Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Account being accessed from other countries


  • Please log in to reply
25 replies to this topic

#1 1995Pandbear

1995Pandbear

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 24 July 2016 - 03:49 AM

Hello,

I have been on steam for 3-4 years now. From May 17, 2016, I have been getting emails about my account being accessed from different IP address or different area with right user ID and password. I have been following the guidelines which were changing my password which I did and so far I have done it five times because someone kept trying to access it from random countries with the right password. I also ran Microsoft Security Essentials and Spybot free version and there has been nothing major shown on it. Therefore, I am not sure what to do. I have also filled ticket on steam too.

 

This is the information of the places where it has been attempted to access my account from.

 

1) May 17 2016 at 2:29am from

IP address: 201.151.151.222

City name: Guadalajara

State name: Jalisco

Country name: MX

 

2) June 26 2016 at 10:08 am from

IP address: 123.171.116.53

City name: Tengzhou

State name: Shandong

Country name: CN

 

3) July 11 2016 2:00am from

IP address: 128.199.182.203

City name: Singapore

State name: Singapore

Country name: SG

 

4) July 21 2016 10:58am from

IP address: 182.73.175.130

City name: Pune

State name: Maharashtra

Country name: IN

 

5) July 24 2016 16:30pm from

IP address: 92.255.187.219

City name: Omsk

State name: Omskaya oblast'

Country name: RU

 

I am not sure what to do and bit nervous about my other accounts like finance and such. Thank you for taking your time and reading this forum.

 



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:52 PM

Posted 24 July 2016 - 05:35 AM

Adware Cleaner Scan.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

 

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.
  •  

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 Zemana Scan

 

 

Run a full scan with Zemana AntiMalware!

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply

 

NoBot Scan.

 

  • Please download NoBot.
  • Save it to your desktop.
  • Right Click Run As Administrator.
  • Then click the scan button.
  • Allow completion.
  • Then hit file button.
  • Scan Logs.
  • Double click the log and post it here.


#3 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 25 July 2016 - 07:09 AM

I accidentally posted it quite a lot of times 


Edited by 1995Pandbear, 25 July 2016 - 07:13 AM.


#4 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 25 July 2016 - 07:12 AM

Hey, 

Apologies for being slow. I am also new into this so my apologies in advance for making mistakes.

 

 

 

1) Adware Cleaner Scan Log

 

AdwCleaner[C1]

# AdwCleaner v5.201 - Logfile created 25/07/2016 at 19:29:17
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-24.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : ABC - WIN-ACJU26UVNPD
# Running from : C:\Users\ABC\Downloads\adwcleaner_5.201.exe
# Option : Clean
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\apn
[#] Folder Deleted : C:\ProgramData\Application Data\apn
[-] Folder Deleted : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
[-] Folder Deleted : C:\Users\ABC\AppData\Local\CEF

***** [ Files ] *****

[-] File Deleted : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage
[-] File Deleted : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage-journal
[-] File Deleted : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] Key Deleted : HKCU\Software\APN PIP

***** [ Web browsers ] *****

[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mysearch.avg.com
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : websearch.searchesplace.info
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : hamachi.en.softonic.com
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : conduit.search
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : tandfonline.com
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP9E418F40-346F-41E6-95A8-5AD40FA3D15B&SSPV=
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxp://mysearch.avg.com?cid={12D92659-606D-40D5-B381-B78CA1E9C046}&mid=396a4391bdcc47d2b34a591a686a6021-987e9396e414f6850b8c184c1def1f54dd12bd89&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-20 14:15:08&v=3.0.0.2&pid=wtu&sg=&sap=hp
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Deleted : hxxps://mysearch.avg.com?cid={12D92659-606D-40D5-B381-B78CA1E9C046}&mid=396a4391bdcc47d2b34a591a686a6021-987e9396e414f6850b8c184c1def1f54dd12bd89&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-20 14:15:08&v=3.1.0.6&pid=wtu&sg=&sap=hp
[-] [C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : kbfnbcaeplbcioakkpcpgfkobkghlhen
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4147 bytes] - [25/07/2016 19:29:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [4140 bytes] - [25/07/2016 19:27:29]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4293 bytes] ##########

AdwCleaner[S1]

# AdwCleaner v5.201 - Logfile created 25/07/2016 at 19:27:29
# Updated 30/06/2016 by ToolsLib
# Database : 2016-07-24.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : ABC - WIN-ACJU26UVNPD
# Running from : C:\Users\ABC\Downloads\adwcleaner_5.201.exe
# Option : Scan
# Support : https://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Application Data\apn
Folder Found : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
Folder Found : C:\Users\ABC\AppData\Local\CEF

***** [ Files ] *****

File Found : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage
File Found : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbfnbcaeplbcioakkpcpgfkobkghlhen_0.localstorage-journal
File Found : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Found : HKCU\Software\APN PIP
Key Found : HKU\S-1-5-21-137592738-1375449241-4024900648-1000\Software\APN PIP

***** [ Web browsers ] *****

[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : mysearch.avg.com
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : websearch.searchesplace.info
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : hamachi.en.softonic.com
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : conduit.search
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : tandfonline.com
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://search.conduit.com/?ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP9E418F40-346F-41E6-95A8-5AD40FA3D15B&SSPV=
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxp://mysearch.avg.com?cid={12D92659-606D-40D5-B381-B78CA1E9C046}&mid=396a4391bdcc47d2b34a591a686a6021-987e9396e414f6850b8c184c1def1f54dd12bd89&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-20 14:15:08&v=3.0.0.2&pid=wtu&sg=&sap=hp
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Found : hxxps://mysearch.avg.com?cid={12D92659-606D-40D5-B381-B78CA1E9C046}&mid=396a4391bdcc47d2b34a591a686a6021-987e9396e414f6850b8c184c1def1f54dd12bd89&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2014-04-20 14:15:08&v=3.1.0.6&pid=wtu&sg=&sap=hp
[C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : kbfnbcaeplbcioakkpcpgfkobkghlhen
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com

*************************

C:\AdwCleaner\AdwCleaner[S1].txt - [3988 bytes] - [25/07/2016 19:27:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4061 bytes] ##########

2) JRT Scan

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 7 Home Premium x64 
Ran by ABC (Administrator) on 25-Jul-16 at 19:42:51.67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 48 

Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00F4UQUR (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XBDD8FK (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TFLYCEI (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4YZV56QF (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78VJMZSI (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQKKBKX0 (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GAR4HN4S (Temporary Internet Files Folder) 
Failed to delete: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHJ7J23A (Temporary Internet Files Folder) 
Successfully deleted: C:\ProgramData\mntemp (File) 
Successfully deleted: C:\Users\ABC\AppData\Local\{22489DC1-8719-473A-8B8E-7F31D66B9D77} (Empty Folder)
Successfully deleted: C:\Users\ABC\AppData\Local\{5F630ECC-C9F7-4532-94DB-4D73A087BA11} (Empty Folder)
Successfully deleted: C:\Users\ABC\AppData\Local\{81ACE047-A81F-4B83-952D-D2D691D229B6} (Empty Folder)
Successfully deleted: C:\Users\ABC\AppData\Local\{A6C1E23C-7E0C-464C-B11F-07028A1F4077} (Empty Folder)
Successfully deleted: C:\Users\ABC\AppData\Local\{E31AD58F-74D2-4722-AD7B-E915AD522DA8} (Empty Folder)
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47WPG1AI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73XGWF0N (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPJZEN80 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GR1OSY70 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4QYQOF4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQTEUYO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PIHCE2U9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\ABC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6ZEPEPC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\prefetch\FREEMAKEERRORREPORTER.EXE-FB3BD252.pf (File) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\00F4UQUR (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XBDD8FK (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3TFLYCEI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\47WPG1AI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4YZV56QF (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\73XGWF0N (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\78VJMZSI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AQKKBKX0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GAR4HN4S (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GPJZEN80 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GR1OSY70 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H4QYQOF4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LPQTEUYO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PIHCE2U9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W6ZEPEPC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZHJ7J23A (Temporary Internet Files Folder) 



Registry: 2 

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25-Jul-16 at 19:46:43.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

3) Adware Removal Tool Scan

 

Repair_Logs_2016_07_25_19_49_15

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 

Adware Removal Tool 5.1
Time: 2016_07_25_19_49_15
OS: Windows 7 Home Premium - x64 Bit
Account Name: ABC
Adware Definition: 07232016
Elapsed time: 07:28
Repair Status:- Automatic Done
\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage

[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal

[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage

[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal

[-] Repaired ->> File ->> C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences


Results from adware

[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage
[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal
[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage
[-] Deleted ->> File ->> C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal
[-] Repaired ->> File ->> C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Scan_Logs_2016_07_25_19_49_15

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * 

Adware Removal Tool 5.1
Time: 2016_07_25_19_49_15
OS: Windows 7 Home Premium - x64 Bit
Account Name: ABC
Adware Definition: 07232016
Elapsed time: 07:28
Scan Status:- Automatic Done

\\\\\\\\\\\\\\\\\\\\\\\ Scan Logs \\\\\\\\\\\\\\\\\\\\\\

File Found : Adware.Youndoo : C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage
File Found : Adware.Youndoo : C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d16fk4ms6rqz1v.cloudfront.net_0.localstorage-journal
File Found : Adware.Youndoo : C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage
File Found : Adware.Youndoo : C:\Users\ABC\Appdata\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal
Browser: Chrome Found : Adware.Conduit : C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences


4)  ZHP Scan

~ ZHPCleaner v2016.7.24.88 by Nicolas Coolman (2016/07/24)
~ Run by ABC (Administrator)  (25/07/2016 20:35:27)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Repair
~ Report : C:\Users\ABC\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\ABC\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)


---\\  Services (0)
~ No malicious or unnecessary items found.


---\\  Browser internet (1)
FOUND PARAMS: ProxyServer [localhost:21320] (User.Validation)


---\\  Hosts file (0)
~ No malicious or unnecessary items found.


---\\  Scheduled automatic tasks. (0)
~ No malicious or unnecessary items found.


---\\  Explorer ( File, Folder) (16)
MOVED file: C:\Users\ABC\Downloads\PCReviverSetup-SpeedTest.exe [ReviverSoft LLC - PC Reviver]  =>.Superfluous.ReviverSoft
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage    =>PUP.Optional.Generic
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal    =>PUP.Optional.Generic
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameoflaughs.com_0.localstorage    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameoflaughs.com_0.localstorage-journal    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameofthrones.wikia.com_0.localstorage    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gameofthrones.wikia.com_0.localstorage-journal    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hawkersaustralia.com_0.localstorage    =>PUP.Optional.Hawker
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_hawkersaustralia.com_0.localstorage-journal    =>PUP.Optional.Hawker
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage    =>PUP.Optional.PutLocker
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_putlocker.is_0.localstorage-journal    =>PUP.Optional.PutLocker
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gameofthronesseason6livestream.com_0.localstorage    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.gameofthronesseason6livestream.com_0.localstorage-journal    =>.Superfluous.IronSourceLtd
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.putlocker.ws_0.localstorage    =>PUP.Optional.PutLocker
MOVED file: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.putlocker.ws_0.localstorage-journal    =>PUP.Optional.PutLocker
MOVED folder: C:\Users\ABC\AppData\Local\Google\Chrome\User Data\Default\File System\008  =>PUP.Optional.DomaIQ


---\\  Registry ( Key, Value, Data) (1)
DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect


---\\  Summary of the elements found (7)
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.ReviverSoft
https://www.anti-malware.top/2016/05/01/definition-dun-logiciel-pup-lpi/  =>PUP.Optional.Generic
https://www.anti-malware.top/2016/05/02/superfluous-ironsourceltd/  =>.Superfluous.IronSourceLtd
http://www.nicolascoolman.fr/?p=4664  =>PUP.Optional.Hawker
http://www.nicolascoolman.fr/?p=134  =>PUP.Optional.PutLocker
http://www.nicolascoolman.fr/?p=679  =>PUP.Optional.DomaIQ
https://www.anti-malware.top/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect


---\\  Other deletions. (2)
~ Registry Keys Tracing deleted (2)
~ Remove the old reports ZHPCleaner. (0)


---\\ Result of repair
~ Repair carried out successfully
~ Browser not found (Mozilla Firefox)
~ Browser not found (Opera Software)


---\\ Statistics
~ Items scanned : 214
~ Items found : 1
~ Items cancelled : 0
~ Items repaired : 17


~ End of clean in 00h00mn08s
~====================
ZHPCleaner-[R]-25072016-20_35_35.txt
ZHPCleaner-[S]-25072016-20_24_53.txt
ZHPCleaner-[S]-25072016-20_25_30.txt
ZHPCleaner-[S]-25072016-20_25_49.txt
ZHPCleaner-[S]-25072016-20_26_17.txt
ZHPCleaner-[S]-25072016-20_32_56.txt

5) Zemana Scan

Zemana AntiMalware 2.21.2.139 (Installed)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016-7-25
Operating System       : Windows 7 64-bit
Processor              : 4X Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
BIOS Mode              : Legacy
CUID                   : 1223BD3C92F5D47D26B3A2
Scan Type              : Deep Scan
Duration               : 30m 16s
Scanned Objects        : 305399
Detected Objects       : 6
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Proxy Enabled (User)
Status             : Scanned
Object             : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Repair
Related Objects    :
                Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyEnable = enabled

Proxy Server (User)
Status             : Scanned
Object             : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Setting
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer = localhost:21320

Chrome Shortcut
Status             : Scanned
Object             : --app-id=ennkphjdgehloodpbhlhldgbnhmacadg
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Browser Setting
Cleaning Action    : Repair
Related Objects    :
                Browser Setting - Chrome Shortcut

FreemakeVideoConverterSetup.exe
Status             : Scanned
Object             : %userprofile%\downloads\freemakevideoconvertersetup.exe
MD5                : 91612EB87726B4131301530C72F666D3
Publisher          : Ellora Assets Corporation
Size               : 1271792
Version            : 4.1.6.5
Detection          : Adware:Win32/OpenCandy
Cleaning Action    : Quarantine
Related Objects    :
                File - %userprofile%\downloads\freemakevideoconvertersetup.exe

JavaIC.dll
Status             : Scanned
Object             : %localappdata%\low\oracle\java\jre1.8.0_101\java_sp\javaic.dll
MD5                : F7F77B64C258C118FC93CF05F5DE6AA4
Publisher          : APN LLC
Size               : 337480
Version            : 7.28.1.4
Detection          : PUA:Win32/AskToolbar.Gen
Cleaning Action    : Quarantine
Related Objects    :
                File - %localappdata%\low\oracle\java\jre1.8.0_101\java_sp\javaic.dll

$R30MTBE.scr
Status             : Scanned
Object             : %homedrive%\$recycle.bin\s-1-5-21-137592738-1375449241-4024900648-1000\$r30mtbe.scr
MD5                : E65FAD6B0D7B84F0CF7A0E9A8B9B2876
Publisher          : -
Size               : 191488
Version            : 0.0.0.0
Detection          : Trojan:MSIL/Generic
Cleaning Action    : Quarantine
Related Objects    :
                File - %homedrive%\$recycle.bin\s-1-5-21-137592738-1375449241-4024900648-1000\$r30mtbe.scr


Cleaning Result
-------------------------------------------------------
Cleaned               : 6
Reported as safe      : 0
Failed                : 0

6) NoBot Scan

-----------------------------------------------------------
' Build Version: 1.0.1.4
' Operating System: Microsoft Windows NT 6.1.7601 Service Pack 1
' Scan Started By: ABC
' Log Created: 25-Jul-16 9:20:25 PM
-----------------------------------------------------------

====================-(Scan Summary)-===================

Files Scanned: 95
Files Found: 0
Registry Items Scanned: 51
Registry Items Found: 0

Total Objects Found: 0


====================-(User Options)-==================
*Checked Suspicious File Paths*
*Scanned Registry Startup*

====================-(Files Found)-===================


===============-(Registry Items Found)-===============


==================-(Files Scanned)-=================

C:\Users\ABC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
C:\Users\ABC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5520 series (Network).lnk
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
C:\Windows\system32\winlogon.exe
C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\smss.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\System32\svchost.exe
C:\Program Files\TrueSuite\TrueSuite.Service.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Users\ABC\Downloads\NoBot.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\lsm.exe
c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\lsass.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Windows\system32\services.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\svchost.exe
C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Sony\VAIO Power Management\SPMService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wininit.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Users\ABC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\ABC\AppData\Local\GDIPFONTCACHEV1.DAT
C:\Users\ABC\AppData\Local\IconCache.db
C:\Users\ABC\AppData\Local\Resmon.ResmonCfg
C:\Users\ABC\AppData\Local\{E64FC8C0-BCC2-436F-9AD6-314AC1260521}

Thank You!! For responding to my forum I hope I got everything you asked for. 



#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:52 PM

Posted 25 July 2016 - 06:25 PM

Malwarebytes Scan.

 

We need you to run MalwareBytes to get a log, please download the free version of MalwareBytes HERE

http://data-cdn.mbamupdates.com/web/mbam-setup-2.2.0.1024.exe  Alternate Link.

Save the file to somewhere you can easily find it. Double click the saved file to start the install, accept any security warnings that may appear, and after the install click the new desktop icon to start the program. We need to modify a couple of things with MalwareBytes before we use it so please follow the steps below.

  1. If the dashboard is not already displayed select it.
  2. Then select "Update Now" to get the latest database.

VSKiiIc.jpg

  1. Next we need to change a scanning option, select "Settings" on the main menu, then "Detection and Protection" on the left.
  2. Then select "Scan for rootkits" in the detection options, as well as the other two options already checked.

ZU4W2g2.jpg

  • Now return to Dashboard on the main menu and select "Scan Now" at the bottom of the screen.

nF8dOcq.jpg

  • Allow MalwareBytes to scan your system, it may take some time depending on what you have loaded onto your hard drive.

L8lsasM.jpg

When the scan is finished

  1. Click "Save Results"
  2. Then click on "Text file"

5x4JOvA.jpg

  • A window will then open allowing you to choose a name for the logfile and also allowing you to choose where to save it, save it to the desktop.
  • Please copy and paste the contents of this file in your next post.

 

 

Eset Online Scanner.

 

Eset Scan

Click Me To Download Eset Scan

Disable your antivirus prior to this scan.
 
 esetonlinebtn.png
 

  •  Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Minitoolbox scan.

 

 

Please download Minitoolbox and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Security Check Scan.

 

Download Security Check to your desktop, right click it run as administrator. When the program completes, the tool will automatically open a log file, please post that log here in your next post.



#6 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 26 July 2016 - 07:34 AM

Malwarebytes Scan.

 

Malware Restory

Malwarebytes Anti-Malware
www.malwarebytes.org


Update, 26-Jul-16 5:45 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Rootkit Database, 2015.9.18.1, 2016.5.27.1, 
Update, 26-Jul-16 5:45 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Remediation Database, 2015.9.16.1, 2016.7.23.1, 
Update, 26-Jul-16 5:45 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, IP Database, 2015.9.21.2, 2016.7.25.1, 
Update, 26-Jul-16 5:46 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Domain Database, 2015.9.22.3, 2016.7.25.6, 
Update, 26-Jul-16 5:46 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, program, 2.2.0.1024, 2.2.1.0, 
Update, 26-Jul-16 5:46 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Malware Database, 2015.9.22.5, 2016.7.26.3, 
Error, 26-Jul-16 7:37 PM, SYSTEM, WIN-ACJU26UVNPD, Protection, ServiceCanRun, 13, 
Protection, 26-Jul-16 7:37 PM, SYSTEM, WIN-ACJU26UVNPD, Protection, Malware Protection, Stopping, 
Protection, 26-Jul-16 7:37 PM, SYSTEM, WIN-ACJU26UVNPD, Protection, Malware Protection, Stopped, 
Update, 26-Jul-16 7:47 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, program, 2.2.0.1024, 2.2.1.0, 
Update, 26-Jul-16 7:47 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Remediation Database, 2015.9.16.1, 2016.7.23.1, 
Update, 26-Jul-16 7:47 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, IP Database, 2015.9.21.2, 2016.7.25.1, 
Update, 26-Jul-16 7:47 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Rootkit Database, 2015.9.18.1, 2016.5.27.1, 
Update, 26-Jul-16 7:47 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Domain Database, 2015.9.22.3, 2016.7.25.6, 
Update, 26-Jul-16 7:48 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Malware Database, 2015.9.22.5, 2016.7.26.3, 
Update, 26-Jul-16 8:02 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Remediation Database, 2016.2.12.1, 2016.7.23.1, 
Update, 26-Jul-16 8:02 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, IP Database, 2016.2.8.1, 2016.7.25.1, 
Update, 26-Jul-16 8:02 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Rootkit Database, 2016.2.8.1, 2016.5.27.1, 
Update, 26-Jul-16 8:02 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Domain Database, 2016.2.16.8, 2016.7.25.6, 
Update, 26-Jul-16 8:03 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Malware Database, 2016.2.16.6, 2016.7.26.3, 
Scan, 26-Jul-16 9:28 PM, SYSTEM, WIN-ACJU26UVNPD, Manual, Start:26-Jul-16 8:12 PM, Duration:54 min 10 sec, Threat Scan, Completed, 0 Malware Detections, 1 Non-Malware Detection, 

(end) 

Malware Scanning

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 26-Jul-16
Scan Time: 8:12 PM
Logfile: Malware Scanning.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.07.26.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: ABC

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 435041
Time Elapsed: 54 min, 10 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 1
PUP.Optional.OpenCandy, C:\Users\ABC\Downloads\FreemakeAudioConverterSetup.exe, Quarantined, [3a6163c53c5e25113171d950946eeb15], 

Physical Sectors: 0
(No malicious items detected)


(end)
 

Eset Online Scanner.

I had issue with that one It kept saying 

 

 

Cannont Update virus signatire database

Make sure your cometure is connected to the internet. If a proxy is used check your proxy configure

 

13631519_1195998573765322_12353248738056

 

My internet is connected and I am not sure what it meant by it. Sorry, I didn't know what to do I am not that great in IT stuff. My real-time protection was disabled too which is part of Microsoft Security Essential

 

 

Minitoolbox scan.

MiniToolBox by Farbar  Version: 17-06-2016
Ran by ABC (administrator) on 26-07-2016 at 21:50:47
Running from "C:\Users\ABC\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: VPCSB36FG Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

There are 15545 entries.

========================= IP Configuration: ================================

Intel(R) Centrino(R) Advanced-N 6230 = Wireless Network Connection (Connected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 2 (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Wireless Network Connection 3 (Media disconnected)
Realtek PCIe GBE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : WIN-ACJU26UVNPD
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F0-BF-97-E6-16-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Physical Address. . . . . . . . . : 88-53-2E-8E-89-CF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physical Address. . . . . . . . . : 88-53-2E-8E-89-CF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Advanced-N 6230
   Physical Address. . . . . . . . . : 88-53-2E-8E-89-CE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::84a0:e54b:cdb:8c5%13(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.103(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, July 26, 2016 9:29:39 PM
   Lease Expires . . . . . . . . . . : Wednesday, July 27, 2016 9:41:16 PM
   Default Gateway . . . . . . . . . : fe80::1%13
                                       192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 294146862
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-32-8B-1B-88-53-2E-8E-89-CE
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{C3636737-CCC6-4144-9CF2-B90B833652A3}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  2404:6800:4006:806::200e
	  216.58.199.78


Pinging google.com [216.58.199.78] with 32 bytes of data:
Reply from 216.58.199.78: bytes=32 time=23ms TTL=55
Reply from 216.58.199.78: bytes=32 time=32ms TTL=55

Ping statistics for 216.58.199.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 23ms, Maximum = 32ms, Average = 27ms
Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
	  2001:4998:c:a06::2:4008
	  2001:4998:58:c02::a9
	  98.139.183.24
	  206.190.36.45
	  98.138.253.109


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=293ms TTL=47
Reply from 98.139.183.24: bytes=32 time=313ms TTL=47

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 293ms, Maximum = 313ms, Average = 303ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 16...f0 bf 97 e6 16 14 ......Realtek PCIe GBE Family Controller
 15...88 53 2e 8e 89 cf ......Microsoft Virtual WiFi Miniport Adapter #2
 14...88 53 2e 8e 89 cf ......Microsoft Virtual WiFi Miniport Adapter
 13...88 53 2e 8e 89 ce ......Intel(R) Centrino(R) Advanced-N 6230
  1...........................Software Loopback Interface 1
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.103     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.103    281
    192.168.1.103  255.255.255.255         On-link     192.168.1.103    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.103    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.103    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.103    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13   4121 ::/0                     fe80::1
  1    306 ::1/128                  On-link
 13    281 fe80::/64                On-link
 13    281 fe80::84a0:e54b:cdb:8c5/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/26/2016 09:29:54 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2016 07:59:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: ProductUpdater.exe, version: 1.0.0.0, time stamp: 0x55769e01
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c79e
Exception code: 0xe0434352
Fault offset: 0x0000c52f
Faulting process id: 0x1544
Faulting application start time: 0xProductUpdater.exe0
Faulting application path: ProductUpdater.exe1
Faulting module path: ProductUpdater.exe2
Report Id: ProductUpdater.exe3

Error: (07/26/2016 07:59:01 PM) (Source: .NET Runtime) (User: )
Description: Application: ProductUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at ProductUpdater.Services.UpdateDownloader.DownloadFileCompleted(System.Object, System.ComponentModel.AsyncCompletedEventArgs)
   at System.Net.WebClient.OnDownloadFileCompleted(System.ComponentModel.AsyncCompletedEventArgs)
   at System.Net.WebClient.DownloadFileOperationCompleted(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at ProductUpdater.App.Main()

Error: (07/26/2016 07:37:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/26/2016 03:19:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: setup.exe_Sony PC Companion, version: 17.0.0.717, time stamp: 0x4cab8cfa
Faulting module name: shdocvw.dll, version: 6.1.7601.18222, time stamp: 0x51f1d730
Exception code: 0xc0000005
Fault offset: 0x00014759
Faulting process id: 0x2014
Faulting application start time: 0xsetup.exe_Sony PC Companion0
Faulting application path: setup.exe_Sony PC Companion1
Faulting module path: setup.exe_Sony PC Companion2
Report Id: setup.exe_Sony PC Companion3

Error: (07/26/2016 03:01:09 PM) (Source: Application Error) (User: )
Description: Faulting application name: ProductUpdater.exe, version: 1.0.0.0, time stamp: 0x55769e01
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19135, time stamp: 0x56a1c79e
Exception code: 0xe0434352
Fault offset: 0x0000c52f
Faulting process id: 0x1200
Faulting application start time: 0xProductUpdater.exe0
Faulting application path: ProductUpdater.exe1
Faulting module path: ProductUpdater.exe2
Report Id: ProductUpdater.exe3

Error: (07/26/2016 03:01:08 PM) (Source: .NET Runtime) (User: )
Description: Application: ProductUpdater.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ComponentModel.Win32Exception
   at System.Diagnostics.Process.StartWithShellExecuteEx(System.Diagnostics.ProcessStartInfo)
   at System.Diagnostics.Process.Start()
   at System.Diagnostics.Process.Start(System.Diagnostics.ProcessStartInfo)
   at ProductUpdater.Services.UpdateDownloader.DownloadFileCompleted(System.Object, System.ComponentModel.AsyncCompletedEventArgs)
   at System.Net.WebClient.OnDownloadFileCompleted(System.ComponentModel.AsyncCompletedEventArgs)
   at System.Net.WebClient.DownloadFileOperationCompleted(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at ProductUpdater.App.Main()

Error: (07/26/2016 01:45:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: PCCompanion.exe, version: 2.1.0.0, time stamp: 0x542d6bfc
Faulting module name: ntdll.dll, version: 6.1.7601.19135, time stamp: 0x56a1c6fa
Exception code: 0xc0000005
Fault offset: 0x00022372
Faulting process id: 0x126c
Faulting application start time: 0xPCCompanion.exe0
Faulting application path: PCCompanion.exe1
Faulting module path: PCCompanion.exe2
Report Id: PCCompanion.exe3

Error: (07/26/2016 01:43:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2016 11:26:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: MapleStory.exe, version: 8.175.1.1, time stamp: 0x57873d1c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x1790
Faulting application start time: 0xMapleStory.exe0
Faulting application path: MapleStory.exe1
Faulting module path: MapleStory.exe2
Report Id: MapleStory.exe3


System errors:
=============
Error: (07/26/2016 09:28:35 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/26/2016 07:38:38 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (07/26/2016 05:52:44 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/26/2016 01:43:48 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (07/26/2016 01:43:48 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (60000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (07/25/2016 07:31:46 PM) (Source: Service Control Manager) (User: )
Description: The Freemake Improver service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/25/2016 07:29:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/25/2016 07:29:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/25/2016 07:29:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.

Module Path: C:\Windows\System32\IWMSSvc.dll

Error: (07/25/2016 07:29:54 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.225.2258.0

	Update Source: %NT AUTHORITY59

	Update Stage: 4.6.0305.00

	Source Path: 4.6.0305.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================
Error: (10/19/2015 06:58:22 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22648 seconds with 4020 seconds of active time.  This session ended with a crash.

Error: (01/28/2015 03:53:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3330 seconds with 1200 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{B1893E3F-9BDF-443F-BED0-1AAA2D9E0D68}) (Version: 2.0.149 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.444 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{3A4170BE-09B7-5658-285E-6D35E9C87101}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AuthenTec TrueSuite (HKLM\...\{81B43AC9-B334-45D0-8D15-0A3642AFBDA1}) (Version: 4.0.100.26 - AuthenTec, Inc.)
AuthenTec WinBio FingerPrint Software (HKLM\...\{20F5F93B-9A27-4508-87B0-BFD7494FBEC4}) (Version: 3.1.0.80 - AuthenTec, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Điều khiển ActiveX Windows Live Mesh dành cho kết nối từ xa (HKLM-x32\...\{4A48F20C-BEE3-4661-B55D-9280D06E5DA3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Freemake Audio Converter version 1.1.0 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.0 - Ellora Assets Corporation)
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.30.3 - Google Inc.) Hidden
Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version:  - Muse Games)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{7137E26A-10F7-4B1C-9980-0893579E92DA}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Product Improvement Study (HKLM\...\{DCC176F0-3CE3-4DA9-8FF9-3809C1B48C47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.69.5 - HTC)
Intel PROSet Wireless (HKLM-x32\...\ProInst) (Version:  - ) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{0EF86E06-C755-4C6F-8E47-2528D0546C0A}) (Version: 1.1.1.0581 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MapleStory (HKLM\...\Steam App 216150) (Version:  - Nexon)
Media Gallery (HKLM\...\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}) (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (HKLM-x32\...\{0F895695-33CC-4203-9C47-25EF2AC9441C}) (Version: 1.7.254 - Sony)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (العربية) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1025) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (简体中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 2052) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (繁體中文) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1028) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.13.4 - OBS Project)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PlayStation(R)Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.05.00710 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.1.8.11883 - Sony Computer Entertainment Inc.)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.6.01.03300 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM\...\{133D3F07-D558-46CE-80E8-F4D75DBBAD63}) (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{8356CB97-A48F-44CB-837A-A12838DC4669}) (Version: 1.6.00.06010 - Sony Corporation) Hidden
PX Profile Update (HKLM-x32\...\{9AE76A96-BF2F-8AB9-46B8-74F1FB68AD4C}) (Version: 1.00.1. - AMD) Hidden
Quick Web Access (HKLM-x32\...\{13EC74A6-4707-4D26-B9B9-E173403F3B08}) (Version: 1.4.6.10 - Sony Corporation) Hidden
Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.6.10 - Sony Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6225 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.80 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{70DE9E60-DE22-4362-B868-1B8922F78C1A}) (Version: 1.1.1.07060 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
SADES 7.1 SOUND EFFECT GAMING HEADSET (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
SADES 7.1 SOUND EFFECT GAMING HEADSET (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392006300}) (Version: 1.00.0001 - )
Skype™ 7.25 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.25.106 - Skype Technologies S.A.)
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Trend Micro Titanium Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 3.0 - Trend Micro Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.18100 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO Care (HKLM\...\{6C8F7FE6-6D5E-49FE-A4EB-6597B41C2BCA}) (Version: 7.0.1.08040 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.0.0.07070 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.0.0.14140 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.7.0.05270 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{BE9E4DD1-6228-46C6-8EF9-42F7A4F6CC9D}) (Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.0.06210 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.0.07080 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.1.0.06030 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.4.0.05310 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.1.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.7.0.07150 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{5BEE8F1F-BD32-4553-8107-500439E43BD7}) (Version: 5.5.0.06290 - Sony Corporation)
VAIO Update Merge Module x64 (HKLM\...\{2106A845-79C0-426B-9B91-9CBEAF3DE0F2}) (Version: 5.5.06290 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{549AD5FB-F52D-4307-864A-C0008FB35D96}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{DF184496-1CA2-4D07-92E7-0BD251D7DEF0}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{71FC647F-E91F-4DD2-BEA4-7B4172015DCE}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (HKLM-x32\...\{A49A517F-5332-4665-922C-6D9AD31ADD4F}) (Version: 1.0.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WMPKeys (HKLM-x32\...\{5D4B3647-9842-4875-B081-EF8D98C02865}) (Version: 1.2.0.0 - lazymf and kbept)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.21.139 - Zemana Ltd.)
بريد Windows Live (HKLM-x32\...\{0A4C4B29-5A9D-4910-A13C-B920D5758744}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM-x32\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)
معرض صور Windows Live (HKLM-x32\...\{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (HKLM-x32\...\{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}) (Version: 15.4.5722.2 - Microsoft Corporation)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 8107.86 MB
Available physical RAM: 4359.29 MB
Total Virtual: 16213.93 MB
Available Virtual: 12320.59 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:452.89 GB) (Free:264.86 GB) NTFS

========================= Users: ========================================

User accounts for \\WIN-ACJU26UVNPD

ABC                      Administrator            Guest                    
Visitor                  


**** End of log ****

Security Check Scan.

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 26.07.2016 22:02:55
Path starting: C:\Users\ABC\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: ABC
VersionXML: 3.24is-22.07.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 29.12.2014 05:25:53
LicenseStatus: Windows(R) 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [452.9 Gb] Used: [188 Gb] Free: [264.9 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18204 [color=red][b]Warning! [url=http://windows.microsoft.com/en-us/internet-explorer/ie-11-worldwide-languages]Download Update[/url][/b][/color]
[color=blue][b]Online installation. Last version available when Windows update is enabled throught the Internet.[/b][/color]
User Account Control [b]enabled[/b]
Notify of download and installation
Date install updates: 2016-02-10 01:06:04
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6612.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Microsoft Security Essentials (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Microsoft Security Essentials (enabled and up to date)
Windows Defender (disabled and out of date)
Spybot - Search and Destroy (enabled and out of date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Microsoft Security Essentials v.4.6.305.0
Trend Micro Titanium Maximum Security v.3.0
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.21.139
Spybot - Search & Destroy v.2.4.40
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 5.21 (64-bit) v.5.21.0 [color=red][b]Warning! [url=http://www.rarlab.com/download.htm]Download Update[/url][/b][/color]
Microsoft Silverlight v.5.1.30514.0 [color=red][b]Warning! [url=https://www.microsoft.com/getsilverlight/Get-Started/Install/Default.aspx]Download Update[/url][/b][/color]
Picasa 3 v.3.9.141.259 [b][color=red]Warning! This software is no longer supported.[/color][/b]
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.25 v.7.25.106
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 101 v.8.0.1010.13 [color=red][b]Warning! [url=http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html]Download Update[/url][/b][/color]
[color=blue][b]Uninstall old version and install new one (jre-8u102-windows-i586.exe).[/b][/color]
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 22 ActiveX v.22.0.0.210
Adobe Flash Player 22 NPAPI v.22.0.0.209
Adobe Acrobat Reader DC v.15.017.20050
------------------------------- [ Browser ] -------------------------------
Google Chrome v.52.0.2743.82
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.52.0.2743.82
------------------ [ AntivirusFirewallProcessServices ] -------------------
Spybot-S&D 2 Scanner Service (SDScannerService) - The service is running
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe v.2.4.40.217
Spybot-S&D 2 Security Center Service (SDWSCService) - The service is running
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe v.2.3.39.2
Spybot-S&D 2 Updating Service (SDUpdateService) - The service is running
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe v.2.4.40.77
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe v.2.4.40.129
Microsoft Antimalware Service (MsMpSvc) - The service is running
C:\Program Files\Microsoft Security Client\MsMpEng.exe v.4.6.305.0
Microsoft Network Inspection (NisSrv) - The service is running
C:\Program Files\Microsoft Security Client\NisSrv.exe v.4.6.305.0
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
----------------------------- [ End of Log ] ------------------------------

Hope I did this right


Edited by 1995Pandbear, 26 July 2016 - 07:37 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:52 PM

Posted 02 August 2016 - 12:42 PM

How is it running now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 02 August 2016 - 07:01 PM

My laptop is running ok after all of downloads you know the screen that pops up when you increase volume or brightness has disappeared. It's also tad bit slow I think but that was never issue you know so far I haven't got any email talking about my steam accommodation being accessed from different countries.

#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:52 PM

Posted 04 August 2016 - 10:08 AM

Run sfc /scannow
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 09 August 2016 - 03:02 AM

Would you like me to give the log



#11 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 09 August 2016 - 06:30 AM

13882254_1206179849413861_19479900665506



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:52 PM

Posted 09 August 2016 - 11:19 AM

looks good.. if that issue is bothersome you may ask in the Operating Systems forum and see if someone there has a suggestion.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 18 October 2016 - 11:39 PM

Hey,

My steam got accessed again 

  • IP address: 
    175.29.167.66
  • City name: 
  • State name: 
  • Country name: 
    BD
  •  


#14 boooliyooo

boooliyooo

  • Members
  • 50 posts
  • OFFLINE
  •  
  • Local time:04:52 AM

Posted 19 October 2016 - 01:23 AM

Hello...

 

From a password security standpoint, you may refer to Krebs' advice: https://krebsonsecurity.com/password-dos-and-donts/

If the password is the same as what you used to access your financial systems, I will strongly urge you to change to a unique and strong password.

 

If you feel that all these are really troublesome to memorise it somehow, you may also like to get a password manager to assist you.

http://www.pcmag.com/article2/0,2817,2475964,00.asp



#15 1995Pandbear

1995Pandbear
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:07:22 AM

Posted 19 October 2016 - 04:11 AM

Does that means I have malware issue even after going through all of the previous stuff






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users