Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"DNS address could not be found" after malware removal


  • Please log in to reply
11 replies to this topic

#1 BigWezz

BigWezz

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 07:59 AM

Hey guys!

 

I've searched this forum and any others all of last night trying to find a solution to my problem, which is, I cant access the internet off my home computer after I removed some malware from my pc. No applications nor browsers can gain access to the internet.

 

What happened and what I did

 

Right, yesterday upon boot up, I noticed that I had some sort of strange home page on Chrome so I dug about online and found out it was called "4yendex". So I used AdwCleaner then HitmanPro 3.7 to get rid of it and a few other things I didnt know that I had. Did a reboot after that and bam, no internet. My router is fine, phoned, laptops and the ipad all connect, and can use the internet fine, so I started looking for a fix for the PC. 

 

What I've tried 

  • Turned the pc on and off again
  • Tried accessing the internet in safe mode with networking
  • Reset the router
  • Ensured the pc is connecting to the router (it is)
  • Tried lowering the firewall to see if that was an issue but still, no access
  • I've used ipconfig/flush, renew and registerdns
  • I've made sure my "Obtain DNS addrss automatically" is set in ipv4
  • I've tried using a a preferred DNS and alternative of 8.8.8.8 and 8.8.4.4
  • I've ensured that the browsers proxy settings are set at their default settings
  • I've ran McAfee (it was up to date) - it found something but removed it (it was late in the morning, didnt catch its name)
  • Ran McAfee again but found nothing
  • I've ran AdwCleaner again, found nothing
  • Ran Malwarebytes, found nothing
  • I've ran ComboFix, it did its thing and gave a report (posted below the ipconfig/all report) but still not fixed
  • I have tried resetting winsock and the IP using; netsh winsock resetnetsh int ipv4 reset and netsh int ip reset.

 

And in the end, nothing has worked. So now I've reached the limit of my knowledge (ie, using google to find a solution), I really need help! Its either too technical for me to figure out or the PC is still infected and has compromised McAfee to show all clear when it isnt?Please note I'm not tech savvey and please be patient if I ask somewhat dumb questions? Thanks

 

Ipconfig/all log

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>ipconfig/all
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Deans-Comp
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-3B-6F-6F-D1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigab
it Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 1C-6F-65-21-0D-B4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7d13:3100:e80a:bd21%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.210(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 09 July 2016 13:48:20
   Lease Expires . . . . . . . . . . : 10 July 2016 13:48:20
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 236744549
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7E-C1-98-1C-6F-65-21-0D-B4
 
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3B6F6FD1-ED10-464C-936B-7A67794D517F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 

 

C:\Windows\system32>
 

MiniToolBox Log

MiniToolBox by Farbar  Version: 17-06-2016
Ran by DE (administrator) on 09-07-2016 at 12:43:23
Running from "C:\Users\DE\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: P55-US3L Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
127.0.0.1       localhost
========================= IP Configuration: ================================
 
Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20) = Local Area Connection (Connected)
TAP-Win32 Adapter V9 = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Deans-Comp
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-3B-6F-6F-D1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
   Physical Address. . . . . . . . . : 1C-6F-65-21-0D-B4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7d13:3100:e80a:bd21%10(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.210(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 09 July 2016 12:40:06
   Lease Expires . . . . . . . . . . : 10 July 2016 12:40:05
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 236744549
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-7E-C1-98-1C-6F-65-21-0D-B4
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{3B6F6FD1-ED10-464C-936B-7A67794D517F}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  bthub.home
Address:  192.168.1.254
 
Name:    google.com
Addresses:  2a00:1450:4009:80f::200e
 216.58.213.174
 
Ping request could not find host google.com. Please check the name and try again.
Server:  bthub.home
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 98.139.183.24
 206.190.36.45
 98.138.253.109
 
Ping request could not find host yahoo.com. Please check the name and try again.
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 ff 3b 6f 6f d1 ......TAP-Win32 Adapter V9
 10...1c 6f 65 21 0d b4 ......Realtek RTL8168D/8111D Family PCI-E Gigabit Ethernet NIC (NDIS 6.20)
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254    192.168.1.210     10
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.210    266
    192.168.1.210  255.255.255.255         On-link     192.168.1.210    266
    192.168.1.255  255.255.255.255         On-link     192.168.1.210    266
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.210    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.210    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 10    266 fe80::/64                On-link
 10    266 fe80::7d13:3100:e80a:bd21/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
 
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 pcapwsp.dll [File Not found] (Proxy Labs)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/08/2016 10:46:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5726d98c
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0xf44
Faulting application start time: 0xNvStreamNetworkService.exe0
Faulting application path: NvStreamNetworkService.exe1
Faulting module path: NvStreamNetworkService.exe2
Report Id: NvStreamNetworkService.exe3
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000438,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002B8EE40.72).  hr = 0x80070005, Access is denied.
.
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000834,(null),0,REG_BINARY,000000000337E1D0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {01a2cc8b-8136-4595-bd5a-117459dc99e0}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000ddc,(null),0,REG_BINARY,00000000088DE3F0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {91dd172b-6855-4a4f-adc8-ace50a137f89}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001F2ED20.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a73922ce-16dd-4c5c-b91f-fb4a6f082181}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001b0,(null),0,REG_BINARY,000000000203E920.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {c1bcde56-d7aa-48a6-92dd-aaa0960586d9}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000834,(null),0,REG_BINARY,000000000337E1D0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {01a2cc8b-8136-4595-bd5a-117459dc99e0}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001c8,(null),0,REG_BINARY,000000000246F3A0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {d9c3c1f7-db46-4db4-abf3-506bae1ed4fb}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000ddc,(null),0,REG_BINARY,00000000088DE3F0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {91dd172b-6855-4a4f-adc8-ace50a137f89}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001F2ED20.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a73922ce-16dd-4c5c-b91f-fb4a6f082181}
 
 
System errors:
=============
Error: (07/09/2016 12:41:07 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/09/2016 12:40:08 PM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
Error: (07/09/2016 01:19:33 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
Error: (07/09/2016 01:18:02 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (07/09/2016 01:17:37 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
Error: (07/09/2016 01:15:25 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/09/2016 01:14:52 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/09/2016 01:09:11 AM) (Source: Application Popup) (User: )
Description: \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/09/2016 01:04:27 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.
 
Error: (07/09/2016 12:48:02 AM) (Source: Service Control Manager) (User: )
Description: The McAfee SiteAdvisor Service service failed to start due to the following error: 
%%2 = The system cannot find the file specified.
 
 
 
Microsoft Office Sessions:
=========================
Error: (07/08/2016 10:46:41 PM) (Source: Application Error)(User: )
Description: NvStreamNetworkService.exe7.1.2071.13385726e00cMessageBus.dll0.0.0.05726d98cc00000050000000000010f73f4401d1d9622efb10d8C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll74771f9e-4555-11e6-8c83-1c6f65210db4
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000438,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0000000002B8EE40.72)0x80070005, Access is denied.
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000834,(null),0,REG_BINARY,000000000337E1D0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {01a2cc8b-8136-4595-bd5a-117459dc99e0}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000ddc,(null),0,REG_BINARY,00000000088DE3F0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {91dd172b-6855-4a4f-adc8-ace50a137f89}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001F2ED20.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a73922ce-16dd-4c5c-b91f-fb4a6f082181}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000001b0,(null),0,REG_BINARY,000000000203E920.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {c1bcde56-d7aa-48a6-92dd-aaa0960586d9}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000834,(null),0,REG_BINARY,000000000337E1D0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {01a2cc8b-8136-4595-bd5a-117459dc99e0}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x000001c8,(null),0,REG_BINARY,000000000246F3A0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {d9c3c1f7-db46-4db4-abf3-506bae1ed4fb}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000ddc,(null),0,REG_BINARY,00000000088DE3F0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
   Writer Name: MSSearch Service Writer
   Writer Instance ID: {91dd172b-6855-4a4f-adc8-ace50a137f89}
 
Error: (07/08/2016 05:28:45 PM) (Source: VSS)(User: )
Description: RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001F2ED20.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {a73922ce-16dd-4c5c-b91f-fb4a6f082181}
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-07-09 01:09:11.525
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-07-09 01:09:11.447
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2016-03-28 23:16:10.207
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-28 23:16:10.129
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-28 23:16:10.034
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-03-28 23:16:09.940
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
888casino (HKLM-x32\...\888casino) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Alien Shooter (HKLM-x32\...\Alien Shooter_is1) (Version:  - My Real Games Ltd)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
AnyRail5 (HKLM-x32\...\{D28B1ACE-B6C5-47EA-8261-76AA9973D512}) (Version: 5.25.2 - DRail Modelspoor Software) Hidden
AnyRail5 (HKLM-x32\...\AnyRail5 5.25.2) (Version: 5.25.2 - DRail Modelspoor Software)
AnyRail6 (HKLM-x32\...\{7E1BC4D8-E575-4107-99AA-7ED028D50CD5}) (Version: 6.1.6 - DRail Modelspoor Software) Hidden
AnyRail6 (HKLM-x32\...\AnyRail6 6.1.6) (Version: 6.1.6 - DRail Modelspoor Software)
Apotheon (HKLM-x32\...\Steam App 208750) (Version:  - Alientrap)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Banished 1.0 (HKLM-x32\...\Banished 1.0) (Version: 1.0 - Cat-A-Cat)
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
Besiege (HKLM-x32\...\Steam App 346010) (Version:  - Spiderling Studios)
Blitzkrieg 2 (HKLM-x32\...\Blitzkrieg 2) (Version:  - )
Blitzkrieg Burning Horizon (HKLM-x32\...\Blitzkrieg Burning Horizon) (Version:  - )
Botanicula (HKLM-x32\...\Botanicula) (Version: 1.0 - Amanita Design, s.r.o.)
BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version:  - )
Capsized (HKLM-x32\...\Capsized_is1) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DarthMod: Shogun II (v2.4)  (HKLM-x32\...\DarthMod: Shogun II (v2.4) ) (Version:  - )
DawnOfWar (HKLM-x32\...\{362D5167-9716-44BE-89FD-BF9EB6EF814B}) (Version: 1.00.00000 - THQ) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.88 - DivX, LLC)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
EB Documentation 1.1 (HKLM-x32\...\EB Documentation_is1) (Version:  - Europa Barbarorum)
EB Trivial Script 0.125 (HKLM-x32\...\EB Trivial Script_is1) (Version:  - EuropaBarbarorum)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.22.2 - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVGA Precision 1.9.5 (HKLM-x32\...\Precision) (Version: 1.9.5 - EVGA Corporation)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
Express Zip File Compression Software (HKLM-x32\...\ExpressZip) (Version:  - NCH Software)
Fallout 3 (HKCU\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version:  - )
Free Audio CD Burner version 1.4.7 (HKLM-x32\...\Free Audio CD Burner_is1) (Version:  - DVDVideoSoft Limited.)
Free Studio version 5.1.5 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free WebM Video Converter version 5.0.21.1212 (HKLM-x32\...\Free WebM Video Converter_is1) (Version: 5.0.21.1212 - DVDVideoSoft Ltd.)
Free YouTube Download 3 version 3.0.11.727 (HKLM-x32\...\Free YouTube Download 3_is1) (Version:  - DVDVideoSoft Limited.)
Free YouTube Download version 3.2.59.525 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.59.525 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.19.602 - Digital Wave Ltd)
GetFLV 9.3.1.8 (HKLM-x32\...\GetFLV_is1) (Version:  - GetFLV, Inc.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKCU\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
GPL MPEG-1/2 DirectShow Decoder Filter (HKLM-x32\...\{870815CA-6B60-47B6-88DD-A67F42D2F03E}) (Version: 0.1.2 - Peter Wimmer)
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8302}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\{5454083B-1308-4485-BF17-111000038701}) (Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
HardSexTube Video Downloader 3.12 (HKLM-x32\...\HardSexTube Video Downloader_is1) (Version:  - DownloadToolz, Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.14.265 - SurfRight B.V.)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kastor - All Video Downloader V 4.99.0 (HKLM-x32\...\{CB84FEF5-C573-4328-B9AF-B28568A4E10E}_is1) (Version: 4.99.0.0 - KastorSoft)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Lifeless Planet 1.0 (HKLM-x32\...\Lifeless Planet 1.0) (Version: 1.0 - Stage 2 Studios)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - )
Little Inferno (worldplaycity.blogspot.com) 1.00 (HKLM-x32\...\Little Inferno (worldplaycity.blogspot.com) 1.00) (Version: 1.00 - Free Game Download)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version:  - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mandelbrot Explorer 3 (HKLM-x32\...\{5999E969-B302-4F85-A1D3-E9A95841EB11}_is1) (Version:  - JRO Software)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.00 - Electronic Arts, Inc.)
McAfee AntiVirus Plus (HKLM-x32\...\MSC) (Version: 14.0.9042 - McAfee, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
McAfee Virtual Technician (HKLM-x32\...\McAfee Virtual Technician) (Version: 6.5.0.2101 - McAfee, Inc.)
Medieval II Total War (HKLM-x32\...\{C0698BDA-0D29-40EE-8570-A31106DF9AB1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (HKLM-x32\...\{75983B66-804C-40D1-BA13-64DAF652A6F1}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Britannia (HKLM-x32\...\{CEDDEE73-3D36-41C2-AA40-29355D9FBD63}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Crusades (HKLM-x32\...\{02A10468-2F1C-447C-AD8E-4DEDDEA25AE2}) (Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Teutonic (HKLM-x32\...\{7AEE1963-7001-4C37-BC20-2FAEB74AA41C}) (Version: 1.03.000 - SEGA)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007F-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# .NET Redistributable Package 1.1 (HKLM-x32\...\{1A655D51-1423-48A3-B748-8F5A0BE294C8}) (Version: 1.1.4322 - Microsoft)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version:  - Monolith Productions, Inc.)
Minecraft Cracked (HKLM-x32\...\Minecraft Cracked) (Version:  - )
Minecraft1.5.1 (HKLM-x32\...\Minecraft1.5.1) (Version:  - )
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Mount&Blade With Fire and Sword (HKLM-x32\...\Mount&Blade With Fire and Sword) (Version:  - )
Mozilla Firefox 47.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-GB)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.5 - Black Tree Gaming)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 3.6.1.11 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 365.19 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 365.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.19 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Supersonic Sled demo (HKLM-x32\...\Supersonic Sled) (Version:  - )
ObjectDock Free (HKLM-x32\...\{2C13F8C1-570B-42A9-87B4-8C7903ECD602}) (Version: 2.0 - Stardock Corporation) Hidden
ObjectDock Free (HKLM-x32\...\ObjectDock Free) (Version: 2.0 - Stardock Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version:  - Timeslip)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenIV (HKCU\...\OpenIV) (Version: 2.6.4.642 - .black/OpenIV Team)
OpenVPN 2.2.1 (HKLM-x32\...\OpenVPN) (Version: 2.2.1 - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
OverTargetMarkers Editor (HKLM-x32\...\{542D5531-35D9-2A4C-1B0E-7B5024B85494}) (Version: 1.2.0 - UNKNOWN) Hidden
OverTargetMarkers Editor (HKLM-x32\...\com.nicolasprof.OTMEditor) (Version: 1.2.0 - UNKNOWN)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.05.00710 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.1.8.11883 - Sony Computer Entertainment Inc.)
Porrasturvat - Stair Dismount (HKLM-x32\...\Porrasturvat - Stair Dismount) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
ProxyCap (HKLM\...\{BC197613-6038-4B11-ACD0-4649F59094FC}) (Version: 5.0.16 - Proxy Labs)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Rainmeter (remove only) (HKLM-x32\...\Rainmeter) (Version:  - )
Razer Lycosa (HKLM-x32\...\{E0FA1DC5-FEBF-4E7B-8FA3-DB94233E952D}) (Version: 3.00.0000 - Razer USA Ltd.)
Recruitment Viewer 0.9 (HKLM-x32\...\Recruitment Viewer_is1) (Version:  - EuropaBarbarorum)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version:  - Tripwire)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
Rome - Total War™ (HKLM-x32\...\{4089999C-6CB7-4F9D-A2F6-DB158DBF91FB}) (Version: 1.2 - Activision) Hidden
SCARM 0.9.32 beta (HKLM-x32\...\{9BF3D390-A0AD-4733-AFC8-18E306B8E219}_is1) (Version: 0.9.32 - Milen Peev)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Slice Audio File Splitter (HKLM-x32\...\Slice) (Version:  - NCH Software)
Slime Rancher (HKLM\...\Steam App 433340) (Version:  - Monomi Park)
Stainless Steel (HKCU\...\Stainless Steel) (Version:  - )
Stainless Steel 3.2 Patch Final (HKCU\...\Stainless Steel 3.2 Patch Final) (Version:  - )
Stainless_Steel_6.0_Part1of2 (HKCU\...\Stainless_Steel_6.0_Part1of2) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Long Dark (HKLM-x32\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
Third Age - Total War 1.0 Part1 (HKCU\...\Third Age - Total War 1.0 Part1) (Version:  - )
Third Age - Total War 1.0 Part2 (HKCU\...\Third Age - Total War 1.0 Part2) (Version:  - )
Third Age - Total War 3.0 (Part 1of2) (HKCU\...\Third Age - Total War 3.0 (Part 1of2)) (Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKCU\...\Third Age - Total War 3.0 (Part 2of2)) (Version:  - )
Third Age - Total War Hotfix1 (HKCU\...\Third Age - Total War Hotfix1) (Version:  - )
Third Age - Total War Patch 1.1 (HKCU\...\Third Age - Total War Patch 1.1) (Version:  - )
Third Age - Total War Patch 1.2 (HKCU\...\Third Age - Total War Patch 1.2) (Version:  - )
Third Age - Total War Patch 1.3 (HKCU\...\Third Age - Total War Patch 1.3) (Version:  - )
Third Age - Total War Patch 1.4 (HKCU\...\Third Age - Total War Patch 1.4) (Version:  - )
thriXXX 3DSexVilla2-114.001 (HKLM-x32\...\3DSexVilla2-114.001) (Version:  - )
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total War: ATTILA (HKLM-x32\...\Steam App 325610) (Version:  - Creative Assembly)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Truck Dismount (remove only) (HKLM-x32\...\Rekkaturvat) (Version:  - )
Undertale (HKLM\...\Steam App 391540) (Version:  - tobyfox)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Universe Sandbox) (Version:  - )
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.0.0.0 - Azureus Software, Inc.)
Vuze Remote Toolbar v8.6 (HKLM-x32\...\{C97C129B-2DA6-4248-AA50-94CB0F96CC16}) (Version: 8.6 - Spigot, Inc.)
War Thunder Launcher 1.0.1.302 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - 2013 Gaijin Entertainment Corporation)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
WebCam (HKLM-x32\...\{ED1674F5-5165-49BF-B546-AE5343111540}) (Version: 5.1.0.0 - ETRON)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812CT}_is1) (Version:  - Wargaming.net)
World of Tanks - Common Test (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT1}_is1) (Version:  - Wargaming.net)
World of Tanks - Physics Preview (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C8PD}_is1) (Version:  - Wargaming.net)
World of Tanks 0.7.0_test1 (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version:  - Wargaming.net)
World of Tanks v.0.7.4_CT (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT}_is1) (Version:  - Wargaming.net)
World War I (HKLM-x32\...\Steam App 361380) (Version:  - Dark Fox)
XPS2OneNote (HKLM-x32\...\{6DD7A9DA-6732-47D2-8362-6A12BD0EA053}) (Version: 1.1.0 - CodePlex)
XTrkCAD 4.2.3b (HKLM-x32\...\XTrkCAD 4.2.3b) (Version: 4.2.3b - http://www.xtrkcad.org)
Your Freedom 20111109-01 (HKLM-x32\...\Your_Deploy_0) (Version:  - )
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 26%
Total physical RAM: 8187.49 MB
Available physical RAM: 6047.64 MB
Total Virtual: 16373.17 MB
Available Virtual: 14199.45 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:465.66 GB) (Free:105.87 GB) NTFS
4 Drive e: (Samsung HD 1.36TB) (Fixed) (Total:1397.26 GB) (Free:742.83 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DEANS-COMP
 
Administrator            ASPNET                   DE                       
Guest                    Irene                    
 
========================= Minidump Files ==================================
 
C:\Windows\Minidump\031616-28329-01.dmp
C:\Windows\Minidump\091415-24632-01.dmp
========================= Restore Points ==================================
 
08-07-2016 16:26:04 Checkpoint by HitmanPro
08-07-2016 16:26:59 Checkpoint by HitmanPro
08-07-2016 22:32:29 Restore Operation
 
**** End of log ****

 

 

 

ComboFix Log

ComboFix 16-06-30.01 - DE 09/07/2016   0:54.3.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.44.1033.18.8187.5874 [GMT 1:00]
Running from: c:\users\DE\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
FW: McAfee Firewall *Disabled* {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\WavePad Sound Editor.lnk
c:\users\DE\AppData\Roaming\Microsoft\~DFKe9654c.tmp
c:\users\DE\AppData\Roaming\Microsoft\1eaadjc.dll
c:\users\DE\AppData\Roaming\Microsoft\bass.dll
c:\users\DE\AppData\Roaming\Microsoft\engine_vx.dll
c:\users\DE\AppData\Roaming\Microsoft\kfgresk.dll
c:\users\DE\AppData\Roaming\Microsoft\peaadje.dll
c:\users\DE\AppData\Roaming\Microsoft\qwadjb.dll
c:\users\DE\AppData\Roaming\Microsoft\rsaadjd.dll
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
E:\install.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
-------\Service_pcCMService
.
.
(((((((((((((((((((((((((   Files Created from 2016-06-09 to 2016-07-09  )))))))))))))))))))))))))))))))
.
.
2016-07-09 00:14 . 2016-07-09 00:14 -------- d-----w- c:\users\Public\AppData\Local\temp
2016-07-09 00:14 . 2016-07-09 00:14 -------- d-----w- c:\users\Irene\AppData\Local\temp
2016-07-09 00:14 . 2016-07-09 00:14 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-07-08 16:58 . 2016-07-08 16:58 -------- d-----w- c:\users\DE\AppData\Local\ElevatedDiagnostics
2016-07-08 16:06 . 2016-07-08 22:44 46960 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2016-07-08 16:06 . 2016-07-08 22:35 -------- d-----w- c:\program files\HitmanPro
2016-07-08 16:06 . 2016-07-08 16:29 -------- d-----w- c:\programdata\HitmanPro
2016-06-30 18:09 . 2016-06-30 18:10 -------- d-----w- c:\users\DE\AppData\Roaming\Skype
2016-06-29 18:34 . 2016-06-29 18:34 -------- d-----w- c:\users\Irene\Tracing
2016-06-29 17:28 . 2016-06-29 21:02 -------- d-----w- c:\users\Irene\AppData\Roaming\Skype
2016-06-29 17:28 . 2016-06-29 17:28 -------- d-----r- c:\program files (x86)\Skype
2016-06-29 17:28 . 2016-06-29 17:28 -------- d-----w- c:\program files (x86)\Common Files\Skype
2016-06-29 17:28 . 2016-06-29 18:33 -------- d-----w- c:\programdata\Skype
2016-06-21 15:27 . 2016-06-21 15:27 -------- d-----w- c:\programdata\TomTom
2016-06-21 15:27 . 2016-06-21 15:27 -------- d-----w- c:\users\Irene\AppData\Roaming\TomTom
2016-06-21 15:27 . 2016-06-21 15:27 -------- d-----w- c:\users\Irene\AppData\Local\TomTom
2016-06-21 15:26 . 2016-06-21 15:26 -------- d-----w- c:\program files (x86)\TomTom HOME 2
2016-06-21 15:24 . 2016-06-21 15:24 -------- d-----w- c:\program files (x86)\TomTom International B.V
2016-06-21 15:23 . 2016-06-21 15:23 -------- d-----w- c:\users\Irene\AppData\Local\Downloaded Installations
2016-06-16 19:34 . 2016-06-16 19:34 9717952 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-06-15 19:03 . 2016-05-20 22:18 49664 ----a-w- c:\program files\Internet Explorer\DiagnosticsHub_is.dll
2016-06-12 13:49 . 2016-06-12 13:49 -------- d-----w- c:\users\Irene\AppData\Roaming\NVIDIA
2016-06-12 13:49 . 2016-06-12 13:49 -------- d-----w- c:\users\Irene\AppData\Local\Adobe
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-07-08 23:31 . 2015-07-18 11:59 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2016-07-06 19:04 . 2014-02-11 19:04 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2016-07-06 19:04 . 2011-09-24 14:35 280792 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2016-07-06 18:44 . 2011-02-05 22:53 280856 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2016-07-01 11:33 . 2011-08-07 09:29 24800 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2016-06-16 19:34 . 2012-09-20 23:47 796352 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-06-16 19:34 . 2012-09-20 23:47 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2016-06-15 22:15 . 2010-11-24 14:42 142482544 ----a-w- c:\windows\system32\MRT.exe
2016-05-10 04:07 . 2016-05-23 05:54 959544 ----a-w- c:\windows\system32\NvFBC64.dll
2016-05-10 04:07 . 2016-05-23 05:54 887744 ----a-w- c:\windows\system32\NvIFR64.dll
2016-05-10 04:07 . 2016-05-23 05:54 8673880 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll
2016-05-10 04:07 . 2016-05-23 05:54 751552 ----a-w- c:\windows\SysWow64\NvFBC.dll
2016-05-10 04:07 . 2016-05-23 05:54 695864 ----a-w- c:\windows\SysWow64\NvIFR.dll
2016-05-10 04:07 . 2016-05-23 05:54 678704 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll
2016-05-10 04:07 . 2016-05-23 05:54 571912 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll
2016-05-10 04:07 . 2016-05-23 05:54 502080 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2016-05-10 04:07 . 2016-05-23 05:54 473592 ----a-w- c:\windows\system32\nvumdshimx.dll
2016-05-10 04:07 . 2016-05-23 05:54 42923576 ----a-w- c:\windows\system32\nvcompiler.dll
2016-05-10 04:07 . 2016-05-23 05:54 423360 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2016-05-10 04:07 . 2016-05-23 05:54 423080 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2016-05-10 04:07 . 2016-05-23 05:54 391632 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2016-05-10 04:07 . 2016-05-23 05:54 377792 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2016-05-10 04:07 . 2016-05-23 05:54 37567424 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2016-05-10 04:07 . 2016-05-23 05:54 3234240 ----a-w- c:\windows\system32\nvcuvid.dll
2016-05-10 04:07 . 2016-05-23 05:54 31584704 ----a-w- c:\windows\system32\nvoglv64.dll
2016-05-10 04:07 . 2016-05-23 05:54 2809280 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2016-05-10 04:07 . 2016-05-23 05:54 25346616 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2016-05-10 04:07 . 2016-05-23 05:54 21372456 ----a-w- c:\windows\system32\nvopencl.dll
2016-05-10 04:07 . 2016-05-23 05:54 20914600 ----a-w- c:\windows\system32\nvcuda.dll
2016-05-10 04:07 . 2016-05-23 05:54 1922496 ----a-w- c:\windows\system32\nvdispco6436519.dll
2016-05-10 04:07 . 2016-05-23 05:54 17768992 ----a-w- c:\windows\SysWow64\nvopencl.dll
2016-05-10 04:07 . 2016-05-23 05:54 175552 ----a-w- c:\windows\system32\nvinitx.dll
2016-05-10 04:07 . 2016-05-23 05:54 17362992 ----a-w- c:\windows\SysWow64\nvcuda.dll
2016-05-10 04:07 . 2016-05-23 05:54 17248920 ----a-w- c:\windows\system32\nvd3dumx.dll
2016-05-10 04:07 . 2016-05-23 05:54 1573432 ----a-w- c:\windows\system32\nvdispgenco6436519.dll
2016-05-10 04:07 . 2016-05-23 05:54 153392 ----a-w- c:\windows\SysWow64\nvinit.dll
2016-05-10 04:07 . 2016-05-23 05:54 151368 ----a-w- c:\windows\system32\nvoglshim64.dll
2016-05-10 04:07 . 2016-05-23 05:54 128512 ----a-w- c:\windows\SysWow64\nvoglshim32.dll
2016-05-10 04:07 . 2016-05-23 05:54 12550712 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2016-05-10 04:07 . 2016-05-23 05:54 10566520 ----a-w- c:\windows\system32\nvptxJitCompiler.dll
2016-05-10 04:07 . 2016-03-30 06:22 16449616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2016-05-10 04:07 . 2015-03-28 09:48 3286664 ----a-w- c:\windows\SysWow64\nvapi.dll
2016-05-10 04:07 . 2015-02-10 15:57 14129544 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2016-05-10 04:07 . 2010-07-10 05:38 3714144 ----a-w- c:\windows\system32\nvapi64.dll
2016-05-10 04:07 . 2010-07-10 05:38 19006432 ----a-w- c:\windows\system32\nvwgf2umx.dll
2016-05-09 23:40 . 2011-04-07 22:19 2993088 ----a-w- c:\windows\system32\nvsvc64.dll
2016-05-09 23:40 . 2011-04-07 22:19 6369728 ----a-w- c:\windows\system32\nvcpl.dll
2016-05-09 23:40 . 2016-01-27 14:39 81856 ----a-w- c:\windows\system32\nv3dappshextr.dll
2016-05-09 23:40 . 2016-01-27 14:39 532536 ----a-w- c:\windows\system32\nv3dappshext.dll
2016-05-09 23:40 . 2014-10-26 11:50 2563128 ----a-w- c:\windows\system32\nvsvcr.dll
2016-05-09 23:40 . 2011-04-07 22:19 392128 ----a-w- c:\windows\system32\nvmctray.dll
2016-05-09 23:40 . 2011-04-07 22:19 1201600 ----a-w- c:\windows\system32\nvvsvc.exe
2016-05-09 23:40 . 2010-07-09 16:27 71224 ----a-w- c:\windows\system32\nvshext.dll
2016-05-09 23:26 . 2016-05-23 05:59 112184 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2016-05-06 14:02 . 2012-04-11 23:15 6423191 ----a-w- c:\windows\system32\nvcoproc.bin
2016-05-04 02:23 . 2016-05-23 05:58 129824 ----a-w- c:\windows\SysWow64\vulkan-1.dll
2016-05-04 02:23 . 2016-05-04 02:23 129824 ----a-w- c:\windows\SysWow64\vulkan-1-1-0-11-1.dll
2016-05-04 02:22 . 2016-05-23 05:58 40224 ----a-w- c:\windows\SysWow64\vulkaninfo.exe
2016-05-04 02:22 . 2016-05-04 02:22 40224 ----a-w- c:\windows\SysWow64\vulkaninfo-1-1-0-11-1.exe
2016-05-04 02:22 . 2016-05-23 05:58 130848 ----a-w- c:\windows\system32\vulkan-1.dll
2016-05-04 02:22 . 2016-05-04 02:22 130848 ----a-w- c:\windows\system32\vulkan-1-1-0-11-1.dll
2016-05-04 02:22 . 2016-05-23 05:58 45344 ----a-w- c:\windows\system32\vulkaninfo.exe
2016-05-04 02:22 . 2016-05-04 02:22 45344 ----a-w- c:\windows\system32\vulkaninfo-1-1-0-11-1.exe
2016-05-02 05:39 . 2014-06-04 15:48 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2016-05-02 05:39 . 2013-10-29 01:40 1377800 ----a-w- c:\windows\SysWow64\nvspcap.dll
2016-05-02 05:38 . 2015-11-22 12:53 112032 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll
2016-05-02 05:38 . 2014-06-04 15:48 1756608 ----a-w- c:\windows\system32\nvspbridge64.dll
2016-05-02 05:38 . 2013-10-29 01:40 1767944 ----a-w- c:\windows\system32\nvspcap64.dll
2016-04-14 13:49 . 2016-05-11 18:06 603648 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2016-04-14 13:21 . 2016-05-11 18:06 647680 ----a-w- c:\windows\system32\d3d10level9.dll
2016-04-14 05:38 . 2016-05-23 05:42 56384 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2016-04-14 05:38 . 2016-05-23 05:42 113216 ----a-w- c:\windows\system32\nvaudcap64v.dll
2016-04-14 05:38 . 2016-05-23 05:42 102976 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_AC04958AF2F55E082018450180D22E1D"="c:\users\DE\AppData\Local\Google\Chrome\Application\chrome.exe" [2016-06-15 941720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2016-05-24 1119472]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-20 595480]
.
c:\users\DE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DS4Windows.lnk - c:\users\DE\Desktop\DS4Windows.exe -m [2016-3-29 3214848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;e:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;e:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Lycosa;Lycosa Keyboard;c:\windows\system32\drivers\Lycosa.sys;c:\windows\SYSNATIVE\drivers\Lycosa.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.150\McCHSvc.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 Origin Client Service;Origin Client Service;e:\program files (x86)\Origin\OriginClientService.exe;e:\program files (x86)\Origin\OriginClientService.exe [x]
R3 Razerlow;Razer Pro|Solutions;c:\windows\system32\drivers\DB3G.sys;c:\windows\SYSNATIVE\drivers\DB3G.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbet;USB 2.0 PC CAMERA;c:\windows\system32\DRIVERS\ETdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ETdrv.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\users\DE\Desktop\temps\WinRing0x64.sys;c:\users\DE\Desktop\temps\WinRing0x64.sys [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 BT Help Wizard;BT Help Wizard;c:\program files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe;c:\program files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\MAHostService.exe [x]
R4 MBAMScheduler;MBAMScheduler;e:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;e:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R4 pcCMService64;pcCMService64;c:\program files\Common Files\Motive\pcCMService.exe;c:\program files\Common Files\Motive\pcCMService.exe [x]
R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 DigitalWave.Update.Service;Digital Wave Update Service;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe;c:\program files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McBootDelayStartSvc;McAfee Boot Delay Start Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mccspsvc;McAfee CSP Service;c:\program files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe;c:\program files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfemms;McAfee Service Controller;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe;c:\program files\Common Files\McAfee\SystemCore\\mfemms.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 ModuleCoreService;McAfee Module Core Service;c:\program files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe;c:\program files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 pcapsvc;ProxyCap Service;e:\program files\Proxy Labs\ProxyCap\pcapsvc.exe;e:\program files\Proxy Labs\ProxyCap\pcapsvc.exe [x]
S2 PEFService;Intel Security PEF Service;c:\program files\Common Files\Intel Security\PEF\CORE\PEFService.exe;c:\program files\Common Files\Intel Security\PEF\CORE\PEFService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 mfeaack;McAfee Inc. mfeaack;c:\windows\system32\drivers\mfeaack.sys;c:\windows\SYSNATIVE\drivers\mfeaack.sys [x]
S3 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 NvStreamNetworkSvc;NVIDIA Streamer Network Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   SSDPSRV upnphost SCardSvr QWAVE wcncsvc
.
Contents of the 'Scheduled Tasks' folder
.
2016-07-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-20 19:34]
.
2016-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3815836669-2017180766-4137048338-1000Core.job
- c:\users\DE\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 23:56]
.
2016-07-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3815836669-2017180766-4137048338-1000UA.job
- c:\users\DE\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-30 23:56]
.
2016-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3815836669-2017180766-4137048338-1006Core.job
- c:\users\Irene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 17:02]
.
2016-07-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3815836669-2017180766-4137048338-1006UA.job
- c:\users\Irene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-12 17:02]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2016-05-02 2398776]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-05-02 1767944]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com.pk
mDefault_Page_URL = hxxp://www.worldplaycity.blogspot.com
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\System32\blank.htm
uInternet Settings,ProxyOverride = localhost;127.0.0.1
IE: E&xport to Microsoft Excel - e:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - c:\users\DE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - e:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\DE\AppData\Roaming\Mozilla\Firefox\Profiles\k5ta0gia.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.uk/
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
AddRemove-888casino - c:\progra~2\CASINO~1\UNWISE.EXE
AddRemove-DarthMod: Shogun II (v2.4) - c:\program files (x86)\Steam\steamapps\common\total war shogun 2\Uninstall DarthMod Shogun 2.exe
AddRemove-EB Documentation_is1 - c:\program files (x86)\Activision\Rome - Total War\EB Documentation\unins000.exe
AddRemove-EB Trivial Script_is1 - c:\program files\Activision\Rome - Total War\EBTrivialScript\unins000.exe
AddRemove-Free Studio_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-Free WebM Video Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-Free YouTube Download 3_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-HardSexTube Video Downloader_is1 - e:\program files (x86)\DownloadToolz\HardSexTube Video Downloader\unins000.exe
AddRemove-McAfee Virtual Technician - c:\program files (x86)\McAfee\Supportability\MVT\MVTInstaller.exe
AddRemove-NSS - c:\progra~2\NORTON~2\Engine\361~1.11\InstWrap.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_hos.exe
AddRemove-Uninstall_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\unins000.exe
AddRemove-WinGimp-2.0_is1 - c:\program files (x86)\GIMP-2.0\setup\unins000.exe
AddRemove-Your_Deploy_0 - e:\program files (x86)\Your Freedom\Uninstall.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1 - e:\games\World_of_Tanks_closed_Beta\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT1}_is1 - e:\program files (x86)\World_of_Tanks_CT2\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C8CT}_is1 - e:\games\World_of_Tanks\unins000.exe
AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C8PD}_is1 - e:\games\World_of_Tanks_closed_Beta\unins001.exe
AddRemove-{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1 - c:\program files (x86)\WarThunder\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3815836669-2017180766-4137048338-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:71,f1,ad,67,39,7f,0a,10,8f,a4,fa,1c,de,69,fd,47,34,d3,42,45,70,1a,ad,
   18,c9,9c,37,43,22,f2,77,cb,19,40,c6,25,dd,ea,8a,28,63,a1,ec,bd,4a,b7,2a,35,\
"??"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
.
[HKEY_USERS\S-1-5-21-3815836669-2017180766-4137048338-1000\Software\SecuROM\License information*]
"datasecu"=hex:7b,0c,ae,25,77,e8,b5,3b,33,63,50,a1,8c,a0,7c,fd,72,11,ee,b7,2b,
   7b,18,64,94,e1,d6,b2,42,d5,bc,62,5c,d8,25,c8,81,8b,fb,48,36,22,16,f0,dc,7c,\
"rkeysecu"=hex:cf,fd,36,ed,8f,83,8f,67,d5,d5,68,a4,04,da,e7,c7
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_192_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_22_0_0_192_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_22_0_0_192_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_22_0_0_192_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.22"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_22_0_0_192.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\users\DE\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\program files (x86)\Windows Media Player\wmplayer.exe
.
**************************************************************************
.
Completion time: 2016-07-09  01:39:35 - machine was rebooted
ComboFix-quarantined-files.txt  2016-07-09 00:39
.
Pre-Run: 113,678,925,824 bytes free
Post-Run: 113,584,967,680 bytes free
.
- - End Of File - - C5C20C859540E2C20D4EB5B2E9C6B3E8
8F558EB6672622401DA993E1E865C861

 

 
 
 

FSS Log

Farbar Service Scanner Version: 27-01-2016
Ran by DE (administrator) on 08-07-2016 at 18:48:06
Running from "C:\Users\DE\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 
Thanks a million for reading!


BC AdBot (Login to Remove)

 


#2 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 08:25 AM

Sorry for multiple topics, the laptop I am having to use is very old and it seemed to fail to post this original topic and I tried again to find it had posted them all! - Sorry about that!

 

Anyway this topic has all the log reports :) 

 

Any support would be welcome and most appreciated!

 

One thing I forgot to add to my post was that I even tried to roll it back to a previous restore point but no luck there either :(

 

Thanks guys



#3 JohnC_21

JohnC_21

  • Members
  • 24,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 AM

Posted 09 July 2016 - 08:29 AM

Your Winsock is broken. Open an elevated Command Prompt. Type CMD in the search box and Right Click > Run As Administrator. Type the following command.

netsh winsock reset

Reboot.


Edited by JohnC_21, 09 July 2016 - 08:29 AM.


#4 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 08:30 AM

Thanks for the swift reply! I've tried that but still no luck. But I'll do it again now and let you know :)



#5 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 08:35 AM

Booted back up, but still "..server DNS address could not be found" and I've tried launching Steam (game thing) to see if that can get access but nothing



#6 JohnC_21

JohnC_21

  • Members
  • 24,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 AM

Posted 09 July 2016 - 08:39 AM

Have you set your adapter to obtain DNS addresses automatically?

 

http://www.sevenforums.com/tutorials/15037-dns-addressing-how-change-windows-7-a.html

 

I would also run this command in an elevated command prompt and reboot.

netsh int ip reset c:\resetlog.txt

Edit: If the above does not work then download Windows All in One Repair and only check Repair Winsock and DNS cache.

 

http://www.bleepingcomputer.com/download/windows-repair-all-in-one/


Edited by JohnC_21, 09 July 2016 - 08:41 AM.


#7 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 08:46 AM

Yeah I've ensured that the obtain DNS in ipv4 and ipv6 (just in case) are all set at "automatic"

 

Just can the command and rebooted, still no access unfortunately 



#8 JohnC_21

JohnC_21

  • Members
  • 24,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 AM

Posted 09 July 2016 - 08:56 AM

See my edited post and select the Winsock and DNS cache repair. I had one person fail on the winsock reset but after using Windows All in One Repair they were able to connect.

 

If Windows All in One Repair fails then download Net Adapter All in One Repair and select Advanced Repair. Also check the box next to Change to Google DNS and Flush DNS cache.

 

ComboFix is not to be run unless advised by malware removal experts. It may have broken something. ComboFix usually gives a log but I am not familiar with it or how to recover. If the above does not help you may want to post in the Virus Removal Forum where they can see your ComboFix log if available.



#9 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 09:05 AM

Ah I'll do that now and let you know the results once its done :)



#10 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 10:50 AM

I've ran Windows All in One Repair and I can now connect to the internet! :)

 

Thank you so, so much!

 

Should I just leave it at that or is there anything else I should/could do?

 

Windows All in One Repair advised to run it twice, is that necessary? I dont mind doing it again however.

 

Thanks



#11 JohnC_21

JohnC_21

  • Members
  • 24,676 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:52 AM

Posted 09 July 2016 - 11:02 AM

Your Welcome and glad you are up and running. If you can connect to the internet there is nothing else to do. I would not run the All in One Repair again if everything is now fine.



#12 BigWezz

BigWezz
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:12:52 PM

Posted 09 July 2016 - 11:10 AM

No problem then I'll leave it at that.

 

And again, thank you very much






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users