Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Wonderlandads...again.


  • Please log in to reply
6 replies to this topic

#1 Trifoilum

Trifoilum

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 11:29 AM

So yeah-- I think it is since today? Somehow my computer gets redirected in obscene amount to wonderlandads.com. My scans does not produce anything out of ordinary. Which is kinda HMMM.

 

Also; I don't know WHY (or whether this is part of the same problem) but every now and then my PC cannot open Facebook-- it gets a 
 

"

This site can’t be reached

www.facebook.com’s server DNS address could not be found.

DNS_PROBE_FINISHED_NXDOMAIN"

instead.

 

I see that there was a similar topic and-- considering at least the few of the responses are pretty similar everywhere, I'll start following it.


Edited by Trifoilum, 09 December 2016 - 12:55 PM.


BC AdBot (Login to Remove)

 


#2 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 11:36 AM

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
Avast Antivirus                 
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 4.6    
 JavaFX 2.1.1    
 Java 8 Update 77  
 Java version 32-bit out of Date!
  Adobe Flash Player 17.0.0.169 Flash Player out of Date!
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox (47.0.1) 
 Google Chrome (54.0.2840.71) 
 Google Chrome (54.0.2840.99) 
 Google Chrome (Plugins...) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 3% 
````````````````````End of Log``````````````````````

Edited by Trifoilum, 09 December 2016 - 11:41 AM.


#3 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 11:38 AM

Farbar Service Scanner Version: 27-01-2016
Ran by user (administrator) on 09-12-2016 at 23:36:39
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcore.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#4 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 11:42 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by user (administrator) on 09-12-2016 at 23:38:46
Running from "C:\Users\user\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Model: G31M-ES2C Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
========================= Hosts content: =================================
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
0.0.0.1 mssplus.mcafee.com
188.166.110.58 api.hide.me # Added by Hide.me VPN
========================= IP Configuration: ================================
 
TP-LINK Wireless USB Adapter = Wireless Network Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20) = Local Area Connection (Hardware not present)
TunnelBear Adapter V9 = Local Area Connection 4 (Media disconnected)
Spotflux Virtual Network Device Driver = Local Area Connection 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection* 9" address=10.254.88.44 mask=255.255.248.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Path
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Local Area Connection 4:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TunnelBear Adapter V9
   Physical Address. . . . . . . . . : 00-FF-35-46-35-86
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Spotflux Virtual Network Device Driver
   Physical Address. . . . . . . . . : 00-FF-5D-62-72-EB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wireless Network Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TP-LINK Wireless USB Adapter
   Physical Address. . . . . . . . . : F8-D1-11-1C-92-DD
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.100.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, December 09, 2016 10:45:07 PM
   Lease Expires . . . . . . . . . . : Monday, December 12, 2016 10:45:06 PM
   Default Gateway . . . . . . . . . : 192.168.100.1
   DHCP Server . . . . . . . . . . . : 192.168.100.1
   DNS Servers . . . . . . . . . . . : 192.168.100.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection* 9:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Physical Address. . . . . . . . . : 00-FF-6B-1A-1F-1D
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Hamachi:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-6C-A9-09
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::196c:a909(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::acfc:c340:251c:c040%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 25.108.169.9(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Friday, December 09, 2016 10:40:39 PM
   Lease Expires . . . . . . . . . . : Saturday, December 09, 2017 10:44:52 PM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 427456921
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-1A-8D-AA-00-24-1D-34-FC-16
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  1.100.168.192.in-addr.arpa
Address:  192.168.100.1
 
Name:    google.com
Addresses:  2404:6800:4003:806::200e
 216.58.196.78
 
 
Pinging google.com [216.58.196.78] with 32 bytes of data:
Reply from 216.58.196.78: bytes=32 time=44ms TTL=51
Reply from 216.58.196.78: bytes=32 time=44ms TTL=51
 
Ping statistics for 216.58.196.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 44ms, Maximum = 44ms, Average = 44ms
Server:  UnKnown
Address:  192.168.100.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=277ms TTL=50
Reply from 98.139.183.24: bytes=32 time=278ms TTL=50
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 277ms, Maximum = 278ms, Average = 277ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 25...00 ff 35 46 35 86 ......TunnelBear Adapter V9
 24...00 ff 5d 62 72 eb ......Spotflux Virtual Network Device Driver
 15...f8 d1 11 1c 92 dd ......TP-LINK Wireless USB Adapter
 14...00 ff 6b 1a 1f 1d ......Anchorfree HSS VPN Adapter
 12...7a 79 19 6c a9 09 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1     25.108.169.9   9256
          0.0.0.0          0.0.0.0    192.168.100.1    192.168.100.3     25
         25.0.0.0        255.0.0.0         On-link      25.108.169.9   9256
     25.108.169.9  255.255.255.255         On-link      25.108.169.9   9256
   25.255.255.255  255.255.255.255         On-link      25.108.169.9   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.100.0    255.255.255.0         On-link     192.168.100.3    281
    192.168.100.3  255.255.255.255         On-link     192.168.100.3    281
  192.168.100.255  255.255.255.255         On-link     192.168.100.3    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      25.108.169.9   9256
        224.0.0.0        240.0.0.0         On-link     192.168.100.3    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      25.108.169.9   9256
  255.255.255.255  255.255.255.255         On-link     192.168.100.3    281
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 12   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 12    276 2620:9b::/96             On-link
 12    276 2620:9b::196c:a909/128   On-link
 12    276 fe80::/64                On-link
 12    276 fe80::acfc:c340:251c:c040/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/09/2016 11:02:06 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1216) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/09/2016 11:01:56 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1216) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/09/2016 11:01:46 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1216) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/09/2016 11:01:36 PM) (Source: ESENT) (User: )
Description: wuaueng.dll (1216) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (12/09/2016 10:45:18 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to add firewall exception for E:\Program Files\Steam\bin\steamwebhelper.exe
 
Error: (12/09/2016 10:41:12 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (12/09/2016 10:41:12 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (12/09/2016 10:41:12 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (12/09/2016 10:31:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: TWCU.exe, version: 3.1.4.0, time stamp: 0x4c0e145b
Faulting module name: KERNELBASE.dll, version: 6.1.7601.23392, time stamp: 0x56eb2fb9
Exception code: 0x000006ba
Fault offset: 0x0000845d
Faulting process id: 0x122c
Faulting application start time: 0xTWCU.exe0
Faulting application path: TWCU.exe1
Faulting module path: TWCU.exe2
Report Id: TWCU.exe3
 
Error: (12/09/2016 10:12:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe_HPSLPSVC, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: hpslpsvc32.dll, version: 140.0.323.0, time stamp: 0x4b63e260
Exception code: 0xc0000005
Fault offset: 0x0003e24c
Faulting process id: 0xa30
Faulting application start time: 0xsvchost.exe_HPSLPSVC0
Faulting application path: svchost.exe_HPSLPSVC1
Faulting module path: svchost.exe_HPSLPSVC2
Report Id: svchost.exe_HPSLPSVC3
 
 
System errors:
=============
Error: (12/09/2016 11:02:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.233.1724.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.10.209.00
 
Source Path: 4.10.209.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (12/09/2016 10:49:08 PM) (Source: Service Control Manager) (User: )
Description: The Windows Update service hung on starting.
 
Error: (12/09/2016 10:43:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (12/09/2016 10:42:10 PM) (Source: Service Control Manager) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error: 
%%3 = The system cannot find the path specified.
 
 
Error: (12/09/2016 10:42:10 PM) (Source: Service Control Manager) (User: )
Description: The TunnelBear Maintenance service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (12/09/2016 10:42:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the TunnelBear Maintenance service to connect.
 
Error: (12/09/2016 10:38:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\RAIHV.dll
 
Error: (12/09/2016 10:38:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\RAIHV.dll
 
Error: (12/09/2016 10:38:27 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800706be: Definition Update for Microsoft Security Essentials - KB2310138 (Definition 1.233.1830.0).
 
Error: (12/09/2016 10:38:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\system32\RAIHV.dll
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM\...\{5AF4B3C4-C393-48D7-AC7E-8E7615579548}) (Version: 3.6.0.6090 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Anchor Service CS3 (HKLM\...\{90176341-0A8B-4CCC-A78D-F862228A6B95}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (HKLM\...\{1618734A-3957-4ADD-8199-F973763109A8}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (HKLM\...\{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS3 (HKLM\...\{9C9824D9-9000-4373-A6A5-D0E5D4831394}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge CS4 (HKLM\...\{83877DB1-8B77-45BC-AB43-2BAC22E093E0}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (HKLM\...\{08B32819-6EEF-4057-AEDA-5AB681A36A23}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (HKLM\...\{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}) (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps CS4 (HKLM\...\{94D398EB-D2FD-4FD1-B8C4-592635E8A191}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific CS4 (HKLM\...\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings CS4 (HKLM\...\{5570C7F0-43D0-4916-8A9E-AEDD52FA86F4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings CS4 (HKLM\...\{0D6013AB-A0C7-41DC-973C-E93129C9A29F}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings CS4 (HKLM\...\{00ADFB20-AE75-46F4-AD2C-F48B15AC3100}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Color Video Profiles CS CS4 (HKLM\...\{63C24A08-70F3-4C8E-B9FB-9F21A903801D}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5.5 Master Collection (HKLM\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe CSI CS4 (HKLM\...\{0F723FC1-7606-4867-866C-CE80AD292DAF}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS4 (HKLM\...\{C52E3EC1-048C-45E1-8D53-10B0C6509683}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (HKLM\...\{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS4 (HKLM\...\{67F0E67A-8E93-4C2C-B29D-47C48262738A}) (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 (HKLM\...\{16E16F01-2E2D-4248-A42F-76261C147B6C}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit 2 (HKLM\...\{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CS4 (HKLM\...\{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Extension Manager CS4 (HKLM\...\{054EFA56-2AC1-48F4-A883-0AB89874B972}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Fonts All (HKLM\...\{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (HKLM\...\{04AF207D-9A77-465A-8B76-991F6AB66245}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM\...\{F08E8D2E-F132-4742-9C87-D5FF223A016A}) (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (HKLM\...\Adobe_a04a925a57548091300ada368235fc6) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Linguistics CS3 (HKLM\...\{54793AA1-5001-42F4-ABB6-C364617C6078}) (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 (HKLM\...\{931AB7EA-3656-4BB7-864D-022B09E3DD67}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe Output Module (HKLM\...\{BB4E33EC-8181-4685-96F7-8554293DEC6A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files CS4 (HKLM\...\{F93C84A6-0DC6-42AF-89FA-776F7C377353}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM\...\{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM\...\{E4848436-0345-47E2-B648-8B522FCDA623}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop CS4 Support (HKLM\...\{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader 9.1 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Search for Help (HKLM\...\{F0E64E2E-3A60-40D8-A55D-92F6831875DA}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Service Manager Extension (HKLM\...\{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (HKLM\...\{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Setup (HKLM\...\{4F3E17F8-F1C8-4A4B-9EB8-1EE2D190CDA9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (HKLM\...\{29E5EA97-5F74-4A57-B8B2-D4F169117183}) (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support CS4 (HKLM\...\{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (HKLM\...\{E69AE897-9E0B-485C-8552-7841F48D42D8}) (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS4 (HKLM\...\{05308C4E-7285-4066-BAE3-6B50DA6ED755}) (Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (HKLM\...\{D0DFF92A-492E-4C40-B862-A74A173C25C5}) (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM\...\{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin (HKLM\...\{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (HKLM\...\{802771A9-A856-4A41-ACF7-1450E523C923}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS4 (HKLM\...\{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetCMYK (HKLM\...\{68243FF8-83CA-466B-B2B8-9F99DA5479C4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
AdobeColorCommonSetRGB (HKLM\...\{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
AIM for Windows (HKCU\...\AIM) (Version:  - AOL Inc.)
Apple Application Support (32-bit) (HKLM\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM\...\avast) (Version: 12.3.2280 - AVAST Software)
Bastion (HKLM\...\{7AF3D8F2-B2C2-4F8B-AFA4-C90001F56B1A}) (Version: 1.0.2 - Supergiant Games)
BlackBerry Desktop Software 6.1 (HKLM\...\{75157F34-02C6-4831-BD66-3BC49E7A8394}) (Version: 6.1.0.35 - Research In Motion Ltd.) Hidden
BlackBerry Desktop Software 6.1 (HKLM\...\BlackBerry_Desktop) (Version: 6.1.0.35 - Research In Motion Ltd.)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
CDisplay 1.8 (HKLM\...\CDisplay_is1) (Version:  - dvd8n)
Character Builder (HKLM\...\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}) (Version: 1.10.0000 - Wizards of the Coast)
Choice of Robots (HKLM\...\Steam App 339350) (Version:  - Choice of Games)
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Connect (HKLM\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
Copy (HKLM\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
CPUID HWMonitor 1.19 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative Audio Control Panel (HKLM\...\AudioCS) (Version: 2.56 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Creative Sound Blaster Properties (HKLM\...\Creative Sound Blaster Properties) (Version: 1.02 - Creative Technology Limited)
Crusader Kings II (HKLM\...\Crusader Kings II_is1) (Version:  - )
Democracy 3 (HKLM\...\Steam App 245470) (Version:  - Positech Games)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_F2400_SW_Min (HKLM\...\{5546F4E9-B0F4-4F54-B949-2AB006C9284F}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
doubleTwist Sync (HKLM\...\doubleTwist) (Version: 4.0.4.19778 - doubleTwist Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 15.4.22 - Dropbox, Inc.)
Else Heart.Break() (HKLM\...\Steam App 400110) (Version:  - Erik Svedäng)
EPUB File Reader (HKLM\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version:  - epubfilereader.com)
Evoland 2 (HKLM\...\Steam App 359310) (Version:  - Shiro Games)
F2400 (HKLM\...\{6DBB66CD-38C7-472C-BBB9-06BFDA182A29}) (Version: 140.0.690.000 - Hewlett-Packard) Hidden
FlashGet3.7 (HKLM\...\FlashGet3.7) (Version: 3.7.0.1203 - http://www.FlashGet.com)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 0.1.87 - NVIDIA Corporation) Hidden
Gemini Rue (HKLM\...\Steam App 80310) (Version:  - Joshua Neurnberger)
GOM Player (HKLM\...\GOM Player) (Version: 2.1.28.5039 - Gretech Corporation)
Google Chrome (HKLM\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hammerwatch (HKLM\...\Steam App 239070) (Version:  - Crackshell)
Her Story (HKLM\...\Steam App 368370) (Version:  - Sam Barlow)
Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
hide.me VPN 1.2.6 (HKLM\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.2.6 - eVenture Limited)
Hotspot Shield 3.19 (HKLM\...\HotspotShield) (Version: 3.19 - AnchorFree Inc.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart Ink Adv K510 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{8ACECC00-F05F-4B82-917D-14897CB29EF5}) (Version: 14.0 - HP)
HP Product Detection (HKLM\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}) (Version: 140.0.211.000 - Hewlett-Packard) Hidden
Icewind Dale: Enhanced Edition (HKLM\...\Steam App 321800) (Version:  - Beamdog)
Invisible, Inc. (HKLM\...\Steam App 243970) (Version:  - Klei Entertainment)
iSyncr (HKLM\...\{46ABA73A-9045-4BA4-9BAE-FA855F26EF47}) (Version: 5.1.6 - JRT Studio)
iTunes (HKLM\...\{3079C5C8-325A-4354-A733-456BACA1E5FB}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.77.3 - Oracle Corporation) Hidden
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Knights of Pen and Paper +1 (HKLM\...\Steam App 231740) (Version:  - Behold Studios)
kuler (HKLM\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Kvisoft PDF Merger 1.5.1 (HKLM\...\Kvisoft PDF Merger_is1) (Version: 1.5.1 - Kvisoft Co.,Ltd.)
Leap of Fate (HKLM\...\Steam App 363420) (Version:  - Clever-Plays)
Legend of the Five Rings: Character Manager 3.9.3 (HKLM\...\Legend of the Five Rings: Character Manager) (Version: 3.9.3 - openningia)
LINE (HKCU\...\LINE) (Version: 4.10.1.1256 - LINE Corporation)
LogMeIn Hamachi (HKLM\...\{91B5DF26-717A-4A5F-AB10-CD450FAD428C}) (Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
Long Live The Queen (HKLM\...\Steam App 251990) (Version:  - Hanako Games)
Magicka (HKLM\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (HKLM\...\{D360FA88-17C8-4F14-B67F-13AAF9607B12}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.427.2 - McAfee, Inc.)
McAfee WebAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.164 - McAfee, Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniLyrics (HKLM\...\MiniLyrics) (Version: 7.7.49 - Crintsoft)
mIRC (HKLM\...\mIRC) (Version: 7.22 - mIRC Co. Ltd.)
Mozilla Firefox 47.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Murder (HKLM\...\Steam App 404080) (Version:  - Peter Moorhead)
Neowing eBook Reader (HKLM\...\{d699819d-c1fa-44b0-97a6-a719e6adddd8}) (Version: 2.0.3.20652 - Neowing)
Neowing eBook Reader (HKLM\...\{F042EC29-5859-4B5A-85F8-1D1D23F99C7E}) (Version: 2.0.3.20652 - Neowing) Hidden
Network (HKLM\...\{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}) (Version: 140.0.215.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.95 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.5 - NVIDIA Corporation)
One Way Heroics (HKLM\...\Steam App 266210) (Version:  - Smoking WOLF)
OpenAL (HKLM\...\OpenAL) (Version:  - )
PDF Settings CS4 (HKLM\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Phantasy Star Online 2 (HKLM\...\http://pso2.jp/appid/release/asiasoft_sg_is1) (Version:  - Asiasoft)
Photoshop Camera Raw (HKLM\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pidgin (HKLM\...\Pidgin) (Version: 2.10.3 - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
PS_AIO_07_K510_SW_Min (HKLM\...\{9D04F9C5-A65D-4BCE-9AFA-9C96A6CDC6D3}) (Version: 140.0.343.000 - Hewlett-Packard) Hidden
Quantum Conundrum (HKLM\...\Quantum Conundrum_is1) (Version:  - )
Ratings War (HKLM\...\Steam App 406650) (Version:  - Choice of Games)
RealDownloader (HKLM\...\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}) (Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (HKLM\...\{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}) (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
RealUpgrade 1.1 (HKLM\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renowned Explorers: International Society (HKLM\...\Steam App 296970) (Version:  - Abbey Games)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
SafeZone Stable 1.51.2220.62 (HKLM\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
Second Copy 8 (HKLM\...\Second Copy 8_is1) (Version: 8.0.5.3 - Centered Systems)
Shadowrun Returns (HKLM\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM\...\Steam App 300550) (Version:  - Harebrained Schemes)
Shadowrun: Hong Kong (HKLM\...\Steam App 346940) (Version:  - Harebrained Schemes)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.05.28 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization 4 (HKLM\...\{4377F918-E6C9-4ECA-A7F5-754B310B7ED8}) (Version: 1.00.0000 - Firaxis Games) Hidden
Sid Meier's Civilization 4 (HKLM\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.09 - Firaxis Games)
Simple DNSCrypt (HKLM\...\{C0C0E944-6D87-4F0E-9446-3283A4A662A8}) (Version: 0.3.6 - bitbeans)
Simpo PDF Creator Pro 3.2.0.0 (HKLM\...\Simpo PDF Creator Pro_is1) (Version:  - )
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
SmartWebPrinting (HKLM\...\{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}) (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{5DCF0E4B-F8EA-4229-A0BD-5CA6D4AFB749}) (Version: 140.0.213.000 - Hewlett-Packard) Hidden
Spotflux (HKLM\...\Spotflux) (Version: 3.2.0 - Spotflux)
SpywareBlaster 4.6 (HKLM\...\SpywareBlaster_is1) (Version: 4.6.0 - Javacool Software LLC)
Stardew Valley (HKLM\...\Steam App 413150) (Version:  - ConcernedApe)
Status (HKLM\...\{2FB9EA69-51D4-4913-9AD5-762C034DE811}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stranded (HKLM\...\Steam App 295250) (Version:  - Peter Moorhead)
Suite Shared Configuration CS4 (HKLM\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
Sunset (HKLM\...\Steam App 287600) (Version:  - Tale of Tales)
Switch Sound File Converter (HKLM\...\Switch) (Version:  - NCH Software)
The Banner Saga (HKLM\...\Steam App 237990) (Version:  - Stoic)
The Banner Saga 2 (HKLM\...\Steam App 281640) (Version:  - Stoic)
The Guild II (HKLM\...\Steam App 39650) (Version:  - 4 Head Studios)
The Guild II: Renaissance (HKLM\...\Steam App 39680) (Version:  - Rune Forge)
The Marvellous Miss Take (HKLM\...\Steam App 327310) (Version:  - Wonderstruck)
Thea: The Awakening (HKLM\...\Steam App 378720) (Version:  - MuHa Games)
Toolbox (HKLM\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
TP-LINK Wireless Utility (HKLM\...\{6FFEF5E1-F7B0-40DD-838D-557BD7EE4301}) (Version: 1.5.6.0 - TP-LINK)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
TrayApp (HKLM\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
TunnelBear (HKLM\...\{35184AD1-A3C9-4B38-A1F3-3D9C48EFAAEC}) (Version: 2.3.25.0 - TunnelBear) Hidden
TunnelBear (HKLM\...\{90e7dc26-e7df-406b-af23-61df6728a9f6}) (Version: 2.3.25.0 - TunnelBear)
Undertale (HKLM\...\Steam App 391540) (Version:  - tobyfox)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplink (HKLM\...\Steam App 1510) (Version:  - Introversion Software)
VLC media player 2.0.1 (HKLM\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.17-3 - Wacom Technology Corp.)
WD SmartWare (HKLM\...\{232DB76D-4751-41A9-9EC2-CDC0DAC1FAB6}) (Version: 1.2.0.8 - Western Digital)
WebReg (HKLM\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.212.017 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Winamp (HKLM\...\Winamp) (Version: 5.623  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
 
========================= Devices: ================================
 
Name: Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Description: Realtek RTL8102E/RTL8103E Family PCI-E Fast Ethernet NIC (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_E0001458&REV_02\4&15E70C52&0&00E1
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: ROOT\*TEREDO\0000
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Photosmart Ink Adv K510
Description: Photosmart Ink Adv K510
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Device ID: ROOT\MULTIFUNCTION\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 71%
Total physical RAM: 3070.49 MB
Available physical RAM: 871.93 MB
Total Virtual: 6139.31 MB
Available Virtual: 2429.42 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Pertinence) (Fixed) (Total:97.66 GB) (Free:1.92 GB) NTFS
2 Drive d: (Providence) (Fixed) (Total:488.28 GB) (Free:54.74 GB) NTFS
3 Drive e: (Patience) (Fixed) (Total:488.28 GB) (Free:209.64 GB) NTFS
4 Drive f: (Persistence) (Fixed) (Total:135.13 GB) (Free:69.86 GB) NTFS
5 Drive g: (Prudence) (Fixed) (Total:443.23 GB) (Free:157.62 GB) NTFS
6 Drive h: (Perseverance) (Fixed) (Total:443.23 GB) (Free:5.24 GB) NTFS
8 Drive j: (HP V175W) (Removable) (Total:30.22 GB) (Free:29.1 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\PATH
 
Administrator            Guest                    UpdatusUser              
user                     
 
========================= Restore Points ==================================
 
13-11-2016 05:11:54 Windows Update
17-11-2016 13:54:02 Windows Update
20-11-2016 18:36:37 Windows Update
24-11-2016 06:53:07 Windows Update
27-11-2016 07:10:18 Windows Update
30-11-2016 07:30:33 Windows Update
30-11-2016 20:00:12 Windows Update
04-12-2016 14:39:29 Windows Update
08-12-2016 13:20:50 Windows Update
 
**** End of log ****


#5 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 12:31 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 12/9/2016
Scan Time: 10:49 PM
Logfile: 
Administrator: Yes
 
Version: 2.2.1.1043
Malware Database: v2016.12.09.14
Rootkit Database: v2016.11.20.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: user
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340869
Time Elapsed: 1 hr, 7 min, 24 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#6 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 09:28 PM

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
 
Database version:
  main:    v2016.12.09.16
  rootkit: v2016.11.20.01
 
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 11.0.9600.18524
user :: PATH [administrator]
 
12/10/2016 12:54:42 AM
mbar-log-2016-12-10 (00-54-42).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 346111
Time elapsed: 1 hour(s), 3 minute(s), 21 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)


#7 Trifoilum

Trifoilum
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:16 PM

Posted 09 December 2016 - 09:56 PM

Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2016 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 12/10/2016 09:28:35 AM in x86 mode.
Windows Version: Windows 7 Professional Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\user\Downloads\SecurityCheck.exe (PID: 4608) [UP-HEUR]
 * C:\Users\user\Downloads\FSS.exe (PID: 10152) [UP-HEUR]
 
2 proccesses terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Policies\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
Checking Windows Service Integrity: 
 
 * TBS [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 activate.adobe.com
  127.0.0.1 practivate.adobe.com
  127.0.0.1 ereg.adobe.com
  127.0.0.1 activate.wip3.adobe.com
  127.0.0.1 wip3.adobe.com
  127.0.0.1 3dns-3.adobe.com
  127.0.0.1 3dns-2.adobe.com
  127.0.0.1 adobe-dns.adobe.com
  127.0.0.1 adobe-dns-2.adobe.com
  127.0.0.1 adobe-dns-3.adobe.com
  127.0.0.1 ereg.wip3.adobe.com
  127.0.0.1 activate-sea.adobe.com
  127.0.0.1 wwis-dubc1-vip60.adobe.com
  127.0.0.1 activate-sjc0.adobe.com
  127.0.0.1                               adobe.activate.com
  0.0.0.1 mssplus.mcafee.com
  188.166.110.58 api.hide.me # Added by Hide.me VPN
 
Program finished at: 12/10/2016 09:48:57 AM
Execution time: 0 hours(s), 20 minute(s), and 21 seconds(s)

And...that's the initial first steps, I think?

....Now I wait; while using VPN to open EVERYTHING.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users