55ms TTL=43
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 55ms, Maximum = 61ms, Average = 58ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  3...5c b9 01 7f 50 f2 ......Realtek PCIe FE Family Controller
  8...1e b5 7d a2 a8 09 ......Microsoft Wi-Fi Direct Virtual Adapter
 10...ac b5 7d a2 a8 09 ......Qualcomm Atheros AR9485 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
  7...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.2     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.2    281
      192.168.1.2  255.255.255.255         On-link       192.168.1.2    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.2    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.2    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.2    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  9    306 2001::/32                On-link
  9    306 2001:0:5ef5:79fd:38d7:d69:5192:9d4/128
                                    On-link
 10    281 fe80::/64                On-link
  9    306 fe80::/64                On-link
 10    281 fe80::1c36:5dd3:335c:f603/128
                                    On-link
  9    306 fe80::38d7:d69:5192:9d4/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    281 ff00::/8                 On-link
  9    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23552] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [312160] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/20/2016 05:11:03 PM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 05:10:42 PM) (Source: HP Active Health) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 11:47:45 AM) (Source: HP Active Health) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 10:41:04 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 10:40:04 AM) (Source: HP Active Health) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 07:40:04 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 07:40:01 AM) (Source: HP Active Health) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 06:42:33 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 06:42:22 AM) (Source: HP Active Health) (User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 06:23:42 AM) (Source: HP Active Health) (User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
 
System errors:
=============
Error: (01/20/2016 05:06:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (01/20/2016 05:04:04 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (01/20/2016 11:48:08 AM) (Source: Service Control Manager) (User: )
Description: The User Data Access_35b98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/20/2016 11:48:08 AM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_35b98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/20/2016 11:48:08 AM) (Source: Service Control Manager) (User: )
Description: The Contact Data_35b98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/20/2016 11:48:08 AM) (Source: Service Control Manager) (User: )
Description: The Sync Host_35b98 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/20/2016 11:46:58 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (01/20/2016 11:45:11 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (01/20/2016 11:38:08 AM) (Source: Service Control Manager) (User: )
Description: The User Data Access_33520 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
Error: (01/20/2016 11:38:08 AM) (Source: Service Control Manager) (User: )
Description: The User Data Storage_33520 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 10000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/20/2016 05:11:03 PM) (Source: HP Active Health)(User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 05:10:42 PM) (Source: HP Active Health)(User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 11:47:45 AM) (Source: HP Active Health)(User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 10:41:04 AM) (Source: HP Active Health)(User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 10:40:04 AM) (Source: HP Active Health)(User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 07:40:04 AM) (Source: HP Active Health)(User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 07:40:01 AM) (Source: HP Active Health)(User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 06:42:33 AM) (Source: HP Active Health)(User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
Error: (01/20/2016 06:42:22 AM) (Source: HP Active Health)(User: )
Description: -- SECURITY WARNING -- ActiveHealthProperties.ini has been tampered with, resetting it
 
Error: (01/20/2016 06:23:42 AM) (Source: HP Active Health)(User: )
Description: Exception while generating JSON: Input string was not in a correct format.
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-01-15 05:32:24.539
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-08 15:19:32.370
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-01-06 07:23:27.427
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-31 17:04:30.907
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-30 07:12:51.280
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-23 08:22:34.531
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-22 04:33:36.790
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-17 07:30:07.106
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-16 04:33:43.474
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-12-16 04:30:53.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
4 Elements II (HKLM-x32\...\WTA-beacfb09-20f8-4381-b733-d2629c2faef2) (Version: 3.0.2.59 - WildTangent) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{A30D3EA3-B90A-DDD5-949E-6DDE67E64FE6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.228.2 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{CFBFB037-56DD-42C7-8DA0-7C0AF7D09B51}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.1.11.1086 - Avira Operations GmbH & Co. KG)
Azkend 2: The World Beneath (HKLM-x32\...\WTA-855844d1-a457-43dd-b159-3376433e5046) (Version: 2.2.0.98 - WildTangent) Hidden
Barn Yarn Collector's Edition (HKLM-x32\...\WTA-7e1bc169-f21d-45f7-a5d6-d70bd1baf8d4) (Version: 3.0.2.48 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-2da8f42c-58be-4c53-a1c7-4c976fa4114b) (Version: 3.0.2.59 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot Mysteries (HKLM-x32\...\WTA-4f00d8f1-be77-4106-bcf3-1b9d2426144d) (Version: 3.0.2.51 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Curse at Twilight (HKLM-x32\...\WTA-5c149f47-806e-4b61-b87b-17a95a2d1da1) (Version: 3.0.2.51 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.) Hidden
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5.4505 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.1.0903 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5.4601 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.5.4523 - CyberLink Corp.)
Delicious - Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-b3eff840-47b6-4e50-9ec4-3de4a3a6f1a2) (Version: 3.0.2.48 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.)
Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.4 (HKLM-x32\...\{C15841A6-C20A-11E4-977D-00163E98E7D6}) (Version: 5.8.4.6870 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-15cae18c-b9af-436b-b79c-dfa5781370e2) (Version: 3.0.2.59 - WildTangent) Hidden
Farmington Tales 2 - Winter Crop (HKLM-x32\...\WTA-03614693-36f0-45b4-9949-32594e78260c) (Version: 3.0.2.59 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-d5f79269-fd46-4218-b9f9-f3d238ac5870) (Version: 3.0.2.38 - WildTangent) Hidden
Fort Defense (HKLM-x32\...\WTA-d4d8bd1f-70ea-41f3-b059-188994897435) (Version: 3.0.2.51 - WildTangent) Hidden
Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-4345314d-6f08-4735-8ea0-08af77738cf2) (Version: 3.0.2.59 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Documentation (HKLM-x32\...\{EA7EA537-8F93-42A2-9384-66E7F049E6B0}) (Version: 1.4.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Jewel Match 3 (HKLM-x32\...\WTA-d2197346-55e0-4c58-b528-c65c1b4e6789) (Version: 3.0.2.59 - WildTangent) Hidden
Joining Hands 2 (HKLM-x32\...\WTA-adea7c81-b4d1-4694-af19-bba82f13363b) (Version: 3.0.2.51 - WildTangent) Hidden
Lexmark S300-S400 Series (HKLM\...\Lexmark S300-S400 Series) (Version:  - Lexmark International, Inc.)
Lost in Reefs 2 (HKLM-x32\...\WTA-5ed85a0f-bcbc-4060-9e3b-838188d05425) (Version: 3.0.2.51 - WildTangent) Hidden
LUXOR Evolved (HKLM-x32\...\WTA-41ce8320-451d-4f6c-86c3-996c9bf7401b) (Version: 2.2.0.98 - WildTangent) Hidden
Magic Heroes: Save Our Park (HKLM-x32\...\WTA-deefe7ba-41ef-4d56-a02e-16bc5194abbd) (Version: 3.0.2.59 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-12e4ec73-964b-4373-8d80-fedb1cbac9f1) (Version: 3.0.2.59 - WildTangent) Hidden
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Peggle Nights (HKLM-x32\...\WTA-c8e700ed-272f-4f63-a390-112997284be8) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-90d87eec-994d-455c-9048-493b34528eb9) (Version: 3.0.2.59 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-1ad86cb2-9f4d-43b4-80a4-6f57f9f9cd2b) (Version: 3.0.2.51 - WildTangent) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-faf833c2-dade-485b-8ccf-d9329ae32179) (Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.107 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7634 - Realtek Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-cccef678-a8c9-4a24-87d2-d41d0e76e83f) (Version: 3.0.2.59 - WildTangent) Hidden
Rush Hour! Gas Station (HKLM-x32\...\WTA-3d294cd7-1a80-4992-a9dc-e359fb7c9fcd) (Version: 3.0.2.59 - WildTangent) Hidden
Sky High Farm (HKLM-x32\...\WTA-2cf8464a-d785-4ce7-b003-0ea006232418) (Version: 3.0.2.59 - WildTangent) Hidden
Solitaire Mystery Four Seasons (HKLM-x32\...\WTA-4140154e-ece9-4aea-ac44-fa593001da8a) (Version: 3.0.2.51 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.104 - Synaptics Incorporated)
ThinkFree Office 3.6.1163.23 (HKLM-x32\...\ThinkFree Office 3.6.1163.23) (Version:  - ThinkFree Corp.)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-ae8dabbf-655a-4c98-8920-06c216307c62) (Version: 3.0.2.32 - WildTangent) Hidden
Viking Saga (HKLM-x32\...\WTA-6f03a590-7bc6-479b-b8cc-67e908807d3b) (Version: 3.0.2.48 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.14 - WildTangent) Hidden
Youda Jewel Shop (HKLM-x32\...\WTA-081d5f4e-f9e4-4d32-9cbf-0843859e45c1) (Version: 3.0.2.51 - WildTangent) Hidden
 
========================= Devices: ================================
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\AUO12EC\4&14553DB8&0&UID256
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 7112.98 MB
Available physical RAM: 4288.13 MB
Total Virtual: 8264.98 MB
Available Virtual: 4684.31 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:905.08 GB) (Free:852.6 GB) NTFS
2 Drive d: (RECOVERY) (Fixed) (Total:24.59 GB) (Free:2.75 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\HOMEPC
 
Administrator            BJ DeCoeur               DefaultAccount           
Guest                    
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users