Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My computer has various malwares registered on my registry


  • Please log in to reply
33 replies to this topic

#1 polar959

polar959

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 15 June 2016 - 09:17 PM

so the thing is that there are a few .dll files which have been registered to my computer and I am pretty much sure they are virus because they are not stock dll so now I would like to know that if I uninstall my windows like I have 3 drives I would first install windows in another disk and then format the disk containing the malware containing windows will it unregister the dll and will it remove the malware because i am scared that this is the reason my Instagram was hacked so please guide me.

Edit: Moved topic from Virus, Trojan, Spyware, and Malware Removal Logs to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 16 June 2016 - 10:18 AM

Hi polar :)

If you're worried that your system is infected, I can take a look. Follow the instructions below please.

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop;
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options:
    • Flush DNS;
    • Report IE Proxy Settings;
    • Reset IE Proxy Settings;
    • Report FF Proxy Settings;
    • Reset FF Proxy Settings;
    • List content of Hosts;
    • List IP Configuration;
    • List Winsock Entries;
    • List Last 10 Event Viewer Errors;
    • List Installed Programs;
    • List Devices - Only Problems;
    • List Users, Partitions and Memory size;
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete;
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Upload the file on Dropbox, Google Drive, OneDrive or SendSpace (doesn't require an account) and post the download URL for it here;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 16 June 2016 - 03:28 PM

The Minitoolbox log says :

 

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by SONY (administrator) on 16-06-2016 at 15:54:14
Running from "C:\Users\SONY\Favorites\Downloads\Desktop"
Microsoft Windows 8 Pro  (X64)
Model: SVE1513CYNB Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1                   rss2search.com
127.0.0.1                   techbrowsing.com
127.0.0.1                   box.anchorfree.net
127.0.0.1                   www.mefeedia.com
127.0.0.3                   www.anchorfree.net
127.0.0.2                   mefeedia.com
127.0.0.1                   anchorfree.us
127.0.0.1                   a433.com
127.0.0.1                   rpt.anchorfree.net
127.0.0.1                   delivery.anchorfree.us/land.php
127.0.0.1                   hsselite.com
127.0.0.1                   www.hsselite.com
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
LogMeIn Hamachi Virtual Ethernet Adapter = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Hamachi" forwarding=enabled advertise=enabled metric=9000 nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Polar
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : browserupdatecheck.in
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B8-76-3F-EF-D3-02
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : CA-76-3F-EF-D3-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : B8-76-3F-EF-D3-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::613f:8572:bf6e:5b25%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.17(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 16 June 2016 15:45:54
   Lease Expires . . . . . . . . . . : 23 June 2016 15:45:54
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 330855999
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-ED-EF-85-30-F9-ED-D5-E5-A3
   DNS Servers . . . . . . . . . . . : 104.197.191.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-F9-ED-D5-E5-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : LogMeIn Hamachi Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 7A-79-19-3D-CB-EA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::193d:cbea(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::b5ac:3ef2:ae08:25c2%27(Preferred) 
   IPv4 Address. . . . . . . . . . . : 25.61.203.234(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : 16 June 2016 15:39:34
   Lease Expires . . . . . . . . . . : 16 June 2017 15:39:34
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 453136626
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-ED-EF-85-30-F9-ED-D5-E5-A3
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  104.197.191.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.129.139
 74.125.129.100
 74.125.129.113
 74.125.129.102
 74.125.129.101
 74.125.129.138
 
Ping request could not find host google.com. Please check the name and try again.
Server:  4.191.197.104.bc.googleusercontent.com
Address:  104.197.191.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=93ms TTL=52
Reply from 206.190.36.45: bytes=32 time=199ms TTL=52
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 199ms, Average = 146ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...b8 76 3f ef d3 02 ......Bluetooth Device (Personal Area Network)
 14...ca 76 3f ef d3 01 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...b8 76 3f ef d3 01 ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
 12...30 f9 ed d5 e5 a3 ......Realtek PCIe GBE Family Controller
 27...7a 79 19 3d cb ea ......LogMeIn Hamachi Virtual Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1    25.61.203.234   9256
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.17     25
         25.0.0.0        255.0.0.0         On-link     25.61.203.234   9256
    25.61.203.234  255.255.255.255         On-link     25.61.203.234   9256
   25.255.255.255  255.255.255.255         On-link     25.61.203.234   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.17    281
     192.168.0.17  255.255.255.255         On-link      192.168.0.17    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.17    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.17    281
        224.0.0.0        240.0.0.0         On-link     25.61.203.234   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.17    281
  255.255.255.255  255.255.255.255         On-link     25.61.203.234   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 27   9005 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 27    261 2620:9b::/64             On-link
 27    261 2620:9b::/96             On-link
 27    261 2620:9b::193d:cbea/128   On-link
 13    281 fe80::/64                On-link
 27    261 fe80::/64                On-link
 13    281 fe80::613f:8572:bf6e:5b25/128
                                    On-link
 27    261 fe80::b5ac:3ef2:ae08:25c2/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
 27    261 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390
 
 
System errors:
=============
Error: (06/16/2016 03:54:28 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:45:56 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:45:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:37 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:34 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:34 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:32 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:21:00 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:17:54 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
AppCola (HKLM-x32\...\XYClient) (Version: 2.4.7.6834 - Kingnet Network Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
DFX (HKLM-x32\...\DFX) (Version: 11.200.0.0 - Power Technology)
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 8703 (Build 534) - Speedbit Ltd.)
Extract-XISO -- GUI by Huge (HKLM-x32\...\Extract-XISO -- GUI by Huge) (Version:  - )
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Horizon (HKLM-x32\...\{5ad7e3e6-6278-49f0-b46c-418a7e464fb3}) (Version: 2.8.20 - Daring Development Inc.)
Horizon (HKLM-x32\...\{919A1EF9-C88B-4C3D-B67E-032C82036359}) (Version: 2.8.20 - Daring Development Inc.) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
K-Lite Codec Pack 9.2.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
KP Typing Tutor v3.2 International Edition (HKLM-x32\...\KP Typing Tutor_is1) (Version:  - )
KUx86 (HKLM-x32\...\{857087BB-A988-4462-A5C6-CF6739143B56}) (Version: 1.0.0 - Sony Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\{52079A64-F5B5-46D9-9A7A-34FE37A4DCB5}) (Version: 2.2.0.472 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.472 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
mHotspot version 7.8.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.0.0 - mHotspot)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version:  - )
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Moyea FLV Player version 1.6.2.2 (HKLM-x32\...\{6882B3A9-AB98-4ABA-A623-2979FBEA5F9F}_is1) (Version:  - )
Mozilla Firefox 17.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0 (x86 en-US)) (Version: 17.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
Nero 7 Essentials (HKLM-x32\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Opera 11.01 (HKLM-x32\...\Opera 11.01.1190) (Version: 11.01.1190 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
PremiumSoft Navicat 8.0 for MySQL (HKLM-x32\...\PremiumSoft Navicat 8.0 for MySQL_is1) (Version:  - PremiumSoft CyberTech Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 r2519 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Reload Icons Cache 1.00 (HKLM-x32\...\Reload Icons Cache 1.00) (Version: 1.00 - Mr Blade Design's)
SkinPack Mac OSX Dark (HKLM-x32\...\SkinPack) (Version: Mac OSX Dark - SkinPack)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Tongbu Assistant 2.3.1.0 (HKLM-x32\...\Tongbu2) (Version: 2.3.1.0 - Xiamen Tongbu Network Ltd.)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
Visual Basic 6.0 Runtime Plus (HKLM-x32\...\Visual Basic 6.0 Runtime Plus_is1) (Version:  - )
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
WebOptimum (HKLM-x32\...\{53C9B483-EF2D-480D-9E1D-118F46700824}) (Version: 1.0.0.0 - bscodecs.com) Hidden
WebOptimum 2.0 (HKLM-x32\...\WebOptimum) (Version: 2.0 - WebOptimum)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zuma Deluxe RA (HKLM-x32\...\Zuma Deluxe RA) (Version:  - )
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 78%
Total physical RAM: 1948.36 MB
Available physical RAM: 424.12 MB
Total Virtual: 23484.36 MB
Available Virtual: 21791.24 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:97.31 GB) (Free:23.42 GB) NTFS
2 Drive d: () (Fixed) (Total:97.66 GB) (Free:20.59 GB) NTFS
3 Drive e: () (Fixed) (Total:102.78 GB) (Free:12.38 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\POLAR
 
Administrator            Guest                    SONY                     
 
 
**** End of log ****


#4 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 16 June 2016 - 03:34 PM

MiniToolBox by Farbar  Version: 07-02-2016 01
Ran by SONY (administrator) on 16-06-2016 at 15:54:14
Running from "C:\Users\SONY\Favorites\Downloads\Desktop"
Microsoft Windows 8 Pro  (X64)
Model: SVE1513CYNB Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1                   rss2search.com
127.0.0.1                   techbrowsing.com
127.0.0.1                   box.anchorfree.net
127.0.0.1                   www.mefeedia.com
127.0.0.3                   www.anchorfree.net
127.0.0.2                   mefeedia.com
127.0.0.1                   anchorfree.us
127.0.0.1                   a433.com
127.0.0.1                   rpt.anchorfree.net
127.0.0.1                   delivery.anchorfree.us/land.php
127.0.0.1                   hsselite.com
127.0.0.1                   www.hsselite.com
========================= IP Configuration: ================================
 
Qualcomm Atheros AR9485WB-EG Wireless Network Adapter = Wi-Fi (Connected)
LogMeIn Hamachi Virtual Ethernet Adapter = Hamachi (Connected)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled taskoffload=disabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection* 9" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 13" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 14" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Hamachi" forwarding=enabled advertise=enabled metric=9000 nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Polar
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : browserupdatecheck.in
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : B8-76-3F-EF-D3-02
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : CA-76-3F-EF-D3-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
   Physical Address. . . . . . . . . : B8-76-3F-EF-D3-01
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::613f:8572:bf6e:5b25%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.17(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 16 June 2016 15:45:54
   Lease Expires . . . . . . . . . . : 23 June 2016 15:45:54
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 330855999
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-ED-EF-85-30-F9-ED-D5-E5-A3
   DNS Servers . . . . . . . . . . . : 104.197.191.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-F9-ED-D5-E5-A3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : LogMeIn Hamachi Virtual Ethernet Adapter
   Physical Address. . . . . . . . . : 7A-79-19-3D-CB-EA
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::193d:cbea(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::b5ac:3ef2:ae08:25c2%27(Preferred) 
   IPv4 Address. . . . . . . . . . . : 25.61.203.234(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : 16 June 2016 15:39:34
   Lease Expires . . . . . . . . . . : 16 June 2017 15:39:34
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 453136626
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-ED-EF-85-30-F9-ED-D5-E5-A3
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  104.197.191.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    google.com
Addresses:  74.125.129.139
 74.125.129.100
 74.125.129.113
 74.125.129.102
 74.125.129.101
 74.125.129.138
 
Ping request could not find host google.com. Please check the name and try again.
Server:  4.191.197.104.bc.googleusercontent.com
Address:  104.197.191.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=93ms TTL=52
Reply from 206.190.36.45: bytes=32 time=199ms TTL=52
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 93ms, Maximum = 199ms, Average = 146ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...b8 76 3f ef d3 02 ......Bluetooth Device (Personal Area Network)
 14...ca 76 3f ef d3 01 ......Microsoft Wi-Fi Direct Virtual Adapter
 13...b8 76 3f ef d3 01 ......Qualcomm Atheros AR9485WB-EG Wireless Network Adapter
 12...30 f9 ed d5 e5 a3 ......Realtek PCIe GBE Family Controller
 27...7a 79 19 3d cb ea ......LogMeIn Hamachi Virtual Ethernet Adapter
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1    25.61.203.234   9256
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.17     25
         25.0.0.0        255.0.0.0         On-link     25.61.203.234   9256
    25.61.203.234  255.255.255.255         On-link     25.61.203.234   9256
   25.255.255.255  255.255.255.255         On-link     25.61.203.234   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link      192.168.0.17    281
     192.168.0.17  255.255.255.255         On-link      192.168.0.17    281
    192.168.0.255  255.255.255.255         On-link      192.168.0.17    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.0.17    281
        224.0.0.0        240.0.0.0         On-link     25.61.203.234   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.0.17    281
  255.255.255.255  255.255.255.255         On-link     25.61.203.234   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 27   9005 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 27    261 2620:9b::/64             On-link
 27    261 2620:9b::/96             On-link
 27    261 2620:9b::193d:cbea/128   On-link
 13    281 fe80::/64                On-link
 27    261 fe80::/64                On-link
 13    281 fe80::613f:8572:bf6e:5b25/128
                                    On-link
 27    261 fe80::b5ac:3ef2:ae08:25c2/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
 27    261 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [67584] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [55296] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [289280] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [72192] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [53760] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [64000] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [355328] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:55 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390
 
 
System errors:
=============
Error: (06/16/2016 03:54:28 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:45:56 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:45:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:37 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:34 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:34 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:32 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:39:31 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:21:00 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (06/16/2016 03:17:54 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6093
 
Error: (06/16/2016 03:20:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4890
 
Error: (06/16/2016 03:20:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3671
 
Error: (06/16/2016 03:20:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/16/2016 03:20:55 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2390
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.)
AppCola (HKLM-x32\...\XYClient) (Version: 2.4.7.6834 - Kingnet Network Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{34985F59-8F6F-46F4-9AD5-53E2714294D2}) (Version: 3.0.189 - ArcSoft)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{4FCF716C-CEB4-499D-AFB8-A5375105EC2A}) (Version: 0.9.30.9239 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cain & Abel 4.9.56 (HKLM-x32\...\Cain & Abel 4.9.56) (Version:  - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Combined Community Codec Pack 64bit 2015-10-18 (HKLM\...\Combined Community Codec Pack 64bit_is1) (Version: 2015.10.19.0 - CCCP Project)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
DFX (HKLM-x32\...\DFX) (Version: 11.200.0.0 - Power Technology)
Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 8703 (Build 534) - Speedbit Ltd.)
Extract-XISO -- GUI by Huge (HKLM-x32\...\Extract-XISO -- GUI by Huge) (Version:  - )
Free Download Manager 3.9.4 (HKLM-x32\...\Free Download Manager_is1) (Version:  - FreeDownloadManager.ORG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
GS Auto Clicker (HKLM-x32\...\GS Auto Clicker_is1) (Version: V3.1.3 - goldensoft.org)
Horizon (HKLM-x32\...\{5ad7e3e6-6278-49f0-b46c-418a7e464fb3}) (Version: 2.8.20 - Daring Development Inc.)
Horizon (HKLM-x32\...\{919A1EF9-C88B-4C3D-B67E-032C82036359}) (Version: 2.8.20 - Daring Development Inc.) Hidden
Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2817 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
K-Lite Codec Pack 9.2.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
KP Typing Tutor v3.2 International Edition (HKLM-x32\...\KP Typing Tutor_is1) (Version:  - )
KUx86 (HKLM-x32\...\{857087BB-A988-4462-A5C6-CF6739143B56}) (Version: 1.0.0 - Sony Corporation) Hidden
LogMeIn Hamachi (HKLM-x32\...\{52079A64-F5B5-46D9-9A7A-34FE37A4DCB5}) (Version: 2.2.0.472 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.472 - LogMeIn, Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MapleStory (HKLM-x32\...\MapleStory) (Version:  - )
mHotspot version 7.8.0.0 (HKLM-x32\...\{beeb7906-9268-4520-8850-8d8af9b1c7c8}_is1) (Version: 7.8.0.0 - mHotspot)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version:  - )
Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Moyea FLV Player version 1.6.2.2 (HKLM-x32\...\{6882B3A9-AB98-4ABA-A623-2979FBEA5F9F}_is1) (Version:  - )
Mozilla Firefox 17.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0 (x86 en-US)) (Version: 17.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
Nero 7 Essentials (HKLM-x32\...\{66B6D13A-9CC1-417D-B6F2-58AA539D1033}) (Version: 7.03.1303 - Nero AG)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Opera 11.01 (HKLM-x32\...\Opera 11.01.1190) (Version: 11.01.1190 - Opera Software ASA)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd)
PremiumSoft Navicat 8.0 for MySQL (HKLM-x32\...\PremiumSoft Navicat 8.0 for MySQL_is1) (Version:  - PremiumSoft CyberTech Ltd.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.3 r2519 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Reload Icons Cache 1.00 (HKLM-x32\...\Reload Icons Cache 1.00) (Version: 1.00 - Mr Blade Design's)
SkinPack Mac OSX Dark (HKLM-x32\...\SkinPack) (Version: Mac OSX Dark - SkinPack)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.16.2 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
Tongbu Assistant 2.3.1.0 (HKLM-x32\...\Tongbu2) (Version: 2.3.1.0 - Xiamen Tongbu Network Ltd.)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
Visual Basic 6.0 Runtime Plus (HKLM-x32\...\Visual Basic 6.0 Runtime Plus_is1) (Version:  - )
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
WebOptimum (HKLM-x32\...\{53C9B483-EF2D-480D-9E1D-118F46700824}) (Version: 1.0.0.0 - bscodecs.com) Hidden
WebOptimum 2.0 (HKLM-x32\...\WebOptimum) (Version: 2.0 - WebOptimum)
WinRAR 4.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wondershare PDF to Word (Build 4.0.1) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zuma Deluxe RA (HKLM-x32\...\Zuma Deluxe RA) (Version:  - )
 
========================= Devices: ================================
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 78%
Total physical RAM: 1948.36 MB
Available physical RAM: 424.12 MB
Total Virtual: 23484.36 MB
Available Virtual: 21791.24 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:97.31 GB) (Free:23.42 GB) NTFS
2 Drive d: () (Fixed) (Total:97.66 GB) (Free:20.59 GB) NTFS
3 Drive e: () (Fixed) (Total:102.78 GB) (Free:12.38 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\POLAR
 
Administrator            Guest                    SONY                     
 
 
**** End of log ****


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 17 June 2016 - 06:31 AM

Uninstall the following programs please.
  • Adobe Flash Player 13 Plugin - Outdated and vulnerable;
  • Adobe Reader X (10.1.10) - Outdated and vulnerable;
  • Java 8 Update 60 - Outdated and vulnerable;
  • Java 6 Update 20 - Outdated and vulnerable;
  • WebOptimum 2.0 - Adware;
Once done, follow the instructions below please.

sUc2qjf.pngAutoruns - Start-up Entries
Follow the instructions below to give me an Autoruns log containing your start-up entries:
  • Download Autoruns.zip from the Sysinternals Suite webpage;
  • Extract the content of the Autoruns.zip folder where you want, then go in the folder, right-click on Autoruns.exe and select Run as Administrator;
  • Accept the EULA on opening, then wait for all the entries to load;
  • Click on File then Save and save the file to a location easily accessible as a .arn (Autoruns) file;
  • Upload the file on Dropbox, Google Drive, OneDrive or SendSpace (doesn't require an account) and post the download URL for it here;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 17 June 2016 - 03:23 PM

  • Adobe Flash Player 13 Plugin - Outdated and vulnerable;
  • Adobe Reader X (10.1.10) - Outdated and vulnerable;
  • Java 8 Update 60 - Outdated and vulnerable;
  • Java 6 Update 20 - Outdated and vulnerable                            

I need this files for my school project and all the stuff!!! so can't uninstall them..

 

  • Web Optimum is uninstalled

 

 

The link for the arm file is here https://www.sendspace.com/file/rl05rc



#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 17 June 2016 - 04:59 PM

You need outdated versions of these programs?

Alright, launch Autoruns again, and now you'll delete the entries in the screenshots below. To delete an entry, simply right-click on it and select Delete.
Qu4cdqn.png

Xnx2Rpa.png

zPqnN0E.png

oVsKHNi.png

NFCWLXV.png

wCet1zk.png

ENpYjwQ.png

3zdeOgJ.png

qu2APiE.png

WPsbePZ.png

8S2dxEy.png

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 17 June 2016 - 09:25 PM

I deleted all of them you said and start_up_prank.bat file was made by me it was just a prank program made in notepad so it's not dangerous. Is it okay if I don't delete it??



#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 18 June 2016 - 06:52 AM

I don't have a problem with you not deleting it, if you're sure you made it and that it's safe. Now, follow the instructions below please.

0isDeWa.pngMalwarebytes Anti-Malware - Clean Mode
  • Download and install the free version of Malwarebytes Anti-Malware
    Note: It's your choice if you want to enable the free trial of Malwarebytes Premium or not. Enabling it will give you real-time protection from the program, as well as access to all the Premium features.
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point;
  • Once Malwarebytes is installed, launch it and let it update his database. You might have to click on the Update Now button;
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan;
  • Let the scan run, the time required to complete the scan depends of your system and computer specs;
  • Once the scan is complete, make sure that the checkbox by Threat is checked (it means that every item detected is checked), then click on the Remove Selected button;
    L9PN4j1.png
  • Click on Save Results after the deletion (in the bottom-right corner) and select Copy to clipboard. Paste the content in your next reply;
G0tu5D9.pngEmsisoft Emergency Kit
Follow the instructions below to run a scan using the Emsisoft Emergency Kit.
  • Download the Emsisoft Emergency Kit and execute it. From there, click on the Extract button to extract the program in the EEK folder;
  • Once the extraction is complete, Emsisoft Emergency Kit will open, and suggest you to run an online update before using the program. Click on Yes to launch it.
  • After the update, click on Malware Scan under 2. Scan and accept to let Emsisoft Emergency Kit detect PUPs (click on Yes).
  • Once the scan is complete, make sure that every item in the list is checked, and click on Quarantine selected;
    Egla2gt.png
  • If it asks you for a reboot to delete some items, click on Ok to reboot automatically;
  • After the restart, click on the Start Emsisoft Emergency Kit icon again on your desktop to open it;
  • This time, click on Logs;
  • From there, go under the Quarantine Log tab, and click on the Export button;
    IgfWDr3.png
  • Save the log on your desktop, then open it, and copy/paste its content in your next reply;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 19 June 2016 - 02:12 PM

2 quarantines were not deleted they were DNSapi.dll and the log for all the other is as follow :-

 

Emsisoft Emergency Kit - Version 11.0
Quarantine log
 
Date Source Event Detection
19-06-2016 15:06:42 Key: HKEY_USERS\S-1-5-21-2610045624-1876122659-2681280514-1001_CLASSES\WOW6432NODE\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326} Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:42 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFCTRL.ANIGIF Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:42 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:42 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG.ANIGIFPPG.1 Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:41 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2 Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:41 Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\ANIGIFPPG2.ANIGIFPPG2.1 Moved to quarantine Application.Toolbar (A)
19-06-2016 15:06:41 Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\11598763487076930564 Moved to quarantine Application.AppInstall (A)
19-06-2016 15:06:41 Value: HKEY_USERS\S-1-5-21-2610045624-1876122659-2681280514-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN -> FREE DOWNLOAD MANAGER Moved to quarantine Application.AdStart (A)
19-06-2016 15:06:40 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OIOT141\AnyProtectSetup[1].exe Moved to quarantine Application.Downloader.AAL ( B )
19-06-2016 15:06:40 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B7RU2VE\BiTool[1].dll Moved to quarantine Application.InstallAd (A)
19-06-2016 15:06:40 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3B7RU2VE\setup_362[1].exe Moved to quarantine Adware.Agent.QLS ( B )
19-06-2016 15:06:40 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AH9TB0UW\AnyProtect[1].exe Moved to quarantine Adware.Agent.PCA ( B )
19-06-2016 15:06:39 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASVAC0W7\Bundle_Solimba_MaxDriverUpdater[1].exe Moved to quarantine Gen:Trojan.Heur.LC0@!xAJTAiO ( B )
19-06-2016 15:06:39 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MVXU3V69\SmartWebInstaller[1].exe Moved to quarantine Dropped:Adware.PriceGong.D ( B )
19-06-2016 15:06:39 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2RUV5HY\8b8jk[1].exe Moved to quarantine Gen:Variant.Symmi.62687 ( B )
19-06-2016 15:06:38 C:\Users\SONY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD3M2EI3\cmmdWriter[1].exe Moved to quarantine Adware.Generic.1366143 ( B )
19-06-2016 15:06:38 C:\Users\SONY\AppData\Roaming\Edebsaa\Anexgorn.dll Moved to quarantine Gen:Variant.Razy.57239 ( B )
19-06-2016 15:06:38 C:\Users\SONY\AppData\Roaming\Edebsaa\Zeswusg.exe Moved to quarantine Trojan.Generic.16948276 ( B )
19-06-2016 15:06:38 C:\Users\SONY\AppData\Roaming\Edebsaa\Zeswusg.dll Moved to quarantine Trojan.Generic.16988559 ( B )
19-06-2016 15:06:37 C:\Users\SONY\AppData\Roaming\Edebsaa\Anexgorn.exe Moved to quarantine Gen:Variant.Razy.59248 ( B )
19-06-2016 15:06:37 C:\Users\SONY\AppData\Roaming\Pwgen.dll Moved to quarantine Gen:Variant.Graftor.290220 ( B )
19-06-2016 15:06:36 C:\Users\SONY\Back ups\Hotspot_Shield_Elite_Universal__.exe Moved to quarantine Trojan.Generic.15422893 ( B )


#11 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 19 June 2016 - 02:14 PM

the above provided report is of emisoft and the reason for not quartantine is that the emisoft will personally tell you how to remove them safetly



#12 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 19 June 2016 - 02:41 PM

We'll address these after :) Now I just need the Malwarebytes log.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#13 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 19 June 2016 - 03:34 PM

The malware byte log is here :-

 

 Malwarebytes Anti-Malware

www.malwarebytes.org
 
Scan Date: 19-06-2016
Scan Time: 03:49 PM
Logfile: Malware Byte Report.txt
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.06.19.05
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8
CPU: x64
File System: NTFS
User: SONY
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374170
Time Elapsed: 26 min, 30 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 2
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Scheduler.Service.exe, 2568, , [5d7497671b7eeb4bc1b77978f013c739]
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Scheduler.Service.exe, 3004, , [6f629c622f6a39fdd5a523ce867d7789]
 
Modules: 12
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Common.Logging.Core.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Common.Logging.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Newtonsoft.Json.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\NLog.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Quartz.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Scheduler.Lib.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Common.Logging.Core.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Common.Logging.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Newtonsoft.Json.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\NLog.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Quartz.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Scheduler.Lib.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
 
Registry Keys: 12
PUP.Optional.WebOptimum, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{314CC13E-2027-44CA-838B-546591A01FDA}, , [3899b24c81185cda260db9d75aa8cf31], 
PUP.Optional.WebOptimum, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{314CC13E-2027-44CA-838B-546591A01FDA}, , [3899b24c81185cda260db9d75aa8cf31], 
PUP.Optional.WebOptimum, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{314CC13E-2027-44CA-838B-546591A01FDA}, , [3899b24c81185cda260db9d75aa8cf31], 
PUP.Optional.WebOptimum, HKU\S-1-5-21-2610045624-1876122659-2681280514-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{314CC13E-2027-44CA-838B-546591A01FDA}, , [3899b24c81185cda260db9d75aa8cf31], 
PUP.Optional.WebOptimum, HKU\S-1-5-21-2610045624-1876122659-2681280514-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{314CC13E-2027-44CA-838B-546591A01FDA}, , [3899b24c81185cda260db9d75aa8cf31], 
Adware.WebOptimon, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WebOptimum, , [6f62c23c7227999dbc9d24ae8e73b050], 
PUP.Optional.SysDriver, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Helper, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E0F12C38-9EF8-4A55-8E24-7C327D84D303}, , [20b1ef0f2970c57107b2c00115ed2cd4], 
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\PPI Update, , [17ba768846533ff7fdbd4d7432d01fe1], 
PUP.Optional.SpringFiles, HKLM\SOFTWARE\WOW6432NODE\SrpnFiles, , [419008f679202e08046ad2ef6a98c53b], 
PUP.Optional.WebOptimum, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WebOptimum, , [9b3628d6c4d5e94de87655818d76be42], 
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WdMan, , [d100fd01dcbdc96dbb081fcb1ae9b54b], 
 
Registry Values: 5
PUP.Optional.Downloader, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E0F12C38-9EF8-4A55-8E24-7C327D84D303}|Path, \PPI Update, , [20b1ef0f2970c57107b2c00115ed2cd4]
PUP.Optional.SysDriver, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\HELPER|ImagePath, "C:\Program Files (x86)\Sysdriver\Scheduler.Service.exe", , [02cfd42a4f4ad363fc7ded044db612ee]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{5E7A795D-2780-486C-B902-3105AF1B1D23}|AutoConfigUrl, http://unstops.biz/wpad.dat?1719d4747a9b2c7f93deadb018457b5910496185, , [fcd5bd412871ea4c69830db423dfd12f]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{BEEC3995-AD0D-4A65-80A8-B3EAC9A33183}|AutoConfigUrl, http://unstops.biz/wpad.dat?1719d4747a9b2c7f93deadb018457b5910496185, , [a72a9f5f3267330336b6a61b53af9c64]
Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IPHLPSVC\PARAMETERS\PROXYMGR\{C53347B2-B0C0-470A-BED8-10ED708C62E9}|AutoConfigUrl, http://unstops.biz/wpad.dat?1719d4747a9b2c7f93deadb018457b5910496185, , [ba17cb339009162014d8ab16659dc838]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 15
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.MCorp, C:\Users\SONY\AppData\Roaming\MCorp\1147, , [438ef7073f5a7cbadd84e80d946f58a8], 
PUP.Optional.MCorp, C:\Users\SONY\AppData\Roaming\MCorp, , [438ef7073f5a7cbadd84e80d946f58a8], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\nfeotgmnpeepdbcklegpcengnhgllhoe, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\content, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\skin, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.WebOptimum, C:\Program Files (x86)\WebOptimum, , [9041ae50b4e596a0d5f4506cf80a4eb2], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\content, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\skin, , [537eda246534d85ee8464c74857d49b7], 
 
Files: 67
PUP.Optional.IEPassViewer, C:\Users\SONY\Favorites\Downloads\Desktop\Pass.rar, , [1fb2c935cecbb77f310b48d3cd3330d0], 
PUP.Optional.WebOptimum, C:\Program Files (x86)\WebOptimum\IEPluginSetup.msi, , [5a7739c5f5a4b97dcfd68106917328d8], 
Adware.WebOptimon, C:\Program Files (x86)\WebOptimum\uninst.exe, , [6f62c23c7227999dbc9d24ae8e73b050], 
Adware.WebOptimon, C:\Users\SONY\AppData\Local\Temp\~nsuA.tmp\Au_.exe, , [f3de9a64dabf5ed8de7b4b8703feb34d], 
Adware.WebOptimon, C:\Windows\Temp\m2qcyl4j.exe, , [735e25d9eaaf96a0c792fbd7b15019e7], 
Adware.WebOptimon, C:\Windows\Temp\pcg1l23q.exe, , [14bd9d612178ba7c00592ea4966bb050], 
Adware.WebOptimon, C:\Windows\Temp\sc5umm00.exe, , [d100b9458b0ef1452c2d686ad42d3ac6], 
Adware.WebOptimon, C:\Windows\Temp\v2ly2ltr.exe, , [bb16eb139aff6dc95108fad8877aae52], 
Adware.WebOptimon, C:\Windows\Temp\vbaomo5u.exe, , [daf73bc37f1af93daaafefe36f929d63], 
Adware.WebOptimon, C:\Windows\Temp\w0ocojor.exe, , [428f5da1b7e27eb8d88117bb6f921ae6], 
Adware.WebOptimon, C:\Windows\Temp\wqomelm5.exe, , [8f42f608f5a445f1203928aa5ca5de22], 
Adware.WebOptimon, C:\Windows\Temp\2rw304xi.exe, , [cb06619d2673999db5a4ce04f30ede22], 
Adware.WebOptimon, C:\Windows\Temp\5mbyqeuh.exe, , [626f66984f4abf771b3eb0227988de22], 
Adware.WebOptimon, C:\Windows\Temp\a1tm0qdb.exe, , [4c85a35b63362f07d9803e94af52e719], 
Adware.WebOptimon, C:\Windows\Temp\ak0bd4wv.exe, , [1ab79f5f059459ddb2a7dbf7768b1ee2], 
Adware.WebOptimon, C:\Windows\Temp\cj1wnxnn.exe, , [cc05ca34d1c83afc8bced20039c8c53b], 
Adware.WebOptimon, C:\Windows\Temp\ctbafdah.exe, , [d4fdba44abee84b2dc7dac26c73a8e72], 
Adware.WebOptimon, C:\Windows\Temp\do1kv41n.exe, , [a8299b635a3fa3934712c70b59a8e917], 
Adware.WebOptimon, C:\Windows\Temp\gb0nehht.exe, , [9c3517e75247a5912633c60ca65b6a96], 
Adware.WebOptimon, C:\Windows\Temp\iytw32tf.exe, , [a22f49b5f8a16acc9ebbf7db45bc4cb4], 
Adware.WebOptimon, C:\Windows\Temp\kilsbf2s.exe, , [8150f8066831d462b2a70dc50ff2fe02], 
Adware.WebOptimon, C:\Windows\Temp\lmjc0t31.exe, , [745deb136831e0560851933f6f92f60a], 
PUP.Optional.WebOptimum, C:\Windows\Installer\263e41.msi, , [b819a35bafea2313cdd88bfc64a0c13f], 
PUP.Optional.Downloader, C:\Windows\System32\Tasks\PPI Update, , [b021f40a4158e551b007625fa45ea858], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Scheduler.Service.exe, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Common.Logging.Core.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Common.Logging.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\lasttrigger.txt, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\log.log, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Newtonsoft.Json.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\NLog.config, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\NLog.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Quartz.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Scheduler.Lib.dll, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.SysDriver, C:\Program Files (x86)\Sysdriver\Scheduler.Service.exe.config, , [5d7497671b7eeb4bc1b77978f013c739], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Scheduler.Service.exe, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Common.Logging.Core.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Common.Logging.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\lasttrigger.txt, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\log.log, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Newtonsoft.Json.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\NLog.config, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\NLog.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Quartz.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Scheduler.Lib.dll, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.WinDriver, C:\Program Files (x86)\Windriver\Scheduler.Service.exe.config, , [6f629c622f6a39fdd5a523ce867d7789], 
PUP.Optional.MCorp, C:\Users\SONY\AppData\Roaming\MCorp\1147\udpx, , [438ef7073f5a7cbadd84e80d946f58a8], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\nfeotgmnpeepdbcklegpcengnhgllhoe\icon128.png, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\nfeotgmnpeepdbcklegpcengnhgllhoe\icon48.png, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\nfeotgmnpeepdbcklegpcengnhgllhoe\jquery-1.8.0.min.js, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\nfeotgmnpeepdbcklegpcengnhgllhoe\manifest.json, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome.manifest, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\install.rdf, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\content\jquery-1.8.2.min.js, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\content\weboptimum.xul, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\skin\weboptimum.css, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.FASTExtensions, C:\Users\SONY\AppData\Local\FASTExtensions\weboptimum@bscodecs.com\chrome\skin\weboptimumlogo.png, , [2ba6d02e87126ccaa7210cb0f50dee12], 
PUP.Optional.WebOptimum, C:\Program Files (x86)\WebOptimum\uninst.exe, , [9041ae50b4e596a0d5f4506cf80a4eb2], 
PUP.Optional.WebOptimum, C:\Program Files (x86)\WebOptimum\WebOptimum.url, , [9041ae50b4e596a0d5f4506cf80a4eb2], 
PUP.Optional.WebOptimum, C:\Program Files (x86)\WebOptimum\WebOptimumSolution.msi, , [9041ae50b4e596a0d5f4506cf80a4eb2], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome.manifest, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\install.rdf, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\content\jquery-1.8.2.min.js, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\content\weboptimum.js, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\content\weboptimum.xul, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\skin\weboptimum.css, , [537eda246534d85ee8464c74857d49b7], 
PUP.Optional.WebOptimum, C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\vxytolmn.default\extensions\weboptimum@bscodecs.com\chrome\skin\weboptimumlogo.png, , [537eda246534d85ee8464c74857d49b7], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#14 polar959

polar959
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:08:15 PM

Posted 19 June 2016 - 03:37 PM

And also Is it that I am keylogged because my  instagram accounts was also hacked!  Not only once but twice!



#15 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:08:15 PM

Posted 19 June 2016 - 03:49 PM

It's possible that one of the infection you had was a keylogging or password stealing trojan, yes. In that case, I would suggest you to change all your passwords immediately on another computer, and enable 2FA on them if possible. It's your best chance to protect your accounts from being hacked again, even if the hacker have the password for it.

Since Malwarebytes detected a lot of PUPs and Adware, we'll run JRT and AdwCleaner to see if they can catch any remnants.

iT103hr.pngJunkware Removal Tool (JRT)
  • Download Junkware Removal Tool (JRT) and move it to your Desktop;
  • Right-click on JRT.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Press on any key to launch the scan and let it complete;
    tLsXbWy.png
    Credits : BleepingComputer.com
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply;
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop;
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Accept the EULA (I accept), let the database update, then click on Scan;
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Cleaning button. This will kill all the active processes;
    CfdTLN1.png
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it;
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply;

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users