Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Black screen after log in, only window appearing is Windows Script Host Setting


  • Please log in to reply
2 replies to this topic

#1 WAVED

WAVED

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:16 AM

Posted 23 January 2017 - 02:06 PM

Hi there,

 

New to this site but saw some helpful people in a few threads that I've been browsing and thought I'd try my issue with you guys. Whenever I log into my OS account I'm greeted with a black screen (This applies to safe mode aswell). Explorer.exe has to be opened through task manager and is the only way I have any control over the PC at the moment. I've ran a MBAV scan here are the results:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 1/23/2017
Scan Time: 5:55 PM
Logfile: Scan 1 results.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2017.01.23.07
Rootkit Database: v2016.11.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jack

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 374341
Time Elapsed: 29 min, 32 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 4
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[97bc39469612bd7996c8d524b35009f7]
PUM.Optional.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[bd964e31852351e5c1bcb247758e4db3]
Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[7fd43c435652bf7799c553a69e65f60a]
PUM.Optional.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[66ed324d1197c07664193dbc986bbf41]

Folders: 0
(No malicious items detected)

Files: 93
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (34.195.153.94 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com), ,[8cc70877792ffe38a427823e87793ec2]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ile used by Microsoft TCP/IP for Windows.), ,[480ba0df4c5c52e4c506378903fd15eb]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 

# This is a sample HOSTS fi), ,[fa59730c1c8c0333f8d3516f8d73f30d]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file us), ,[173cb9c6d5d340f67556a9175ca4c040]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file ), ,[5300691662469f978f3cb709e020936d]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file used), ,[094a611e47614beb3893e4dc53ad5ea2]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 

# This is a sample HOSTS file used), ,[a7ac740b664204327d4e0db328d850b0]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS), ,[b2a11d629f09102602c988382ad6f40c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 

# This is a sample HOSTS), ,[450e621d1a8e8da96863655bf30d15eb]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS f), ,[0e45215eb7f181b5f8d3566ac937bd43]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS f), ,[b59e037ce5c3c6702f9ccaf65ba514ec]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS fil), ,[f261eb94ebbd53e349822f91d52b9f61]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS file), ,[361d6e11505857dfd0fba21e7789ff01]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file us), ,[e46fe897b0f851e50fbc6e52669a0bf5]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file used), ,[69ea2b54307844f2a229833d6e925ca4]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file used ), ,[e46f98e76a3e6fc7a922af11c0408977]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file), ,[183b69167335b284b516c4fc5aa6b947]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HO), ,[5003037ce7c18ea8ebe0ba06ef117090]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 

# This is a sample HOSTS file), ,[0053443b198f6dc9e2e9dbe5986853ad]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 

# This is a sample HOSTS fil), ,[f0634936961245f14487bf012dd31ce4]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 

# This is a sample HOSTS file u), ,[a7ac28576840a98d1ab1c4fcbc44f10f]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used B), ,[ea69433c8e1afd39fbd0d5ebf60aed13]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file use), ,[431093ecb8f01d193f8c7f41f20ebb45]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS), ,[5ff447387e2a9e988744ecd4e51b9070]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS), ,[a5ae0a75b2f63105d1fa734d30d0ab55]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS ), ,[064d27581494a88ed6f511afe31df20e]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS ), ,[143fabd48d1be84e27a406baf30d758b]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS file us), ,[79da324d9612f4427259edd31fe1df21]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 

# This is a sample HOSTS file u), ,[e370aad59e0a3df9ccff843cce32f907]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS fi), ,[8bc8403f7a2e79bdc6052a96ec1423dd]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS fi), ,[ea6985fafbad96a0d5f61ea2b84811ef]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOST), ,[8cc7ec93495f2a0c9c2f4c7413ed48b8]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS fi), ,[4d06b5ca0d9bf5413c8f06ba936daa56]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS f), ,[8dc64c333b6df6406665fcc4d828b54b]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 

# This is a sample HOSTS ), ,[e46fcfb0c2e683b3616abf0101fff40c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file use), ,[c98a215e67411d1901ca9c2408f8f40c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 

# This is a sample HOSTS file us), ,[351e8ff01a8efe387e4dd6ea41bf43bd]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS fil), ,[e86bd1ae66422b0b507bfcc4e51bc63a]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file), ,[b79ca6d91791a78f3e8d7f41e020847c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file u), ,[ce85a6d97830ec4a4a812b95758b54ac]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file u), ,[6ee5c6b9f1b7df57c407665af20e4fb1]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file u), ,[3f14c5ba2e7a7db93f8c14ac7d8340c0]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file used), ,[4a09245b00a833038a4137892cd4619f]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file used by Mi), ,[d38029562e7a0135aa21ccf454ac43bd]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used by Microsoft), ,[2a29146b5e4a74c2e9e2269ae41c748c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used B), ,[1d36daa5c9dffc3a0fbcfcc435cbc23e]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS ), ,[b89b98e79f0992a4913a8739857bbe42]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS file), ,[5bf866192b7de1552aa10ab6946c52ae]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file ), ,[eb683d42d6d2a98df4d7546c02fed52b]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS file use), ,[89ca9de24266ed49d8f39927b74959a7]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file used B), ,[a0b36619f6b2d06615b64c74e51b3cc4]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file u), ,[2231c5ba6444d165a6253d8301ff17e9]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 

# This is a sample HOSTS fil), ,[1d36afd0f9afc6709c2f5b6548b833cd]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file us), ,[e56e235ca4043ef8319aa61a847c5aa6]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOS), ,[2a29a9d62d7bd066f7d49a263ac68c74]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 

# This is a sample H), ,[b69de798d6d2c86e7c4f328e728ef907]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS file), ,[51028cf3099ffc3a19b2823e3ec28a76]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file use), ,[9cb7fb8456522313ca017d43b9473ac6]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS fi), ,[064d1d62d1d7d1658b40e3ddf10f57a9]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS file ), ,[bc975a252187ad8912b9219fba46fc04]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file used by), ,[bd961669d7d10d2920ab9b254fb1f40c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file us), ,[df7484fb6e3afa3c0bc0be024cb44ab6]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample H), ,[460d116e1791b3830ac1fdc33cc4738d]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 

# This is a sample HOSTS), ,[72e19ee1109873c325a6f2ced22e1de3]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file u), ,[76ddcdb20d9b7abcf8d3e9d7768a9e62]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file used by), ,[aca78af51e8a5adc8e3d368abd43718f]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used), ,[2132c5ba862243f308c3efd1a55bb749]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS file used ), ,[5cf7017ef5b3ee4810bb3f811be551af]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used by Micros), ,[371c7b043771c472dfec744c6a96738d]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file use), ,[6ae9502fd1d71b1b78532c949d63ef11]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOS), ,[3e156e116c3c6accba11e7d9a65a847c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 

# This is a sample HO), ,[99ba5e21fcac88ae2ba0e6daf709fc04]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 

# This is a sample HOSTS f), ,[e86b5f206b3df73f8447a61a4bb5837d]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file use), ,[b59e7708f9af77bfe0ebb30dff010af6]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 

# This is a sample HOSTS file us), ,[f85bd8a763450b2b8b407a463cc4f010]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 

# This is a sample HOSTS fi), ,[3d16c2bd06a232046b6015abf709e719]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 

# This is a sample HO), ,[64ef1f60921622146269f3cd2fd1758b]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 

# This is a sample HOSTS file use), ,[064d542b901857df6962586860a0847c]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS file used by ), ,[d57e8df2c8e080b6fbd0546c50b0c13f]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( 

# This is a sample HOSTS file used by Micro), ,[0b48c5ba1b8d0135dbf0734de51bb947]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( 

# This is a sample HOSTS file used B), ,[371ce39c1098003633985868a85822de]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 

# This is a sample HOSTS file used by M), ,[4e0581fed5d31125d4f7b30d20e041bf]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (

# This is a sample HOSTS file used by ), ,[b69db5ca0d9b54e2606b17a9d42cbe42]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 

# This is a sample HOSTS file used by), ,[ce858ff09a0eb97de6e5c6faeb152cd4]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 

# This is a sample HOSTS file ), ,[391a8bf4b5f368ce804bcef242be3ac6]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 

# This is a sample HOSTS file ), ,[3d16c3bc9d0bb97d25a688383cc456aa]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 

# This is a sample HOSTS fi), ,[dc7786f9fcac53e36b60a41ca25e32ce]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 

# This is a sample HOSTS file us), ,[0251d5aaaafe71c5ebe0dfe1da263cc4]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file used by ), ,[1e35532cb2f653e38249714f34cc9868]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 

# This is a sample HOSTS file), ,[8dc6710ee7c1ff37be0de8d8d32d50b0]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file used by Mic), ,[97bcc5ba4167bb7becdffbc5ba4620e0]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 

# This is a sample HOSTS file used), ,[440fc4bb7632da5c6764c6faf01005fb]
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 

# This is a sample HOSTS fil), ,[b89b4e31c9df10267457269a4db3e020]

Physical Sectors: 0
(No malicious items detected)

(end)

 

Any help/ Ideas would be greatly appreciated. Thanks guys.


Edited by hamluis, 23 January 2017 - 03:07 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 WAVED

WAVED
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:16 AM

Posted 23 January 2017 - 03:49 PM

This is the Combofix log:

 

ComboFix 17-01-13.01 - Jack 01/23/2017  20:29:16.1.4 - x64 NETWORK

 

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8053.6041 [GMT 0:00]

 

Running from: c:\users\Jack\Desktop\ComboFix.exe

 

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

* Created a new restore point

 

.

 

.

 

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

.

 

c:\programdata\ntuser.pol

 

c:\users\Jack\AppData\Local\assembly\tmp

 

c:\users\Jack\AppData\Local\Edtion\gkjhr.exe

 

c:\windows\msdownld.tmp

 

.

 

.

 

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

.

 

-------\Service_globalUpdate

 

.

 

.

 

(((((((((((((((((((((((((   Files Created from 2016-12-23 to 2017-01-23  )))))))))))))))))))))))))))))))

 

.

 

.

 

2017-01-23 20:24 . 2010-05-26 10:45 18816 ------w- c:\windows\SysWow64\SAVRKBootTasks.sys

 

2017-01-23 18:06 . 2010-05-26 10:39 6144 ------w- c:\windows\system32\4B05.tmp

 

2017-01-23 18:02 . 2010-05-26 10:39 6144 ------w- c:\windows\system32\A7D2.tmp

 

2017-01-23 18:02 . 2017-01-23 18:02 -------- d-----w- c:\program files (x86)\Sophos

 

2017-01-22 16:53 . 2017-01-22 22:09 -------- d-----w- c:\users\Jack\AppData\Local\IXNsoft

 

2017-01-22 16:49 . 2017-01-22 16:49 720033 ----a-w- c:\windows\unins000.exe

 

2017-01-22 16:49 . 2017-01-22 16:49 -------- d-----w- c:\program files (x86)\Anvusp

 

2017-01-22 16:49 . 2017-01-22 16:49 -------- d-----w- c:\windows\SysWow64\config\systemprofile\.proxycheck

 

2017-01-22 16:49 . 2017-01-22 16:49 -------- d-----w- c:\windows\SysWow64\sstmp

 

2017-01-22 16:49 . 2017-01-22 16:49 -------- d-----w- c:\windows\system32\sstmp

 

2017-01-22 16:49 . 2017-01-22 16:49 -------- d-----w- c:\windows\SysWow64\config\systemprofile\.AnonymizerLauncher

 

2017-01-22 16:48 . 2017-01-23 09:26 -------- d-----w- c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735

 

2017-01-22 16:48 . 2017-01-23 20:34 -------- d-----w- c:\users\Jack\AppData\Local\Edtion

 

2017-01-22 16:48 . 2017-01-22 22:09 -------- d-----w- c:\program files (x86)\AnonymizerGadget

 

2017-01-20 17:21 . 2017-01-20 17:21 -------- d-----w- C:\dev

 

2017-01-20 17:18 . 2017-01-20 17:18 -------- d-----w- c:\users\Jack\AppData\Local\GlimpseGame

 

2017-01-20 17:12 . 2017-01-20 17:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52E2081D-7E5B-4029-9132-BA402C656D06}\offreg.5804.dll

 

2017-01-20 13:57 . 2016-12-30 22:43 12229912 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{52E2081D-7E5B-4029-9132-BA402C656D06}\mpengine.dll

 

2017-01-20 01:36 . 2017-01-20 01:36 -------- d-----w- c:\users\Jack\AppData\Local\AbzuGame

 

2017-01-20 00:39 . 2017-01-20 00:41 -------- d-----w- c:\program files (x86)\ABZU

 

2017-01-16 12:08 . 2017-01-16 12:08 -------- d-----w- c:\users\Jack\AppData\Roaming\SmartSteamEmu

 

2017-01-12 02:24 . 2017-01-12 02:24 -------- d-----w- c:\users\Jack\AppData\Roaming\OBS

 

2017-01-11 23:19 . 2017-01-17 18:48 -------- d-----w- c:\users\Jack\AppData\Local\Ubisoft Game Launcher

 

2017-01-11 23:19 . 2017-01-11 23:19 -------- d-----w- c:\program files (x86)\Ubisoft

 

.

 

.

 

.

 

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

2017-01-23 17:55 . 2016-07-07 18:50 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

 

2017-01-23 09:26 . 2016-06-10 02:41 119296 ----a-w- c:\windows\SysWow64\zlib.dll

 

2017-01-08 19:41 . 2016-05-11 19:37 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

 

2017-01-08 19:41 . 2016-05-11 19:27 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

 

2016-12-06 17:07 . 2016-05-11 19:27 281032 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

 

2016-11-29 22:34 . 2016-11-29 22:34 28352 ----a-w- c:\windows\SysWow64\aspnet_counters.dll

 

2016-11-29 22:34 . 2016-11-29 22:34 19112 ----a-w- c:\windows\SysWow64\msvcr110_clr0400.dll

 

2016-11-29 22:34 . 2016-11-29 22:34 19112 ----a-w- c:\windows\SysWow64\msvcr100_clr0400.dll

 

2016-11-29 22:34 . 2016-11-29 22:34 19112 ----a-w- c:\windows\SysWow64\msvcp110_clr0400.dll

 

2016-11-29 22:27 . 2016-11-29 22:27 30400 ----a-w- c:\windows\system32\aspnet_counters.dll

 

2016-11-29 22:27 . 2016-11-29 22:27 19112 ----a-w- c:\windows\system32\msvcr110_clr0400.dll

 

2016-11-29 22:27 . 2016-11-29 22:27 19112 ----a-w- c:\windows\system32\msvcr100_clr0400.dll

 

2016-11-29 22:27 . 2016-11-29 22:27 19112 ----a-w- c:\windows\system32\msvcp110_clr0400.dll

 

2016-11-21 18:12 . 2016-12-14 11:07 109568 ----a-w- c:\windows\system32\hlink.dll

 

2016-11-20 16:19 . 2016-12-14 11:07 84992 ----a-w- c:\windows\SysWow64\hlink.dll

 

2016-11-20 14:07 . 2016-12-14 11:07 467392 ----a-w- c:\windows\system32\drivers\cng.sys

 

2016-11-17 16:41 . 2016-12-14 11:07 370920 ----a-w- c:\windows\system32\clfs.sys

 

2016-11-17 02:04 . 2016-11-25 15:53 1852352 ----a-w- c:\windows\system32\nvspcap64.dll

 

2016-11-17 02:04 . 2016-11-25 15:53 1755072 ----a-w- c:\windows\system32\nvspbridge64.dll

 

2016-11-17 02:04 . 2016-11-25 15:53 1452480 ----a-w- c:\windows\SysWow64\nvspcap.dll

 

2016-11-17 02:04 . 2016-11-25 15:53 1317312 ----a-w- c:\windows\SysWow64\nvspbridge.dll

 

2016-11-17 02:04 . 2016-11-25 15:53 120256 ----a-w- c:\windows\system32\NvRtmpStreamer64.dll

 

2016-11-17 02:04 . 2016-11-25 15:52 1951 ----a-w- c:\windows\NvContainerRecovery.bat

 

2016-11-17 02:04 . 2016-11-25 15:50 94144 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 9150704 ----a-w- c:\windows\SysWow64\nvopencl.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 8913328 ----a-w- c:\windows\SysWow64\nvptxJitCompiler.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 491536 ----a-w- c:\windows\system32\nvumdshimx.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 46024 ----a-w- c:\windows\system32\nvhdap64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 46016 ----a-w- c:\windows\system32\drivers\nvvad64v.sys

 

2016-11-17 02:04 . 2016-11-25 15:50 407064 ----a-w- c:\windows\SysWow64\nvumdshim.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 212936 ----a-w- c:\windows\system32\drivers\nvhda64v.sys

 

2016-11-17 02:04 . 2016-11-25 15:50 19936464 ----a-w- c:\windows\system32\nvwgf2umx.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 17361976 ----a-w- c:\windows\SysWow64\nvwgf2um.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 1595456 ----a-w- c:\windows\system32\nvhdagenco6420103.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 10912232 ----a-w- c:\windows\system32\nvptxJitCompiler.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 10795128 ----a-w- c:\windows\system32\nvopencl.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 104384 ----a-w- c:\windows\system32\nvaudcap64v.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 974272 ----a-w- c:\windows\SysWow64\NvFBC.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 943552 ----a-w- c:\windows\system32\NvIFR64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 895424 ----a-w- c:\windows\SysWow64\NvIFR.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 8754160 ----a-w- c:\windows\SysWow64\nvcuda.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 683640 ----a-w- c:\windows\system32\nvfatbinaryLoader.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 572888 ----a-w- c:\windows\SysWow64\nvfatbinaryLoader.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 520912 ----a-w- c:\windows\system32\nvEncodeAPI64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 438208 ----a-w- c:\windows\system32\NvIFROpenGL.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 436088 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 40123840 ----a-w- c:\windows\system32\nvcompiler.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 3941720 ----a-w- c:\windows\system32\nvapi64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 388544 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 3645496 ----a-w- c:\windows\system32\nvcuvid.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 35224632 ----a-w- c:\windows\SysWow64\nvcompiler.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 3479560 ----a-w- c:\windows\SysWow64\nvapi.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 34704952 ----a-w- c:\windows\system32\nvoglv64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 3206592 ----a-w- c:\windows\SysWow64\nvcuvid.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 28140088 ----a-w- c:\windows\SysWow64\nvoglv32.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 1953336 ----a-w- c:\windows\system32\nvdispco6437595.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 17440392 ----a-w- c:\windows\system32\nvd3dumx.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 170872 ----a-w- c:\windows\system32\nvinitx.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 1585088 ----a-w- c:\windows\system32\nvdispgenco6437595.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 153368 ----a-w- c:\windows\system32\nvoglshim64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 148016 ----a-w- c:\windows\SysWow64\nvinit.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 14410120 ----a-w- c:\windows\SysWow64\nvd3dum.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 14048312 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys

 

2016-11-17 02:04 . 2016-11-25 15:50 131536 ----a-w- c:\windows\SysWow64\nvoglshim32.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 1037248 ----a-w- c:\windows\system32\NvFBC64.dll

 

2016-11-17 02:04 . 2016-11-25 15:50 10346024 ----a-w- c:\windows\system32\nvcuda.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 6384576 ----a-w- c:\windows\system32\nvcpl.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 2477624 ----a-w- c:\windows\system32\nvsvc64.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 83512 ----a-w- c:\windows\system32\nv3dappshextr.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 69568 ----a-w- c:\windows\system32\nvshext.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 546752 ----a-w- c:\windows\system32\nv3dappshext.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 392128 ----a-w- c:\windows\system32\nvmctray.dll

 

2016-11-17 01:03 . 2016-11-25 15:52 1762752 ----a-w- c:\windows\system32\nvsvcr.dll

 

2016-11-17 00:46 . 2016-11-25 15:52 133056 ----a-w- c:\windows\SysWow64\nvStreaming.exe

 

2016-11-16 09:52 . 2016-11-25 15:52 7529957 ----a-w- c:\windows\system32\nvcoproc.bin

 

2016-11-14 23:27 . 2016-12-14 11:07 394448 ----a-w- c:\windows\system32\iedkcs32.dll

 

2016-11-12 19:48 . 2016-12-14 11:07 2724864 ----a-w- c:\windows\system32\mshtml.tlb

 

2016-11-12 19:48 . 2016-12-14 11:07 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll

 

2016-11-12 19:28 . 2016-12-14 11:07 66560 ----a-w- c:\windows\system32\iesetup.dll

 

2016-11-12 19:26 . 2016-12-14 11:07 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll

 

2016-11-12 19:26 . 2016-12-14 11:07 417792 ----a-w- c:\windows\system32\html.iec

 

2016-11-12 19:25 . 2016-12-14 11:07 88064 ----a-w- c:\windows\system32\MshtmlDac.dll

 

2016-11-12 19:25 . 2016-12-14 11:07 576000 ----a-w- c:\windows\system32\vbscript.dll

 

2016-11-12 19:21 . 2016-12-14 11:07 2896384 ----a-w- c:\windows\system32\iertutil.dll

 

2016-11-12 19:15 . 2016-12-14 11:07 54784 ----a-w- c:\windows\system32\jsproxy.dll

 

2016-11-12 19:14 . 2016-12-14 11:07 34304 ----a-w- c:\windows\system32\iernonce.dll

 

2016-11-12 19:09 . 2016-12-14 11:07 615936 ----a-w- c:\windows\system32\ieui.dll

 

2016-11-12 19:08 . 2016-12-14 11:07 114688 ----a-w- c:\windows\system32\ieetwcollector.exe

 

2016-11-12 19:08 . 2016-12-14 11:07 144384 ----a-w- c:\windows\system32\ieUnatt.exe

 

2016-11-12 19:08 . 2016-12-14 11:07 25759744 ----a-w- c:\windows\system32\mshtml.dll

 

2016-11-12 19:07 . 2016-12-14 11:07 814080 ----a-w- c:\windows\system32\jscript9diag.dll

 

2016-11-12 19:07 . 2016-12-14 11:07 817664 ----a-w- c:\windows\system32\jscript.dll

 

2016-11-12 18:56 . 2016-12-14 11:07 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe

 

2016-11-12 18:53 . 2016-12-14 11:07 6049280 ----a-w- c:\windows\system32\jscript9.dll

 

2016-11-12 18:52 . 2016-12-14 11:07 489984 ----a-w- c:\windows\system32\dxtmsft.dll

 

2016-11-12 18:47 . 2016-12-14 11:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb

 

2016-11-12 18:41 . 2016-12-14 11:07 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll

 

2016-11-12 18:40 . 2016-12-14 11:07 107520 ----a-w- c:\windows\system32\inseng.dll

 

2016-11-12 18:35 . 2016-12-14 11:07 199680 ----a-w- c:\windows\system32\msrating.dll

 

2016-11-12 18:34 . 2016-12-14 11:07 92160 ----a-w- c:\windows\system32\mshtmled.dll

 

.

 

.

 

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

 

.

 

.

 

*Note* empty entries & legit default entries are not shown

 

REGEDIT4

 

.

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

"DAEMON Tools Pro Agent"="c:\program files (x86)\DAEMON Tools Pro\DTAgent.exe" [2012-10-23 3108480]

 

"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2016-04-15 8698584]

 

.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

 

"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-02-21 292848]

 

.

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

 

"LoadAppInit_DLLs"=1 (0x1)

 

.

 

R1 QMUdisk;tencent QMUdisk;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\QMUdisk64.sys [x]

 

R1 SAVRKBootTasks;Boot Tasks Driver;c:\windows\system32\SAVRKBootTasks.sys;c:\windows\SYSNATIVE\SAVRKBootTasks.sys [x]

 

R1 softaal;softaal;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\softaal64.sys [x]

 

R1 SRepairDrv;SRepairDrv;c:\program files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv;c:\program files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv [x]

 

R2 AcuWVSSchedulerv6;Acunetix WVS Scheduler v6;c:\users\Jack\Documents\Security Applications\Acunetix\WVSScheduler.exe;c:\users\Jack\Documents\Security Applications\Acunetix\WVSScheduler.exe [x]

 

R2 BrsHelper;BrsHelper;c:\progra~2\YTDOWN~1\BROWSE~2.EXE;c:\progra~2\YTDOWN~1\BROWSE~2.EXE [x]

 

R2 chromoting;Chrome Remote Desktop Service;c:\program files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe;c:\program files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [x]

 

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

 

R2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]

 

R2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]

 

R2 gemeloki;Tower Photograph;c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\protc9ccc957-e20b-49ff-b175-8d5637dbfa4b.tmpfs;c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\protc9ccc957-e20b-49ff-b175-8d5637dbfa4b.tmpfs [x]

 

R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]

 

R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe;c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [x]

 

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]

 

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]

 

R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe;c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]

 

R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]

 

R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe;c:\program files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [x]

 

R2 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [x]

 

R2 Origin Web Helper Service;Origin Web Helper Service;c:\program files (x86)\Origin\OriginWebHelperService.exe;c:\program files (x86)\Origin\OriginWebHelperService.exe [x]

 

R2 PST Service;PST Service;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe;c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]

 

R2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Addon\Common\RaRegistry64.exe;c:\program files (x86)\Addon\Common\RaRegistry64.exe [x]

 

R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]

 

R2 sbmntr;sbmntr;c:\progra~2\YTDOWN~1\sbmntr.sys;c:\progra~2\YTDOWN~1\sbmntr.sys [x]

 

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

 

R2 tsnethlpx64;TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys;c:\program files (x86)\Tencent\QQPCMgr\11.5.17490.219\TsNetHlpX64.sys [x]

 

R2 Update service;Update service;c:\program files (x86)\Popcorn Time\Updater.exe;c:\program files (x86)\Popcorn Time\Updater.exe [x]

 

R2 zerivoco;Online Criteria;c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\kns28EB.tmp;c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\kns28EB.tmp [x]

 

R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]

 

R3 c2wts;Claims to Windows Token Service;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe;c:\program files\Windows Identity Foundation\v3.5\c2wtshost.exe [x]

 

R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]

 

R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\globalupdate.exe;c:\program files (x86)\globalUpdate\Update\globalupdate.exe [x]

 

R3 GPU-Z;GPU-Z;c:\users\Jack\AppData\Local\Temp\GPU-Z.sys;c:\users\Jack\AppData\Local\Temp\GPU-Z.sys [x]

 

R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]

 

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

 

R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

 

R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]

 

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]

 

R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]

 

R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]

 

R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\4B05.tmp;c:\windows\SYSNATIVE\4B05.tmp [x]

 

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]

 

R3 NTIOLib_MB;NTIOLib_MB;c:\program files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys;c:\program files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [x]

 

R3 NvContainerNetworkService;NVIDIA NetworkService Container;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe;c:\program files\NVIDIA Corporation\NvContainer\nvcontainer.exe [x]

 

R3 NvStreamKms;NVIDIA KMS;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]

 

R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]

 

R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]

 

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]

 

R3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]

 

R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.20);c:\windows\system32\DRIVERS\RtTeam620.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam620.sys [x]

 

R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan620.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan620.sys [x]

 

R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;c:\windows\system32\DRIVERS\rtwlane.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlane.sys [x]

 

R3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]

 

R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [x]

 

R3 TSSKX64;TSSKX64;c:\windows\system32\drivers\tsskx64.sys;c:\windows\SYSNATIVE\drivers\tsskx64.sys [x]

 

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

 

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

 

R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]

 

S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]

 

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]

 

S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]

 

S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]

 

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

 

.

 

.

 

--- Other Services/Drivers In Memory ---

 

.

 

*NewlyCreated* - WS2IFSL

 

.

 

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

 

LocalServiceAndNoImpersonation REG_MULTI_SZ    SSDPSRV upnphost SCardSvr QWAVE wcncsvc

 

.

 

Contents of the 'Scheduled Tasks' folder

 

.

 

.

 

--------- X64 Entries -----------

 

.

 

.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

 

"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-05-27 7611608]

 

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2015-05-26 500936]

 

"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]

 

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]

 

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]

 

"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2016-11-17 1852352]

 

.

 

------- Supplementary Scan -------

 

.

 

uLocal Page = c:\windows\system32\blank.htm

 

uDefault_Search_URL = www.google.com

 

mDefault_Search_URL = www.google.com

 

mDefault_Page_URL = www.google.com

 

mLocal Page = c:\windows\SysWOW64\blank.htm

 

mSearch Page = www.google.com

 

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000

 

Trusted Zone: baidu.com

 

TCP: DhcpNameServer = 194.168.4.100 194.168.8.100

 

.

 

- - - - ORPHANS REMOVED - - - -

 

.

 

Wow6432Node-HKCU-Run-Edtion - c:\users\Jack\AppData\Local\Edtion\gkjhr.exe

 

Wow6432Node-HKCU-Run-Ichsoft - c:\users\Jack\AppData\Local\Edtion\clglellj.dll

 

SafeBoot-MBAMSwissArmy

 

SafeBoot-QQPCRTP

 

AddRemove-{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1 - c:\games\World_of_Warships\unins000.exe

 

.

 

.

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\gemeloki]

 

"ImagePath"="c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\protc9ccc957-e20b-49ff-b175-8d5637dbfa4b.tmpfs"

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\MEMSWEEP2]

 

"ImagePath"="\??\c:\windows\system32\4B05.tmp"

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\SRepairDrv]

 

"ImagePath"="\??\c:\program files (x86)\Tencent\QQPCMGR\Plugins\SRepairDrv"

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\zerivoco]

 

"ImagePath"="c:\program files (x86)\c9ccc957-e20b-49ff-b175-8d5637dbfa4b1485103735\kns28EB.tmp"

 

.

 

--------------------- LOCKED REGISTRY KEYS ---------------------

 

.

 

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]

 

@Denied: (2) (LocalSystem)

 

"Progid"="ChromeHTML"

 

.

 

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]

 

@Denied: (2) (LocalSystem)

 

"Progid"="ChromeHTML"

 

.

 

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]

 

@Denied: (2) (LocalSystem)

 

"Progid"="ChromeHTML"

 

.

 

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]

 

@Denied: (2) (LocalSystem)

 

"Progid"="ChromeHTML"

 

.

 

[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]

 

@Denied: (2) (LocalSystem)

 

"Progid"="ChromeHTML"

 

.

 

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\PCW\Security]

 

@Denied: (Full) (Everyone)

 

.

 

------------------------ Other Running Processes ------------------------

 

.

 

c:\program files (x86)\DAEMON Tools Pro\DTShellHlp.exe

 

.

 

**************************************************************************

 

.

 

Completion time: 2017-01-23  20:44:44 - machine was rebooted

 

ComboFix-quarantined-files.txt  2017-01-23 20:44

 

.

 

Pre-Run: 134,173,163,520 bytes free

 

Post-Run: 133,613,633,536 bytes free

 

.

 

- - End Of File - - DAC17877EBAF72EBD7AF9D4DE0C6E0BB

 

A36C5E4F47E84449FF07ED3517B43A31

 

Any help would be so appreciated, getting worried about my rig :rip:



#3 WAVED

WAVED
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:08:16 AM

Posted 23 January 2017 - 04:06 PM

Didn't see the emojis, heres the Malwarebytes Log again:
 
Malwarebytes Anti-Malware
 
www.malwarebytes.org
 
 
Scan Date: 1/23/2017
 
Scan Time: 5:55 PM
 
Logfile: Scan 1 results.txt
 
Administrator: Yes
 
 
Version: 2.2.1.1043
 
Malware Database: v2017.01.23.07
 
Rootkit Database: v2016.11.20.01
 
License: Free
 
Malware Protection: Disabled
 
Malicious Website Protection: Disabled
 
Self-protection: Disabled
 
 
OS: Windows 7 Service Pack 1
 
CPU: x64
 
File System: NTFS
 
User: Jack
 
 
Scan Type: Threat Scan
 
Result: Completed
 
Objects Scanned: 374341
 
Time Elapsed: 29 min, 32 sec
 
 
Memory: Enabled
 
Startup: Enabled
 
Filesystem: Enabled
 
Archives: Enabled
 
Rootkits: Enabled
 
Heuristics: Enabled
 
PUP: Enabled
 
PUM: Enabled
 
 
Processes: 0
 
(No malicious items detected)
 
 
Modules: 0
 
(No malicious items detected)
 
 
Registry Keys: 0
 
(No malicious items detected)
 
 
Registry Values: 0
 
(No malicious items detected)
 
 
Registry Data: 4
 
Hijack.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[97bc39469612bd7996c8d524b35009f7]
 
PUM.Optional.UserInit, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[bd964e31852351e5c1bcb247758e4db3]
 
Hijack.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[7fd43c435652bf7799c553a69e65f60a]
 
PUM.Optional.UserInit, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Userinit, wscript,, Good: (userinit.exe), Bad: (wscript,),,[66ed324d1197c07664193dbc986bbf41]
 
 
Folders: 0
 
(No malicious items detected)
 
 
Files: 93
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (34.195.153.94 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com), ,[8cc70877792ffe38a427823e87793ec2]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ile used by Microsoft TCP/IP for Windows.), ,[480ba0df4c5c52e4c506378903fd15eb]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 
 

 
# This is a sample HOSTS fi), ,[fa59730c1c8c0333f8d3516f8d73f30d]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file us), ,[173cb9c6d5d340f67556a9175ca4c040]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file ), ,[5300691662469f978f3cb709e020936d]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file used), ,[094a611e47614beb3893e4dc53ad5ea2]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 
 

 
# This is a sample HOSTS file used), ,[a7ac740b664204327d4e0db328d850b0]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS), ,[b2a11d629f09102602c988382ad6f40c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 
 

 
# This is a sample HOSTS), ,[450e621d1a8e8da96863655bf30d15eb]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS f), ,[0e45215eb7f181b5f8d3566ac937bd43]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS f), ,[b59e037ce5c3c6702f9ccaf65ba514ec]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS fil), ,[f261eb94ebbd53e349822f91d52b9f61]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS file), ,[361d6e11505857dfd0fba21e7789ff01]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file us), ,[e46fe897b0f851e50fbc6e52669a0bf5]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file used), ,[69ea2b54307844f2a229833d6e925ca4]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file used ), ,[e46f98e76a3e6fc7a922af11c0408977]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file), ,[183b69167335b284b516c4fc5aa6b947]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HO), ,[5003037ce7c18ea8ebe0ba06ef117090]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 
 

 
# This is a sample HOSTS file), ,[0053443b198f6dc9e2e9dbe5986853ad]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 
 

 
# This is a sample HOSTS fil), ,[f0634936961245f14487bf012dd31ce4]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 
 

 
# This is a sample HOSTS file u), ,[a7ac28576840a98d1ab1c4fcbc44f10f]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used B), ,[ea69433c8e1afd39fbd0d5ebf60aed13]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file use), ,[431093ecb8f01d193f8c7f41f20ebb45]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS), ,[5ff447387e2a9e988744ecd4e51b9070]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS), ,[a5ae0a75b2f63105d1fa734d30d0ab55]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS ), ,[064d27581494a88ed6f511afe31df20e]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS ), ,[143fabd48d1be84e27a406baf30d758b]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS file us), ,[79da324d9612f4427259edd31fe1df21]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (p. 
 

 
# This is a sample HOSTS file u), ,[e370aad59e0a3df9ccff843cce32f907]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS fi), ,[8bc8403f7a2e79bdc6052a96ec1423dd]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS fi), ,[ea6985fafbad96a0d5f61ea2b84811ef]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOST), ,[8cc7ec93495f2a0c9c2f4c7413ed48b8]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS fi), ,[4d06b5ca0d9bf5413c8f06ba936daa56]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS f), ,[8dc64c333b6df6406665fcc4d828b54b]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 
 

 
# This is a sample HOSTS ), ,[e46fcfb0c2e683b3616abf0101fff40c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file use), ,[c98a215e67411d1901ca9c2408f8f40c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 
 

 
# This is a sample HOSTS file us), ,[351e8ff01a8efe387e4dd6ea41bf43bd]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS fil), ,[e86bd1ae66422b0b507bfcc4e51bc63a]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file), ,[b79ca6d91791a78f3e8d7f41e020847c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file u), ,[ce85a6d97830ec4a4a812b95758b54ac]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file u), ,[6ee5c6b9f1b7df57c407665af20e4fb1]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file u), ,[3f14c5ba2e7a7db93f8c14ac7d8340c0]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file used), ,[4a09245b00a833038a4137892cd4619f]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file used by Mi), ,[d38029562e7a0135aa21ccf454ac43bd]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used by Microsoft), ,[2a29146b5e4a74c2e9e2269ae41c748c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used B), ,[1d36daa5c9dffc3a0fbcfcc435cbc23e]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS ), ,[b89b98e79f0992a4913a8739857bbe42]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS file), ,[5bf866192b7de1552aa10ab6946c52ae]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file ), ,[eb683d42d6d2a98df4d7546c02fed52b]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS file use), ,[89ca9de24266ed49d8f39927b74959a7]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file used B), ,[a0b36619f6b2d06615b64c74e51b3cc4]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file u), ,[2231c5ba6444d165a6253d8301ff17e9]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (osoft Corp. 
 

 
# This is a sample HOSTS fil), ,[1d36afd0f9afc6709c2f5b6548b833cd]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file us), ,[e56e235ca4043ef8319aa61a847c5aa6]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOS), ,[2a29a9d62d7bd066f7d49a263ac68c74]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 
 

 
# This is a sample H), ,[b69de798d6d2c86e7c4f328e728ef907]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS file), ,[51028cf3099ffc3a19b2823e3ec28a76]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file use), ,[9cb7fb8456522313ca017d43b9473ac6]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS fi), ,[064d1d62d1d7d1658b40e3ddf10f57a9]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS file ), ,[bc975a252187ad8912b9219fba46fc04]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file used by), ,[bd961669d7d10d2920ab9b254fb1f40c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file us), ,[df7484fb6e3afa3c0bc0be024cb44ab6]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample H), ,[460d116e1791b3830ac1fdc33cc4738d]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 
 

 
# This is a sample HOSTS), ,[72e19ee1109873c325a6f2ced22e1de3]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file u), ,[76ddcdb20d9b7abcf8d3e9d7768a9e62]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file used by), ,[aca78af51e8a5adc8e3d368abd43718f]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used), ,[2132c5ba862243f308c3efd1a55bb749]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS file used ), ,[5cf7017ef5b3ee4810bb3f811be551af]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used by Micros), ,[371c7b043771c472dfec744c6a96738d]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file use), ,[6ae9502fd1d71b1b78532c949d63ef11]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOS), ,[3e156e116c3c6accba11e7d9a65a847c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 
 

 
# This is a sample HO), ,[99ba5e21fcac88ae2ba0e6daf709fc04]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 
 

 
# This is a sample HOSTS f), ,[e86b5f206b3df73f8447a61a4bb5837d]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file use), ,[b59e7708f9af77bfe0ebb30dff010af6]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (ft Corp. 
 

 
# This is a sample HOSTS file us), ,[f85bd8a763450b2b8b407a463cc4f010]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 
 

 
# This is a sample HOSTS fi), ,[3d16c2bd06a232046b6015abf709e719]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (crosoft Corp. 
 

 
# This is a sample HO), ,[64ef1f60921622146269f3cd2fd1758b]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (oft Corp. 
 

 
# This is a sample HOSTS file use), ,[064d542b901857df6962586860a0847c]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS file used by ), ,[d57e8df2c8e080b6fbd0546c50b0c13f]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( 
 

 
# This is a sample HOSTS file used by Micro), ,[0b48c5ba1b8d0135dbf0734de51bb947]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( 
 

 
# This is a sample HOSTS file used B), ,[371ce39c1098003633985868a85822de]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (t Corp. 
 

 
# This is a sample HOSTS file used by M), ,[4e0581fed5d31125d4f7b30d20e041bf]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (
 

 
# This is a sample HOSTS file used by ), ,[b69db5ca0d9b54e2606b17a9d42cbe42]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 
 

 
# This is a sample HOSTS file used by), ,[ce858ff09a0eb97de6e5c6faeb152cd4]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rp. 
 

 
# This is a sample HOSTS file ), ,[391a8bf4b5f368ce804bcef242be3ac6]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (orp. 
 

 
# This is a sample HOSTS file ), ,[3d16c3bc9d0bb97d25a688383cc456aa]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (rosoft Corp. 
 

 
# This is a sample HOSTS fi), ,[dc7786f9fcac53e36b60a41ca25e32ce]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (soft Corp. 
 

 
# This is a sample HOSTS file us), ,[0251d5aaaafe71c5ebe0dfe1da263cc4]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file used by ), ,[1e35532cb2f653e38249714f34cc9868]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: ( Corp. 
 

 
# This is a sample HOSTS file), ,[8dc6710ee7c1ff37be0de8d8d32d50b0]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file used by Mic), ,[97bcc5ba4167bb7becdffbc5ba4620e0]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (. 
 

 
# This is a sample HOSTS file used), ,[440fc4bb7632da5c6764c6faf01005fb]
 
Hijack.HostFile, C:\Windows\System32\drivers\etc\hosts, Good: (), Bad: (Corp. 
 

 
# This is a sample HOSTS fil), ,[b89b4e31c9df10267457269a4db3e020]
 
 
Physical Sectors: 0
 
(No malicious items detected)
 
 
 
(end)


I'm just gonna hope you can deal with translating emoji... sorry.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users