Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Decompression Bombs and Runtime Error R6025


  • Please log in to reply
38 replies to this topic

#1 book.weaver

book.weaver

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 17 November 2016 - 05:40 PM

Hello,

 

I am using an HP Pavilion g6 with an AMD quad-core possessor, running Windows 7.  I have Avast Antivirus and Malwarebytes (free version) and no recent scans I have run have detected any malware.  (I apologize in advance if my system really is fine.)

 

I got a Microsoft Visual C++ runtime error R6025 -pure virtual function recall on 10-25-2016 and so I ran a boot-time scan with Avast and it found some decompression bombs in some game files.  I have run boot-time scans since I last played the game, however, and the decompression bombs did not show up in the previous scans.  I did some research on decompression bombs and the R6025 error and it seems as though both are sometimes fine and sometimes malicious.  Will someone please help me check out my system just to be safe?  

 

Also, while reading an article I had a virus-crash-2m2a4r.tech warning come up in Google Chrome on 11-06-2016.  I did not click anything and simply stared the task manager in order to end the process.

 

I have screenshots of each error message, but could not figure out how to upload them.   :blush:  Thank you for reading!


Edited by book.weaver, 18 November 2016 - 12:04 PM.


BC AdBot (Login to Remove)

 


#2 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 18 November 2016 - 11:52 AM

error%2010-25-16.png
11-06-16.png

file:///C:/Users/Bookweaver/Desktop/10-25-2016/error%2010-25-16.png

file:///C:/Users/Bookweaver/Desktop/10-25-2016/11-06-16.png

 

I have tried to copy/paste the screenshots directly in this window as well as using the paste, paste as plain text, and paste from Word features to no avail.  I opened the images in Chrome, hopefully these links will work.

 

 

 

 

 

 

 


Edited by book.weaver, 18 November 2016 - 04:33 PM.


#3 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 24 November 2016 - 04:04 PM

Zemana Deep Scan.
 

  • Right click on Zemana and run as admin.
  • Click the Cog/Sproket Wheel, at the top right of Zemana
  • Select Advanced - I have read the warning and wish to proceed.
  • Place a tick next to Detect Suspicious (Root CA) Certificates.
  • Then click the house icon in Zemana.
  • Then hit your start button at the lower left hand corner of your desktop.
  • Then left click on Computer.
  • Drag Local Disk C: Into the area of Zemana that reads Drag and drop files here to scan them.
  • oHw0QqX.png
  • Once the scan has completed click graph icon on the top right of the programs User interface.
  • Double click to open the latest log-file.
  • Copy it to your clipboard.
  • Post the log here in your next reply.

Security Check Scan.



  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please post that log here in your next post.

Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go post the result.



#4 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 25 November 2016 - 04:21 PM

I apologize for the delayed response; I didn't see your post until this afternoon.  Thank you so much for your help!

 

Zemana:

 

Zemana AntiMalware 2.70.2.25 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/11/25
Operating System       : Windows 7 64-bit
Processor              : 4X AMD A6-3420M APU with Radeon™ HD Graphics
BIOS Mode              : Legacy
CUID                   : 12024D8735BC7C01A27CD0
Scan Type              : Custom Scan
Duration               : 146m 18s
Scanned Objects        : 344533
Detected Objects       : 4
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
Farmscapes.dat
Status             : Failed
Object             : %programfiles%\hp games\farmscapes\wtmui_it\farmscapes.dat
MD5                : 2C4ECBDF2EB33693201B3ABC040C7152
Publisher          : -
Size               : 6562816
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_it\farmscapes.dat
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_it\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_it\base\ssaver\thanksgiving.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\es\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\es\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\en-us\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\en-us\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\it\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\it\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\fr\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\fr\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\en-uk\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\en-uk\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\de\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\de\help.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_fr\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_fr\base\ssaver\thanksgiving.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_es\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_es\base\ssaver\thanksgiving.exe
 
Farmscapes.dat
Status             : Failed
Object             : %programfiles%\hp games\farmscapes\wtmui_fr\farmscapes.dat
MD5                : 2C4ECBDF2EB33693201B3ABC040C7152
Publisher          : -
Size               : 6562816
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_fr\farmscapes.dat
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_de\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_de\base\ssaver\thanksgiving.exe
 
Farmscapes.dat
Status             : Failed
Object             : %programfiles%\hp games\farmscapes\wtmui_es\farmscapes.dat
MD5                : 2C4ECBDF2EB33693201B3ABC040C7152
Publisher          : -
Size               : 6562816
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_es\farmscapes.dat
 
Farmscapes.dat
Status             : Failed
Object             : %programfiles%\hp games\farmscapes\wtmui_de\farmscapes.dat
MD5                : 2C4ECBDF2EB33693201B3ABC040C7152
Publisher          : -
Size               : 6562816
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_de\farmscapes.dat
 
Update.exe
Status             : Failed
Object             : %programfiles%\gmetrix sms\update.exe
MD5                : 1AA8733044729A63A7453FDE92596F95
Publisher          : -
Size               : 618496
Version            : 3.5.4.1
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\gmetrix sms\update.exe
 
Security Check:
 

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 25.11.2016 15:50:05
Path starting: C:\Users\Bookweaver\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bookweaver
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 10.03.2012 19:57:42
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [673.6 Gb] Used: [470 Gb] Free: [203.6 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18204 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2016-02-19 16:37:28
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x64 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
Avast Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2253
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
Zemana AntiMalware v.2.70.25
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41212.0 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 31 (64-bit) v.8.0.310 Warning! Download Update
Uninstall old version and install new one (jre-8u112-windows-x64.exe).
Java SE Development Kit 8 Update 5 (64-bit) v.8.0.50 Warning! Download Update
Uninstall old version and install new one (jdk-8u112-windows-x64.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.3.2.35 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.20.0.0.260 Warning! Download Update
Adobe Flash Player 20 ActiveX v.20.0.0.306 Warning! Download Update
Adobe Flash Player 20 NPAPI v.20.0.0.306 Warning! Download Update
Adobe Shockwave Player 12.2 v.12.2.1.171 Warning! Download Update
Adobe Reader XI (11.0.14) v.11.0.14 Warning! Download Update
^Please run Adobe Reader XI and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.48.0.2564.109 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Hoyle Card Games v.2.2.0.95 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
FATE v.2.2.0.97 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
opensource v.1.0.14960.3876 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
WildTangent Games App for HP v.4.0.11.2 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 
 
MiniToolBox:
 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Bookweaver (administrator) on 25-11-2016 at 15:59:56
Running from "C:\Users\Bookweaver\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP Pavilion g6 Notebook PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek PCIe FE Family Controller = Local Area Connection (Connected)
Ralink RT5390 802.11b/g/n WiFi Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Alemona
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 78-E3-B5-64-5C-E5
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ec59:5383:8796:f30b%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.101(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, November 25, 2016 12:24:52 PM
   Lease Expires . . . . . . . . . . : Friday, December 02, 2016 3:19:30 PM
   Default Gateway . . . . . . . . . : fe80::5ed9:98ff:fe61:b216%12
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Ralink RT5390 802.11b/g/n WiFi Adapter
   Physical Address. . . . . . . . . : 64-27-37-33-25-A2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.pa.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.{C3DBC763-9FE6-44DC-94D3-B401291D8A39}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:4006:80d::200e
 216.58.218.238
 
 
Pinging google.com [216.58.218.238] with 32 bytes of data:
Reply from 216.58.218.238: bytes=32 time=19ms TTL=53
Reply from 216.58.218.238: bytes=32 time=20ms TTL=53
 
Ping statistics for 216.58.218.238:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 19ms, Maximum = 20ms, Average = 19ms
Server:  UnKnown
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=39ms TTL=51
Reply from 98.139.183.24: bytes=32 time=29ms TTL=51
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 29ms, Maximum = 39ms, Average = 34ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...78 e3 b5 64 5c e5 ......Realtek PCIe FE Family Controller
 11...64 27 37 33 25 a2 ......Ralink RT5390 802.11b/g/n WiFi Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.101     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link     192.168.0.101    276
    192.168.0.101  255.255.255.255         On-link     192.168.0.101    276
    192.168.0.255  255.255.255.255         On-link     192.168.0.101    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.0.101    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.0.101    276
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12    276 ::/0                     fe80::5ed9:98ff:fe61:b216
  1    306 ::1/128                  On-link
 12    276 fe80::/64                On-link
 12    276 fe80::ec59:5383:8796:f30b/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/25/2016 03:46:27 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 03:44:47 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 01:57:42 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:27:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:27:29 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:25:49 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:25:48 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/25/2016 12:25:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:24:59 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2016 12:24:52 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"1".
Dependent Assembly Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (11/25/2016 03:19:26 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TouchServicePen service.
 
Error: (11/25/2016 03:16:01 PM) (Source: Microsoft-Windows-Kernel-Power) (User: NT AUTHORITY)
Description: The system was hibernated due to a critical thermal event.
Hibernate Time = 2016-11-25T20:16:01.720427000Z
            
ACPI Thermal Zone = ACPI\ThermalZone\TZ0_
            
_HOT = 376K
 
Error: (11/25/2016 12:27:52 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (11/25/2016 12:27:52 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (11/25/2016 12:24:52 PM) (Source: Service Control Manager) (User: )
Description: The Avast Antivirus service failed to start due to the following error: 
%%14001 = The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
 
 
Error: (11/23/2016 05:18:20 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (11/23/2016 05:18:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
Error: (11/23/2016 04:57:41 PM) (Source: Service Control Manager) (User: )
Description: The Avast Antivirus service failed to start due to the following error: 
%%14001 = The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
 
 
Error: (11/23/2016 02:47:21 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (11/23/2016 02:47:21 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
 
 
Microsoft Office Sessions:
=========================
Error: (11/25/2016 03:46:27 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
 
Error: (11/25/2016 03:44:47 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
 
Error: (11/25/2016 01:57:42 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
 
Error: (11/25/2016 12:27:29 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
 
Error: (11/25/2016 12:27:29 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\Program Files\AVAST Software\Avast\AavmRpch.dll
 
Error: (11/25/2016 12:25:49 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\Program Files\AVAST Software\Avast\avastui.exe
 
Error: (11/25/2016 12:25:48 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/25/2016 12:25:15 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\Program Files\AVAST Software\Avast\AvastUI.exe
 
Error: (11/25/2016 12:24:59 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\PROGRA~1\AVASTS~1\Avast\1033\Base.dll
 
Error: (11/25/2016 12:24:52 PM) (Source: SideBySide)(User: )
Description: Avast.VC140.CRT,processorArchitecture="x86",publicKeyToken="fcc99ee6193ebbca",type="win32",version="14.0.23918.0"C:\Program Files\AVAST Software\Avast\AvastSvc.exe
 
 
=========================== Installed Programs ============================
 
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.14) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.14 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{CF780466-D74B-C6E7-7E61-0C4DCA614455}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.1.2253 - AVAST Software)
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Bamboo (HKLM-x32\...\Pen Tablet Driver) (Version:  - )
Bejeweled 3 (HKLM-x32\...\WTA-7be5810c-ea5e-4369-bb44-222ca40b37ca) (Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{741006D1-7B2B-4E33-B2B0-831F282EEF64}) (Version: 2.2.8188 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Chuzzle Deluxe (HKLM-x32\...\WTA-c2714556-d482-4680-bd2b-d17b8abe75ce) (Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-93ff1273-e0b2-48f8-b5b5-5df7ee75ec68) (Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4422 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Desktop Kakuro (HKLM-x32\...\Desktop Kakuro) (Version:  - )
Dora's World Adventure (HKLM-x32\...\WTA-b1d68def-d5bd-4f0b-9690-ead73acb9a11) (Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-a440874a-34ea-40fe-9af4-c9cdd81dea06) (Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (HKLM-x32\...\WTA-cdcdfb51-ac34-4f64-9069-95c4d07b8738) (Version: 2.2.0.98 - WildTangent) Hidden
FATE (HKLM-x32\...\WTA-279cf681-1067-4bbb-94b5-f1157720c963) (Version: 2.2.0.97 - WildTangent) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
GMetrix SMS (HKLM-x32\...\{958AAA08-5B3D-4E91-8B7C-E07175110416}) (Version: 3.2.1.1 - GMetrix LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (HKLM-x32\...\WTA-03eaf8a3-d4e4-4e74-81fa-9a750638440f) (Version: 2.2.0.95 - WildTangent) Hidden
HP Application Assistant (HKLM\...\{6032497A-4479-462B-ADB8-A0A372BB9A23}) (Version: 1.0.409.3882 - Hewlett-Packard)
HP Deskjet 3050 J610 series Basic Device Software (HKLM\...\{6457BD83-98CF-4267-93D7-F173FF3E7C25}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050 J610 series Help (HKLM-x32\...\{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}) (Version: 140.0.63.63 - Hewlett Packard)
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Documentation (HKLM-x32\...\{3D5C7E0E-AEC0-40EB-99D3-C40469738040}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{C4EACDFC-4BD3-4553-8445-A55B55818835}) (Version: 1.0.14 - Hewlett-Packard Company)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)
HP Security Assistant (HKLM\...\{288591DE-4151-4E8E-A698-C6EFF5DF00F9}) (Version: 2.0.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
InfraRecorder (HKLM-x32\...\InfraRecorder) (Version:  - Christian Kindahl)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-864f03ed-f2c1-4145-8110-d2725c4d5d3b) (Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest Mysteries: The Seventh Gate Collector's Edition (HKLM-x32\...\WTA-89b4debd-166b-437d-bd18-2d6141046e35) (Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kakuro Master (HKLM-x32\...\Kakuro Master) (Version:  - )
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
Luxor HD (HKLM-x32\...\WTA-78d9a8fa-7918-4b63-b3df-c50fa13e91ad) (Version: 2.2.0.98 - WildTangent) Hidden
Mah Jong Medley (HKLM-x32\...\WTA-e2531fc0-9b5d-42e4-ad84-b227f6e379da) (Version: 2.2.0.95 - WildTangent) Hidden
Mahjongg Master 4 (HKLM-x32\...\Mahjongg Master 4) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneNote Home and Student 2016 - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
Penguins! (HKLM-x32\...\WTA-7422e5c8-c1ba-4b5f-8d80-e66d5379244d) (Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-4bd98dfa-b4b2-4568-b754-fd6fbebb6c77) (Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (HKLM-x32\...\WTA-05baa083-98fc-4295-b0d6-ebbfde2cbaae) (Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (HKLM-x32\...\WTA-c1968821-c8ac-4459-812b-75906d5c143e) (Version: 2.2.0.98 - WildTangent) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.13.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 3: Platinum (HKLM-x32\...\WTA-596c1d88-c119-4aac-ac47-824dd7bd0092) (Version: 2.2.0.98 - WildTangent) Hidden
Sansa Updater (HKCU\...\Sansa Updater) (Version: 1.313 - SanDisk Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0015-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0019-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001A-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001B-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0409-1000-0000000FF1CE}_Office14.SingleImage_{C814F7D9-CE9D-45AA-BA7C-88BDD0E1EB7C}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-040C-1000-0000000FF1CE}_Office14.SingleImage_{77A8B979-11B0-4774-8003-574EE8A4BC22}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001F-0C0A-1000-0000000FF1CE}_Office14.SingleImage_{05916788-991E-417B-A8F3-77F90A2B8271}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-002C-0409-1000-0000000FF1CE}_Office14.SingleImage_{D4D48631-AC28-4250-B882-C956555B0B1D}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.SingleImage_{F3FAAB68-7697-4B1F-A23A-72312565AEAB}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0043-0409-1000-0000000FF1CE}_Office14.SingleImage_{944EFCFD-823D-4C0A-9B01-CD76EEAEA1F3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-006E-0409-1000-0000000FF1CE}_Office14.SingleImage_{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-00A1-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0115-0409-1000-0000000FF1CE}_Office14.SingleImage_{58B1AD3E-54D7-42DC-AF42-218AA7C1ED8B}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0117-0409-1000-0000000FF1CE}_Office14.SingleImage_{C7BC6847-623D-4D8F-B87C-82215F0752BA}) (Version:  - Microsoft) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Treasures of Mystery Island: The Ghost Ship (HKLM-x32\...\WTA-f6945d06-5c82-4266-8a9f-b1a296130bdd) (Version: 2.2.0.98 - WildTangent) Hidden
Torchlight (HKLM-x32\...\WTA-9493dec6-a9ec-4c16-82aa-6bc1cb0b678c) (Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (HKLM-x32\...\WTA-21411c76-2cba-40b4-9f51-4d86a472e884) (Version: 2.2.0.98 - WildTangent) Hidden
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Yahoo Messenger (HKCU\...\yahoomessenger) (Version: 0.8.269 - Yahoo! Inc)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.70.25 - Zemana Ltd.)
Zuma's Revenge (HKLM-x32\...\WTA-b24b387f-0989-4b82-99bc-c30584401ee7) (Version: 2.2.0.98 - WildTangent) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 57%
Total physical RAM: 3562.91 MB
Available physical RAM: 1499.68 MB
Total Virtual: 7124 MB
Available Virtual: 4645.59 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:673.65 GB) (Free:203.55 GB) NTFS
2 Drive d: (Recovery) (Fixed) (Total:20.83 GB) (Free:2.25 GB) NTFS
3 Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\ALEMONA
 
Administrator            Bookweaver               Guest                    
 
 
**** End of log ****
 
 
Note:  I did not select "next" upon the completion of the Zemana scan because I wan't sure if it would be better to wait until after I've sent you the results.  Do you know if the infected objects were in fact quarantined anyway?  Thank you.


#5 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 25 November 2016 - 08:35 PM

9-Lab Scan.

 

  • Download 9-Lab Removal Tool.
  • CLICK HERE to determine whether you're running 32-bit or 64-bit for Windows.
  • Install the program onto your computer, then right click the icon  run as administrator.
  • Update the program and then run a full scan!
  • Make sure the program updates, might be better to install it update reboot and check for updates again.
  • You need to make sure the database updates!!!
  • Upon Scan Completion Click on Show Results.
  • Then Click On Clean 
  • Then Click on Save Log.
  • Save it to your desktop, copy and paste the contents of the log here in your next reply.

 

 

 

 

 

 

Adware Removal Tool Scan.

 

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

 

 

LOr0Gd7.png

 

Hit Ok.

 

sYFsqHx.png

 

Hit next make sure to leave all items checked, for removal.

 

8NcZjGc.png

 

 

The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

 

ZHP Scan.

Please download Zhp Cleaner  to your desktop.  Right Click the icon and select run as administrator.

http://ccm.net/download/download-24750-zhpcleaner

 

 

2. Once you have started the program, you will need to click the scanner button.

EgsT69u.png

The program will close all open browsers!

3. Once the scan is completed, the you will want to click the Repair button.

6QJjV50.png

At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.



#6 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 26 November 2016 - 11:34 AM

9 Lab:

 

When I paste the log here a dialogue box says my post is too long, even if I restrict it only to the contents of the 9 Lab .txt file.  It labeled a game from a disc (Mahjongg Master 4) and a bonus disk from a program (Multimedia Fusion 2) as PUPs and cleaned the entirety of them.  It found Trojans, Adware, and Malware, as well, however.  

 

Should I send you the contents of the log, with the many aforementioned two PUP's files excluded from the text?  (I'm sorry for the trouble!)

 

Adware Removal Tool:

 

Not applicable...it didn't find anything and, thus, didn't generate a log file.

 

ZHP Cleaner:

 

~ ZHPCleaner v2016.11.25.204 by Nicolas Coolman (2016/11/25)

~ Run by Bookweaver (Administrator)  (26/11/2016 10:57:31)

~ Web: https://www.nicolascoolman.com

~ Blog: https://www.anti-malware.top

~ Facebook : https://www.facebook.com/nicolascoolman1

~ State version : Version OK

~ Type : Repair

~ Report : C:\Users\Bookweaver\Desktop\ZHPCleaner.txt

~ Quarantine : C:\Users\Bookweaver\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt

~ UAC : Activate

~ Boot Mode : Normal (Normal boot)

Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)

 

 

---\\  Services (0)

~ No malicious or unnecessary items found.

 

 

---\\  Browser internet (0)

~ No malicious or unnecessary items found.

 

 

---\\  Hosts file (1)

~ The hosts file is legitimate (21)

 

 

---\\  Scheduled automatic tasks. (0)

~ No malicious or unnecessary items found.

 

 

---\\  Explorer ( File, Folder) (24)

MOVED file: C:\Windows\Installer\wix{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{3540181E-340A-4E7A-B409-31663472B2F7}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{5ED7462B-EF58-4757-B609-53755021EC34}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{B678797F-DF38-4556-8A31-8B818E261868}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{C4123106-B685-48E6-B9BD-E4F911841EB4}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{D4D86CB2-2370-4691-8272-3869EDED6C64}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED file: C:\Windows\Installer\wix{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}.SchedServiceConfig.rmi    =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{05276F82-BB96-4F8C-B346-662BACCF5A9A}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{09CF685D-AC9B-4FA6-925A-C50F7FCCA3AB}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{2AFF842D-1BD2-42CA-A08B-FD504253FA71}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{3E52407D-3124-4A87-A70B-F133D716F9DA}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{518D62B6-25BE-43BB-BDDA-7695BDDFF23E}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{76E26750-1379-4491-AC1C-867A084AA24A}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{837EE3D3-7AD3-4A7A-848A-96FE8427E163}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{8B445A9F-9746-4C47-B4D3-4D9CB646844B}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{8E87CBB6-1C15-4845-A63E-25D0BB510775}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{91749AF5-FCF1-40DD-9552-D57D731BD1A2}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{BFA78F39-E20F-4FA7-8601-D182E38D853C}  =>.Superfluous.Empty

MOVED folder: C:\Users\Bookweaver\AppData\Local\{EA224EEF-1F6B-40DF-A85B-546F3D38FA71}  =>.Superfluous.Empty

 

 

---\\  Registry ( Key, Value, Data) (1)

DELETED key*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect

 

 

---\\  Summary of the elements found (2)

https://www.nicolascoolman.com/fr/logiciels-superflus  =>.Superfluous.Empty

https://www.anti-malware.top/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect

 

 

---\\  Other deletions. (126)

~ Registry Keys Tracing deleted (126)

~ Remove the old reports ZHPCleaner. (0)

 

 

---\\ Result of repair

~ Repair carried out successfully

~ Browser not found (Mozilla Firefox)

~ Browser not found (Opera Software)

 

 

---\\ Statistics

~ Items scanned : 440

~ Items found : 0

~ Items cancelled : 0

~ Items repaired : 25

 

 

~ End of clean in 00h00mn11s

~====================

ZHPCleaner-[R]-26112016-10_57_42.txt

 

ZHPCleaner-[S]-26112016-10_51_12.txt



#7 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 26 November 2016 - 12:07 PM

I edited the 9 Lab log to exclude the PUP files to make it fit here; I hope that’s alright. 

9 Lab:

 

9-lab Removal Tool 1.0.0.39 BETA

9-lab.com

 

Database version: 147.44944

 

Windows 7 Service Pack 1 (Version 6.1, Build 7601, 64-bit Edition)

Internet Explorer 9.11.9600.18204

Bookweaver :: ALEMONA

 

11/25/2016 9:19:00 PM

9lab-log-2016-11-25 (21-19-00).txt

 

Scan type: Full

Objects scanned: 55434

Time Elapsed: 1 h 1 m

 

Files detected: 1659

[81256B25A6C0374B7741DEAA2975EB4C] Trojan.FPL.Tesch.yp [c:\users\bookweaver\appdata\roaming\Blio\Cache\cb1d9654e08bb053fbdb37926bd27dd4.jpg]

[C2081F1DEAF773F281456BFD9E3DA2E9] Trojan.FPL.Tesch.yp [c:\users\bookweaver\appdata\roaming\Blio\Cache\library.xml]

[967F806C60FD6C79561D00AE093A2DA1] Trojan.FPL.Tesch.yp [c:\users\bookweaver\appdata\roaming\Blio\Log\Log (Build 2.2.8188.0).txt]

[0082D5E1ED754B185A587377EA3382D1] Trojan.FPL.Tesch.yp [c:\users\bookweaver\appdata\roaming\Blio\Settings.xml]

[96DFDD08C76630FB074B7ACB8BB4AA7F] Trojan.FPL.Downloader.vl [c:\users\bookweaver\appdata\local\RemEngine\RemEngine.exe_Url_44kcysl23ccvo5sqxrn2qzcrgomrbkh1\9.0.15076.3891\user.config]

 

~Over 1,000 PUP files from:

 

PUP.FPL.Toolbar.dd [C:\Program Files (x86)\eGames\Mahjongg Master 4\...]

 

Oh, the MMF2 bonus disc was labeled as Adware, not a PUP, my mistake.  I included those here in the remainder of the log:

 

[A957A73A77429EA9E3EB38670D7E45EE] Adware.FMPL.Gen.se [C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69\x64\DIFxInstallLog.txt]

[27A8C309570761EC32A2697DAD2E249E] Adware.FMPL.Gen.se [C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7\x64\DIFxInstallLog.txt]

[D62A30BE6C543B499C01691F6ACEFBC5] Malware.Win32.Gen.sm!s1 [C:\Program Files (x86)\Multimedia Fusion 2\Bonus Disk\Examples\Examples.exe]

[AF36A5F20D1E1BFE48762506C6E22799] Adware.Win32.Downloader.vl!n [C:\Program Files (x86)\Multimedia Fusion 2\Bonus Disk\Examples\Objects\INI\receive.exe]

[8EAD398BA47CC3E0D41FD9D88ABA8443] Adware.Win32.Downloader.vl!n [C:\Program Files (x86)\Multimedia Fusion 2\Bonus Disk\Examples\Objects\INI\Set.exe]

[FF5B688AE4D4257D8E275E492D6AEC5E] Adware.Win32.Downloader.vl!n [C:\Program Files (x86)\Multimedia Fusion 2\Bonus Disk\Examples\Objects\Network\Network Master.exe]

[72DAC50615C709D4C6D6985A95156226] Adware.Win32.Downloader.vl!n [C:\Program Files (x86)\Multimedia Fusion 2\Bonus Disk\Examples\Objects\Network\Network Slave.exe]

[A94564B03D07C71D9766D1B35E33416C] Malware.Win32.Gen.sm!s1 [C:\Program Files (x86)\Multimedia Fusion 2\Data\Runtime\lnchrt.exe]

 

Thank you so much for your time!


Edited by book.weaver, 26 November 2016 - 12:10 PM.


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 26 November 2016 - 11:55 PM

I am checking over things and will have further instructions in the morning, how are things running?

 

Security Check Scan.
 

  • Download Security Check to your desktop.
  • Right click it run as administrator.
  • When the program completes, the tool will automatically open a log file.
  • Please post that log here in your next post.

Scan & Clean With Ads Fix

 

  • Disable Windows Defender & Antivirus Prior To Running This Tool!!
  • Save Ads Fix to your desktop.
  • Right Click & Run As Administrator.
  • You will then be prompted to install Certificates.
  • Install then click OK.
  • Right Click & Run As Administrator Again.
  • Click Options then select Unlock the deletion.
  • Then click on clean.
  • Post the report that will open on desktop in your next reply.


#9 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 27 November 2016 - 06:00 PM

Things seem to be running okay.  I haven’t attempted to open Avast or Windows Media Player again, though.  (They had been compromised, as described here: http://www.bleepingcomputer.com/forums/t/632944/avast-side-by-side-configuration-is-incorrect/  )  I wasn’t sure if they would be working and safe to open or if I may need to reinstall them. 

 

Many years ago, something disabled my Avast, Malwarebytes, and more and my computer wouldn’t start up even in safe mode for months.  Finally, I had the option for a system restore and things were pretty much fine after that.  This was all before I heard of bleeping computer…I’ve been on here once since then for an unrelated issue.  Maybe the virus has been lying dormant in my system or something.  Regardless, thank you so much for taking the time to save my laptop from another brutal system-wide conquest!

 

Security Check:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 27.11.2016 17:13:05
Path starting: C:\Users\Bookweaver\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bookweaver
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 10.03.2012 19:57:42
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [673.6 Gb] Used: [470.8 Gb] Free: [202.8 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18204 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2016-02-19 16:37:28
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x64 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
Avast Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2253
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.0.1024 v.2.2.0.1024
Zemana AntiMalware v.2.70.25
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.41212.0 Warning! Download Update
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 31 (64-bit) v.8.0.310 Warning! Download Update
Uninstall old version and install new one (jre-8u112-windows-x64.exe).
Java SE Development Kit 8 Update 5 (64-bit) v.8.0.50 Warning! Download Update
Uninstall old version and install new one (jdk-8u112-windows-x64.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.3.2.35 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.20.0.0.260 Warning! Download Update
Adobe Flash Player 20 ActiveX v.20.0.0.306 Warning! Download Update
Adobe Flash Player 20 NPAPI v.20.0.0.306 Warning! Download Update
Adobe Shockwave Player 12.2 v.12.2.1.171 Warning! Download Update
Adobe Reader XI (11.0.18) v.11.0.18
------------------------------- [ Browser ] -------------------------------
Google Chrome v.48.0.2564.109 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Hoyle Card Games v.2.2.0.95 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
FATE v.2.2.0.97 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
opensource v.1.0.14960.3876 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
WildTangent Games App for HP v.4.0.11.2 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 

 

Ads Fix:

 

I disabled Firewall, etc. and Zemana’s real-time protection, but could not run it…

 

“AutoIt Error

 

Line 18623 (File “C:\Users\Bookweaver\Desktop\adsfix_3_27.11.2016.1.exe”):

 

Error: Array variable has incorrect number of subscripts or subscript dimension range exceeded.”

 

 

Oh, and when I ran the Zemana scan a few days ago, I didn’t quarantine or try to remove any of the detected threats (I wasn’t sure what I was supposed to do) so I simply posted the log.  Should I run another Zemana scan?  I’m sorry if I messed anything up.



#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 28 November 2016 - 08:10 AM

Update all of your software with Patch MY PC then run a normal scan with Zemana, quarantine all items post the new log.

Also, when you are done updating your software with patch my pc then post a new security check log for me



#11 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 28 November 2016 - 11:26 AM

According to Patch My PC, it successfully updated everything, including Adobe Air and iTunes.  However, it says I still have 2 Apps to install because I cannot uninstall the older versions of Adobe Air (two versions listed) and iTunes with this tool –I got some messages about not being able to find the path and possibly not having privileges to remove them.  The uninstaller worked for other items, though. 

 

When I tried to close the program, it said “(not responding).”  I waited quite a bit, it was still frozen, so I used the task manager to end the process.

 

Zemana:

 

Running a normal scan said my PC is clean and no actions were required.  Should I run another scan of Local Disc (C:)?

 

Security Check:

 

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 28.11.2016 11:19:19
Path starting: C:\Users\Bookweaver\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bookweaver
VersionXML: 3.54is-25.11.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 10.03.2012 19:57:42
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [673.6 Gb] Used: [461.7 Gb] Free: [211.9 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18204 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2016-02-19 16:37:28
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x64 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
Disabled the public profile of Windows Firewall
Disabled the standard profile for Windows Firewall
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
Avast Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2253
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.70.25
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50901.0
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 111 (64-bit) v.8.0.1110.14 Warning! Download Update
Uninstall old version and install new one (jre-8u112-windows-x64.exe).
Java SE Development Kit 8 Update 5 (64-bit) v.8.0.50 Warning! Download Update
Uninstall old version and install new one (jdk-8u112-windows-x64.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.3.2.35 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.20.0.0.260 Warning! Download Update
Adobe Flash Player 23 ActiveX v.23.0.0.207
Adobe Flash Player 23 NPAPI v.23.0.0.207
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20039 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.54.0.2840.99
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
MBAMService (MBAMService) - The service has stopped
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Hoyle Card Games v.2.2.0.95 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
FATE v.2.2.0.97 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
opensource v.1.0.14960.3876 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
WildTangent Games App for HP v.4.0.11.2 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------


#12 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 28 November 2016 - 11:28 AM

Oops...I forgot to turn Windows Firewall back on the other day.  I just did so.



#13 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 29 November 2016 - 04:27 PM

I ran a Zemana scan of local disk C:\ and successfully quarantined the 4 malware files.  There were some files during the scan that said “Failed,” I assume it meant they failed to scan?  Anyway, here is the log:

 

Zemana AntiMalware 2.70.2.25 (Installed)
 
-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2016/11/29
Operating System       : Windows 7 64-bit
Processor              : 4X AMD A6-3420M APU with Radeon™ HD Graphics
BIOS Mode              : Legacy
CUID                   : 12024D8735BC7C01A27CD0
Scan Type              : Custom Scan
Duration               : 153m 9s
Scanned Objects        : 344776
Detected Objects       : 4
Excluded Objects       : 0
Read Level             : Normal
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2
 
Detected Objects
-------------------------------------------------------
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\es\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\es\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\en-us\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\en-us\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\it\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\it\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\fr\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\fr\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\en-uk\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\en-uk\help.exe
 
help.exe
Status             : Failed
Object             : %programfiles%\hp games\fate\help\de\help.exe
MD5                : 14B05B04F4C8DD0BC46C2C1325F73B13
Publisher          : -
Size               : 35786
Version            : -
Detection          : 
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\fate\help\de\help.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_it\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_it\base\ssaver\thanksgiving.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_fr\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_fr\base\ssaver\thanksgiving.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_es\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_es\base\ssaver\thanksgiving.exe
 
thanksgiving.exe
Status             : Scanned
Object             : %programfiles%\hp games\farmscapes\wtmui_de\base\ssaver\thanksgiving.exe
MD5                : D3D6E3EA50395544B886F026F943926E
Publisher          : -
Size               : 53248
Version            : 0.0.0.0
Detection          : Malware:Win32/Tazzi.A!Emka
Cleaning Action    : Quarantine
Related Objects    :
                File - %programfiles%\hp games\farmscapes\wtmui_de\base\ssaver\thanksgiving.exe
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 4
Reported as safe      : 0
Failed                : 0
 

 

I ran another Security Check, too, because it seems to be standard procedure at this point.  =)  Thank you again for your time!

 

SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 29.11.2016 16:16:35
Path starting: C:\Users\Bookweaver\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Bookweaver
VersionXML: 3.55is-29.11.2016
___________________________________________________________________________
 
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 10.03.2012 19:57:42
LicenseStatus: Windows® 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [673.6 Gb] Used: [461.8 Gb] Free: [211.8 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.18204 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatically download and schedule installation
Date install updates: 2016-02-19 16:37:28
Windows Update (wuauserv) - The service has stopped
Security Center (wscsvc) - The service has stopped
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2010 x64 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and out of date)
Avast Antivirus (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.11.1.2253
-------------------------- [ SecurityUtilities ] --------------------------
Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043
Zemana AntiMalware v.2.70.25
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Silverlight v.5.1.50901.0
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 111 (64-bit) v.8.0.1110.14 Warning! Download Update
Uninstall old version and install new one (jre-8u112-windows-x64.exe).
Java SE Development Kit 8 Update 5 (64-bit) v.8.0.50 Warning! Download Update
Uninstall old version and install new one (jdk-8u112-windows-x64.exe).
--------------------------- [ AppleProduction ] ---------------------------
iTunes v.12.3.2.35 Warning! Download Update
^Please use Apple Software Update tool.^
Bonjour v.3.1.0.1
Bonjour Service (Bonjour Service) - The service is running
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.20.0.0.260 Warning! Download Update
Adobe Flash Player 23 ActiveX v.23.0.0.207
Adobe Flash Player 23 NPAPI v.23.0.0.207
Adobe Shockwave Player 12.2 v.12.2.5.195
Adobe Acrobat Reader DC v.15.020.20039 Warning! Download Update
^Please run Acrobat Reader DC and go Help - Check for updates...^
------------------------------- [ Browser ] -------------------------------
Google Chrome v.54.0.2840.99
----------------------------- [ EmailClient ] -----------------------------
Windows Live Mail v.15.4.3502.0922
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service has stopped
AvastVBox COM Service (AvastVBoxSvc) - The service has stopped
MBAMService (MBAMService) - The service has stopped
Windows Defender (WinDefend) - The service has stopped
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
---------------------------- [ UnwantedApps ] -----------------------------
Unity Web Player Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Hoyle Card Games v.2.2.0.95 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
FATE v.2.2.0.97 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
Update Installer for WildTangent Games App << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
opensource v.1.0.14960.3876 << Hidden Warning! Suspected Adware! If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware and Malwarebytes AdwCleaner. Before uninstallation and scanning it is necessary to consult in the forum where cure is provided for you!!!
WildTangent Games App for HP v.4.0.11.2 << Hidden Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------


#14 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:55 AM

Posted 05 December 2016 - 12:25 PM

Sorry for the delay, are still in need of help. I just did not get an email for your reply....



#15 book.weaver

book.weaver
  • Topic Starter

  • Members
  • 252 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:09:55 AM

Posted 05 December 2016 - 12:34 PM

Hello!

 

I think everything should be fine now, but I have two quick questions.  Is my PC clean?  If so, someone offered to help me begin repairing corrupted files, etc. in my other thread.  

 

Also, what will happen to the malware in the Zemana quarantine when my trial expires?  (It only has 6 days remaining.)  

 

No problem regarding the delay; I understand.  =)  Thank you so much for all of your help, sir!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users