Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

HELP I HAVE BEEN HACKED BY A KOOBFACE WORM


  • Please log in to reply
44 replies to this topic

#1 HollyM

HollyM

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 21 February 2017 - 05:09 PM

I LOST EVERYTHING FROM FACEBOOK AND MY TWITTER TECH SUPPORT REMOTLY ACCESSED MY PC AND TOLD ME IT WAS A KOOBFACE WORM.

Edited by Platypus, 21 February 2017 - 05:15 PM.
Moved from Logs forum, no logs posted


BC AdBot (Login to Remove)

 


#2 blankiq

blankiq

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:06:06 PM

Posted 22 February 2017 - 01:38 PM

Twitter will never remotely access your computer. You were just scammed.



#3 Jaycan

Jaycan

  • Members
  • 461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:06 AM

Posted 23 February 2017 - 03:35 AM

MY TWITTER TECH SUPPORT REMOTLY ACCESSED MY PC

Hello,

Who did you ask to access your system, or did a company / person call to tell you there was an infection.

How do you know there is a "KOOBFACE WORM" infecting your computer.

 

Please establish these basics first.

 

Thank You.



Acer Computer with LG Monitor and Toshiba Laptop with Windows 7.1

Windows 64bit  8.1 - Always fully updated

Firefox / Google Chrome / Internet Explorer Browsers

Usually a home helper here or with friends and nimble fingered ladies who would rather sew or dust, but not clean the bugs out of a computer ...


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:06 PM

Posted 24 February 2017 - 02:44 PM

Hi ,also run these.
 
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista/Windows7, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.
Next MBAM

Download and install:

Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

Edited by boopme, 24 February 2017 - 02:45 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 28 February 2017 - 01:38 PM

the malware program froze on my pc, not responding, and wont go anywhere



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:06 PM

Posted 28 February 2017 - 02:26 PM

Can you restart the machine?
What is your Operating System?

Try to do these instead....

3Al62Pm.pngMiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
  • Remove found threats
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology

  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 28 February 2017 - 04:38 PM

cant close it cant do anything with it at all.



#8 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:06 AM

Posted 28 February 2017 - 05:13 PM

press the power button in and hold it in. The pc will eventually close down. This may take as long as 25 seconds.

 

Is this a laptop or a desktop tower ?


Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#9 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 28 February 2017 - 10:06 PM

These are the logs I got no clue what they mean.
 
 
 
Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/28/2017 01:21:57 PM in x64 mode.
Windows Version: Windows 10 Home 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]
 
 * agp440 [Missing ImagePath]
 
 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
 
 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\termsrv.dll : 987,648 : 07/16/2016 06:42 AM : 88155e17cebe11bb05bdddd1e130b8f0 [NoSig]
 +-> C:\WINDOWS\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.0_none_bc13ad436af6bbc9\termsrv.dll : 987,648 : 07/16/2016 06:42 AM : 88155e17cebe11bb05bdddd1e130b8f0 [Pos Repl]
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/28/2017 01:26:27 PM
Execution time: 0 hours(s), 4 minute(s), and 30 seconds(s)
 
 
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Holly Gryzelak (administrator) on 28-02-2017 at 20:33:59
Running from "C:\Users\Holly Gryzelak\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Satellite C55-A Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Connected)
Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : holly
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 00-8C-FA-6B-9F-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 4A-D2-24-4D-AE-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 48-D2-24-4D-AE-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a8c6:e983:e5ed:27d6%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.31(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 26, 2017 11:53:31 AM
   Lease Expires . . . . . . . . . . : Friday, March 3, 2017 8:27:52 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 357093924
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A2-8C-15-00-8C-FA-6B-9F-7E
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:d4e:efaa:1003:12c4:b9e7:ed5d(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1003:12c4:b9e7:ed5d%20(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 335544320
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A2-8C-15-00-8C-FA-6B-9F-7E
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  mynetwork
Address:  192.168.2.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:813::200e
 172.217.0.14
 
 
Pinging google.com [172.217.0.14] with 32 bytes of data:
Reply from 172.217.0.14: bytes=32 time=30ms TTL=54
Reply from 172.217.0.14: bytes=32 time=26ms TTL=54
 
Ping statistics for 172.217.0.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 30ms, Average = 28ms
Server:  mynetwork
Address:  192.168.2.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=41ms TTL=52
Reply from 98.139.183.24: bytes=32 time=46ms TTL=52
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 41ms, Maximum = 46ms, Average = 43ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...00 8c fa 6b 9f 7e ......Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
  6...4a d2 24 4d ae 35 ......Microsoft Wi-Fi Direct Virtual Adapter
  3...48 d2 24 4d ae 35 ......Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.31     55
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.2.0    255.255.255.0         On-link      192.168.2.31    311
     192.168.2.31  255.255.255.255         On-link      192.168.2.31    311
    192.168.2.255  255.255.255.255         On-link      192.168.2.31    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.2.31    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.2.31    311
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 20    331 2001::/32                On-link
 20    331 2001:0:d4e:efaa:1003:12c4:b9e7:ed5d/128
                                    On-link
  3    311 fe80::/64                On-link
 20    331 fe80::/64                On-link
 20    331 fe80::1003:12c4:b9e7:ed5d/128
                                    On-link
  3    311 fe80::a8c6:e983:e5ed:27d6/128
                                    On-link
  1    331 ff00::/8                 On-link
 20    331 ff00::/8                 On-link
  3    311 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/28/2017 05:36:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 05:13:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (02/28/2017 05:09:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/28/2017 05:08:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/28/2017 04:59:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:04:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HOLLY)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/28/2017 01:34:17 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 3.0.0.912 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1ccc
 
Start Time: 01d291f0deb79ef5
 
Termination Time: 60000
 
Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
 
Report Id: 4dd97cb5-fde4-11e6-af86-008cfa6b9f7e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (02/28/2017 08:29:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (02/28/2017 05:46:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/28/2017 05:08:18 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:18 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:08:17 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:17 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:08:16 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:16 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:01:27 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:01:27 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
 
Microsoft Office Sessions:
=========================
Error: (02/28/2017 05:36:17 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (02/28/2017 05:13:41 PM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (02/28/2017 05:09:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (02/28/2017 05:08:13 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
 
Error: (02/28/2017 04:59:21 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (02/28/2017 04:57:58 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestc:\users\holly gryzelak\downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:57:57 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Users\Holly Gryzelak\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:57:32 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Users\Holly Gryzelak\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:04:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HOLLY)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170
 
Error: (02/28/2017 01:34:17 PM) (Source: Application Hang)(User: )
Description: mbam.exe3.0.0.9121ccc01d291f0deb79ef560000C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe4dd97cb5-fde4-11e6-af86-008cfa6b9f7e
 
 
=========================== Installed Programs ============================
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
DriverUpdate (HKLM-x32\...\{B4A63B72-8F65-45BA-934F-B4AA62B70147}) (Version: 2.7.4 - Slimware Utilities Holdings, Inc.) Hidden
DriverUpdate (HKLM-x32\...\DriverUpdate) (Version: 2.7.4 - Slimware Utilities Holdings, Inc.)
DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
LG United Mobile Drivers (HKLM-x32\...\{F193D8D7-3D5E-4DB5-A74C-F8CD5378EE7B}) (Version: 3.12.3.0 - LG Electronics)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.337.392 - VoiceFive, Inc.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
SlimCleaner Plus (HKLM\...\{ABA29C63-B22D-45F8-BA20-7C8EF17B5E62}) (Version: 2.5.10 - Slimware Utilities Holdings, Inc.) Hidden
SlimCleaner Plus (HKLM\...\SlimCleaner Plus) (Version: 2.5.10 - Slimware Utilities Holdings, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.45 - Stardock Software, Inc.)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
The Logo Creator v5 (HKLM-x32\...\The Logo Creator v5) (Version:  - )
The Print Shop Business - Business Cards Premier 3.0.0.0 (HKLM-x32\...\TPSBCP3_is1) (Version:  - Riverdeep Inc, LLC)
The Print Shop Business - Label Creator Premier 3.0.0.0 (HKLM-x32\...\TPSLCP3_is1) (Version:  - Riverdeep Inc, LLC)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.5 - TOSHIBA)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.6 - Toshiba Corporation)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.04.01 - Toshiba Client Solutions Co., Ltd.)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.10 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.11.1 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.50.2  - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.37 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Zoom (HKCU\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
 
========================= Devices: ================================
 
Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C01\2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_1179FA20&REV_1001\4&1EC0F511&0&0001
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\0
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&191727BD&3&1
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1E2D&SUBSYS_FF1E1179&REV_04\3&11583659&0&D0
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: SWD\MSRRAS\MS_PPPOEMINIPORT
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\THRM
 
Name: Microsoft IPv4 IPv6 Transition Adapter Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\IP_TUNNEL_VBUS\IP_TUNNEL_DEVICE_ROOT
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE
 
Name: Microsoft RRAS Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSRRAS\{5E259276-BC7E-40E3-B93B-8F89B5F3ABC0}
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&10AB9051&0
 
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: SWD\MSRRAS\MS_PPTPMINIPORT
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000050500000
 
Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Device ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_1179FA20&REV_1000\4&1EC0F511&0&0301
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000040100000
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&10AB9051&0
 
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: SWD\MSRRAS\MS_AGILEVPNMINIPORT
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\ISATAP_0
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: TOSHIBA Firmware Linkage Driver
Description: TOSHIBA Firmware Linkage Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: FwLnk
Device ID: ACPI\TOS1901\2&DABA3FF&2
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1E26&SUBSYS_FF1E1179&REV_04\3&11583659&0&E8
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3F0D\4&10AB9051&0
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Toshiba Hotkey Driver
Description: Toshiba Hotkey Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Toshiba
Service: Thotkey
Device ID: TVALZ\TOSSYSHID\3&229B9CB8&0&TOSSYSHID
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0D\2&DABA3FF&2
 
Name: Intel® HD Graphics
Description: Intel® HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0156&SUBSYS_FA201179&REV_09\3&11583659&0&10
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&10AB9051&0
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\TOSSYSHID&COL03\4&52589F6&0&0002
 
Name: Send To OneNote 2016
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{42331D7F-FBF8-477C-8DF2-63D989DAD942}
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&6BD047C&0
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\TOSSYSHID&COL02\4&52589F6&0&0001
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{E286C92C-121B-4691-AB51-846EDAAABFCE}
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\TOSSYSHID&COL01\4&52589F6&0&0000
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#000000717C900000
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Wi-Fi
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{13284806-4293-441E-8967-3641534EEC17}
 
Name: Microsoft Radio Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{3DB5895D-CC28-44B3-AD3D-6F01A782B8D2}
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device
Description: TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: TVALZ
Device ID: ACPI\TOS1900\2&DABA3FF&2
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\4&10AB9051&0
 
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANBH
 
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIP
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_1E20&SUBSYS_FF1E1179&REV_04\3&11583659&0&D8
 
Name: Intel® Celeron® CPU 1037U @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_58_-_________INTEL®_CELERON®_CPU_1037U_@_1.80GHZ\_1
 
Name: Intel® Celeron® CPU 1037U @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_58_-_________INTEL®_CELERON®_CPU_1037U_@_1.80GHZ\_2
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&5CB5622&0
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\2&DABA3FF&2
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Device ID: HTREE\ROOT\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C04\4&10AB9051&0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#00000071CE700000
 
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: SWD\MSRRAS\MS_SSTPMINIPORT
 
Name: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Description: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: storahci
Device ID: PCI\VEN_8086&DEV_1E03&SUBSYS_FF1E1179&REV_04\3&11583659&0&FA
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{DB2EE18C-C48F-4C73-B3DB-3C742CB013BE}
 
Name: Intel® NM70 Express Chipset LPC Controller - 1E5F
Description: Intel® NM70 Express Chipset LPC Controller - 1E5F
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_1E5F&SUBSYS_FF1E1179&REV_04\3&11583659&0&F8
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&2
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{C3B2F47B-F0FF-4F73-9A9E-0653F604F9FB}
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_FF1E1179&REV_04\3&11583659&0&B0
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&19B4ACCD&0&01
 
Name: Legacy device
Description: Legacy device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&10AB9051&0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000000100000
 
Name: TOSHIBA Web Camera - HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_064E&PID_E374&MI_00\7&34C1266F&3&0000
 
Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{6A9FEFF1-B73C-4942-8EEC-C993B0065384}
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_1E10&SUBSYS_FF1E1179&REV_C4\3&11583659&0&E0
 
Name: Microsoft GS Wavetable Synth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\MICROSOFTGSWAVETABLESYNTH
 
Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\TOS0320\4&10AB9051&0
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\SDC4347\4&1E64BF67&0&UID67568640
 
Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_FF1E1179&REV_04\3&11583659&0&FB
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_064E&PID_E374\HF1016-T840-SE04-REV0202
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\TOS1101\4&10AB9051&0
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&1A2FE12C&3&1
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&10AB9051&0
 
Name: TOSHIBA MQ01ABF050
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_TOSHIBA&PROD_MQ01ABF050\4&23BFA7D7&0&000000
 
Name: MATbleepA DVD-RAM UJ8C2
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_MATbleepA&PROD_DVD-RAM_UJ8C2\4&23BFA7D7&0&050000
 
Name: Memory Controller
Description: Memory Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_0154&SUBSYS_FF1E1179&REV_09\3&11583659&0&00
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT340E\2&DABA3FF&2
 
Name: TOSHIBA tos_sps64 Driver
Description: TOSHIBA tos_sps64 Driver
Class Guid: {8bbd94a0-a150-11d4-a878-0040265b73ee}
Manufacturer: TOSHIBA Corporation
Service: tos_sps64
Device ID: ROOT\TOSSEC\0000
 
Name: Microsoft Print to PDF
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{D6ACC1D3-7FE3-4F10-94BB-BC7F810A58D7}
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000058500000
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Device ID: ROOT\SYSTEM\0001
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\ITFS
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Device ID: PCI\VEN_10EC&DEV_8179&SUBSYS_018110EC&REV_01\4&2EEAE01&0&00E1
 
Name: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Device ID: PCI\VEN_1969&DEV_1090&SUBSYS_FF1E1179&REV_10\4&12860E61&0&00E0
 
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIPV6
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_1E12&SUBSYS_FF1E1179&REV_C4\3&11583659&0&E1
 
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: SWD\MSRRAS\MS_L2TPMINIPORT
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 3975.27 MB
Available physical RAM: 1464.78 MB
Total Virtual: 6855.37 MB
Available Virtual: 3834.71 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Hard Drive) (Fixed) (Total:452.57 GB) (Free:190.56 GB) NTFS
2 Drive d: (TMNT_SAVANTI_PT_1) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\HOLLY
 
Administrator            DefaultAccount           Guest                    
Holly Gryzelak           
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
 
**** End of log ****
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by Holly Gryzelak (Administrator) on Tue 02/28/2017 at 16:55:49.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 37 
 
Failed to delete: C:\Program Files (x86)\Common Files\avg secure search\vtoolbarupdater (Folder) 
Failed to delete: C:\Program Files (x86)\inboxace_1g (Folder) 
Failed to delete: C:\Program Files (x86)\premieropinion (Folder) 
Failed to delete: C:\Program Files\slimservice (Folder) 
Successfully deleted: C:\ProgramData\apn (Folder) 
Successfully deleted: C:\ProgramData\appverifier (Folder) 
Successfully deleted: C:\ProgramData\avg security toolbar (Folder) 
Successfully deleted: C:\ProgramData\slimware utilities inc (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\driverupdate (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\slimcleaner plus (Folder) 
Successfully deleted: C:\ProgramData\tweakbit (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\downloaded installers (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\iac (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\inboxace_1g (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\pokki (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\slimware utilities inc (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\iac (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\inboxace_1g (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\inboxace_1gei (Folder) 
Successfully deleted: C:\Users\Public\Desktop\driverupdate.lnk (Shortcut) 
Successfully deleted: C:\Users\Public\Desktop\slimcleaner plus.lnk (Shortcut) 
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder) 
Successfully deleted: C:\WINDOWS\system32\drivers\swdumon.sys (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\SlimCleaner Plus (Scheduled Scan - Holly Gryzelak) (Task)
Successfully deleted: C:\WINDOWS\Tasks\DriverUpdate Scan.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\DriverUpdate Startup.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Holly Gryzelak).job (Task) 
Successfully deleted: C:\Program Files (x86)\avg safeguard toolbar (Folder) 
Successfully deleted: C:\Program Files (x86)\avg security toolbar (Folder) 
Successfully deleted: C:\Program Files (x86)\driverupdate (Folder) 
Successfully deleted: C:\Program Files\comodo\geekbuddy (Folder) 
Successfully deleted: C:\Program Files\slimcleaner plus (Folder) 
 
 
 
Registry: 23 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B0DD3B3E6F293D913595DC4CCD06528B (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SlimCleaner Plus (Registry Value) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle (Registry Key) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxAce AppIntegrator 64-bit (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxAce Search Scope Monitor (Registry Value) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\PremierOpinion (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SlimService (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\vToolbarUpdater40.3.7 (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3775afd7-5921-4571-968f-85a631203d1c} (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F771523C-3D0A-457F-A192-EECA39A3D2E8} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3775afd7-5921-4571-968f-85a631203d1c} (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/28/2017 at 17:40:12.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#10 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 28 February 2017 - 10:07 PM

These are the logs I got no clue what they mean.
 
 
 
Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 02/28/2017 01:21:57 PM in x64 mode.
Windows Version: Windows 10 Home 
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * gagp30kx [Missing Service]
 * IEEtwCollectorService [Missing Service]
 * IoQos [Missing Service]
 * nv_agp [Missing Service]
 * TimeBroker [Missing Service]
 * uagp35 [Missing Service]
 * uliagpkx [Missing Service]
 * WcsPlugInService [Missing Service]
 * wpcfltr [Missing Service]
 * WSService [Missing Service]
 
 * agp440 [Missing ImagePath]
 
 * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath]
 * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath]
 
 * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL]
 
Searching for Missing Digital Signatures: 
 
 * C:\WINDOWS\System32\termsrv.dll : 987,648 : 07/16/2016 06:42 AM : 88155e17cebe11bb05bdddd1e130b8f0 [NoSig]
 +-> C:\WINDOWS\WinSxS\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_10.0.14393.0_none_bc13ad436af6bbc9\termsrv.dll : 987,648 : 07/16/2016 06:42 AM : 88155e17cebe11bb05bdddd1e130b8f0 [Pos Repl]
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 02/28/2017 01:26:27 PM
Execution time: 0 hours(s), 4 minute(s), and 30 seconds(s)
 
 
 
MiniToolBox by Farbar  Version: 17-06-2016
Ran by Holly Gryzelak (administrator) on 28-02-2017 at 20:33:59
Running from "C:\Users\Holly Gryzelak\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Satellite C55-A Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Connected)
Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30) = Ethernet (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : holly
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
   Physical Address. . . . . . . . . : 00-8C-FA-6B-9F-7E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 11:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 4A-D2-24-4D-AE-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 48-D2-24-4D-AE-35
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::a8c6:e983:e5ed:27d6%3(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.2.31(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, February 26, 2017 11:53:31 AM
   Lease Expires . . . . . . . . . . : Friday, March 3, 2017 8:27:52 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 357093924
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A2-8C-15-00-8C-FA-6B-9F-7E
   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.home:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:d4e:efaa:1003:12c4:b9e7:ed5d(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1003:12c4:b9e7:ed5d%20(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 335544320
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-A2-8C-15-00-8C-FA-6B-9F-7E
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  mynetwork
Address:  192.168.2.1
 
Name:    google.com
Addresses:  2607:f8b0:4009:813::200e
 172.217.0.14
 
 
Pinging google.com [172.217.0.14] with 32 bytes of data:
Reply from 172.217.0.14: bytes=32 time=30ms TTL=54
Reply from 172.217.0.14: bytes=32 time=26ms TTL=54
 
Ping statistics for 172.217.0.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 26ms, Maximum = 30ms, Average = 28ms
Server:  mynetwork
Address:  192.168.2.1
 
Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
 2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 98.138.253.109
 206.190.36.45
 98.139.183.24
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=41ms TTL=52
Reply from 98.139.183.24: bytes=32 time=46ms TTL=52
 
Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 41ms, Maximum = 46ms, Average = 43ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  4...00 8c fa 6b 9f 7e ......Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
  6...4a d2 24 4d ae 35 ......Microsoft Wi-Fi Direct Virtual Adapter
  3...48 d2 24 4d ae 35 ......Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1     192.168.2.31     55
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.2.0    255.255.255.0         On-link      192.168.2.31    311
     192.168.2.31  255.255.255.255         On-link      192.168.2.31    311
    192.168.2.255  255.255.255.255         On-link      192.168.2.31    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.2.31    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.2.31    311
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 20    331 2001::/32                On-link
 20    331 2001:0:d4e:efaa:1003:12c4:b9e7:ed5d/128
                                    On-link
  3    311 fe80::/64                On-link
 20    331 fe80::/64                On-link
 20    331 fe80::1003:12c4:b9e7:ed5d/128
                                    On-link
  3    311 fe80::a8c6:e983:e5ed:27d6/128
                                    On-link
  1    331 ff00::/8                 On-link
 20    331 ff00::/8                 On-link
  3    311 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (02/28/2017 05:36:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 05:13:41 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW.  hr = 0x80070006, The handle is invalid.
.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (02/28/2017 05:09:24 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
Error: (02/28/2017 05:08:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.
 
Error: (02/28/2017 04:59:21 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:58 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:57 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:57:32 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
 
Error: (02/28/2017 04:04:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: HOLLY)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (02/28/2017 01:34:17 PM) (Source: Application Hang) (User: )
Description: The program mbam.exe version 3.0.0.912 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1ccc
 
Start Time: 01d291f0deb79ef5
 
Termination Time: 60000
 
Application Path: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
 
Report Id: 4dd97cb5-fde4-11e6-af86-008cfa6b9f7e
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (02/28/2017 08:29:44 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
 
Error: (02/28/2017 05:46:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (02/28/2017 05:08:18 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:18 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:08:17 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:17 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:08:16 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:08:16 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
Error: (02/28/2017 05:01:27 PM) (Source: Service Control Manager) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275 = This driver has been blocked from loading
 
 
Error: (02/28/2017 05:01:27 PM) (Source: Application Popup) (User: )
Description: \??\C:\Users\HOLLYG~1\AppData\Local\Temp\ehdrv.sys
 
 
Microsoft Office Sessions:
=========================
Error: (02/28/2017 05:36:17 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (02/28/2017 05:13:41 PM) (Source: VSS)(User: )
Description: QueryFullProcessImageNameW0x80070006, The handle is invalid.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (02/28/2017 05:09:24 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
Error: (02/28/2017 05:08:13 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1
 
Error: (02/28/2017 04:59:21 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (02/28/2017 04:57:58 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestc:\users\holly gryzelak\downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:57:57 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Users\Holly Gryzelak\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:57:32 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifestC:\Users\Holly Gryzelak\Downloads\esetsmartinstaller_enu.exe
 
Error: (02/28/2017 04:04:51 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: HOLLY)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170
 
Error: (02/28/2017 01:34:17 PM) (Source: Application Hang)(User: )
Description: mbam.exe3.0.0.9121ccc01d291f0deb79ef560000C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe4dd97cb5-fde4-11e6-af86-008cfa6b9f7e
 
 
=========================== Installed Programs ============================
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
Adobe Reader XI  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Citrix Online Launcher (HKLM-x32\...\{48947098-A67C-46D4-90C5-9F2F6F0F96FE}) (Version: 1.0.449 - Citrix)
DriverUpdate (HKLM-x32\...\{B4A63B72-8F65-45BA-934F-B4AA62B70147}) (Version: 2.7.4 - Slimware Utilities Holdings, Inc.) Hidden
DriverUpdate (HKLM-x32\...\DriverUpdate) (Version: 2.7.4 - Slimware Utilities Holdings, Inc.)
DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
InboxAce Internet Explorer Toolbar (HKLM-x32\...\InboxAce_1gbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network)
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
LG United Mobile Drivers (HKLM-x32\...\{F193D8D7-3D5E-4DB5-A74C-F8CD5378EE7B}) (Version: 3.12.3.0 - LG Electronics)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.1.12.73 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.337.392 - VoiceFive, Inc.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Realtek USB Card Reader (HKLM-x32\...\{1E496A68-4943-424E-829D-5C3C85B7B8F2}) (Version: 6.2.9200.39041 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
SlimCleaner Plus (HKLM\...\{ABA29C63-B22D-45F8-BA20-7C8EF17B5E62}) (Version: 2.5.10 - Slimware Utilities Holdings, Inc.) Hidden
SlimCleaner Plus (HKLM\...\SlimCleaner Plus) (Version: 2.5.10 - Slimware Utilities Holdings, Inc.)
Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.45 - Stardock Software, Inc.)
Stronghold Crusader (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
The Logo Creator v5 (HKLM-x32\...\The Logo Creator v5) (Version:  - )
The Print Shop Business - Business Cards Premier 3.0.0.0 (HKLM-x32\...\TPSBCP3_is1) (Version:  - Riverdeep Inc, LLC)
The Print Shop Business - Label Creator Premier 3.0.0.0 (HKLM-x32\...\TPSLCP3_is1) (Version:  - Riverdeep Inc, LLC)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.5 - TOSHIBA)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.6 - Toshiba Corporation)
TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.04.01 - Toshiba Client Solutions Co., Ltd.)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Desktop Assist (HKLM\...\{C4CDCEF0-0A7A-4425-887C-33E39533D758}) (Version: 1.03.08.6402 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\{B1786E63-2127-42C9-95A3-146E5F727BF1}) (Version: v2.0.0.10 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.11.1 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.50.2  - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.37 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Zoom (HKCU\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
 
========================= Devices: ================================
 
Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C01\2
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\1
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C02\2
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0269&SUBSYS_1179FA20&REV_1001\4&1EC0F511&0&0001
 
Name: Microsoft ACPI-Compliant Control Method Battery
Description: Microsoft ACPI-Compliant Control Method Battery
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\PNP0C0A\1
 
Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0B\0
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\PRINTQUEUES
 
Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: volmgr
Device ID: ROOT\VOLMGR\0000
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&191727BD&3&1
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E2D
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1E2D&SUBSYS_FF1E1179&REV_04\3&11583659&0&D0
 
Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Device ID: SWD\MSRRAS\MS_PPPOEMINIPORT
 
Name: Microsoft Basic Display Driver
Description: Microsoft Basic Display Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard display types)
Service: BasicDisplay
Device ID: ROOT\BASICDISPLAY\0000
 
Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\THERMALZONE\THRM
 
Name: Microsoft IPv4 IPv6 Transition Adapter Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\IP_TUNNEL_VBUS\IP_TUNNEL_DEVICE_ROOT
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\TEREDO_TUNNEL_DEVICE
 
Name: Microsoft RRAS Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSRRAS\{5E259276-BC7E-40E3-B93B-8F89B5F3ABC0}
 
Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0B00\4&10AB9051&0
 
Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Device ID: SWD\MSRRAS\MS_PPTPMINIPORT
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000050500000
 
Name: Intel® Display Audio
Description: Intel® Display Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel® Corporation
Service: IntcDAud
Device ID: HDAUDIO\FUNC_01&VEN_8086&DEV_2806&SUBSYS_1179FA20&REV_1000\4&1EC0F511&0&0301
 
Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0103\0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000040100000
 
Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0000\4&10AB9051&0
 
Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Device ID: SWD\MSRRAS\MS_AGILEVPNMINIPORT
 
Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus
Device ID: ROOT\COMPOSITEBUS\0000
 
Name: Microsoft Virtual Drive Enumerator
Description: Microsoft Virtual Drive Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vdrvroot
Device ID: ROOT\VDRVROOT\0000
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Device ID: SWD\IP_TUNNEL_VBUS\ISATAP_0
 
Name: Microsoft Storage Spaces Controller
Description: Microsoft Storage Spaces Controller
Class Guid: {4d36e97b-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: spaceport
Device ID: ROOT\SPACEPORT\0000
 
Name: TOSHIBA Firmware Linkage Driver
Description: TOSHIBA Firmware Linkage Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: FwLnk
Device ID: ACPI\TOS1901\2&DABA3FF&2
 
Name: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Description: Intel® 7 Series/C216 Chipset Family USB Enhanced Host Controller - 1E26
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel
Service: usbehci
Device ID: PCI\VEN_8086&DEV_1E26&SUBSYS_FF1E1179&REV_04\3&11583659&0&E8
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Device ID: ROOT\KDNIC\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT3F0D\4&10AB9051&0
 
Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service: 
Device ID: STORAGE\VOLUMESNAPSHOT\HARDDISKVOLUMESNAPSHOT1
 
Name: Toshiba Hotkey Driver
Description: Toshiba Hotkey Driver
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Toshiba
Service: Thotkey
Device ID: TVALZ\TOSSYSHID\3&229B9CB8&0&TOSSYSHID
 
Name: ACPI Lid
Description: ACPI Lid
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0D\2&DABA3FF&2
 
Name: Intel® HD Graphics
Description: Intel® HD Graphics
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: igfx
Device ID: PCI\VEN_8086&DEV_0156&SUBSYS_FA201179&REV_09\3&11583659&0&10
 
Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0200\4&10AB9051&0
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\TOSSYSHID&COL03\4&52589F6&0&0002
 
Name: Send To OneNote 2016
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{42331D7F-FBF8-477C-8DF2-63D989DAD942}
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&6BD047C&0
 
Name: HID-compliant wireless radio controls
Description: HID-compliant wireless radio controls
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Device ID: HID\TOSSYSHID&COL02\4&52589F6&0&0001
 
Name: Microphone (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.1.00000000}.{E286C92C-121B-4691-AB51-846EDAAABFCE}
 
Name: HID-compliant consumer control device
Description: HID-compliant consumer control device
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: 
Device ID: HID\TOSSYSHID&COL01\4&52589F6&0&0000
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#000000717C900000
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
 
Name: Wi-Fi
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{13284806-4293-441E-8967-3641534EEC17}
 
Name: Microsoft Radio Device Enumeration Bus
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\RADIO\{3DB5895D-CC28-44B3-AD3D-6F01A782B8D2}
 
Name: Microsoft Device Association Root Enumerator
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MSDAS\{CE958E9A-424F-4C88-86F4-11314821E75A}
 
Name: ACPI x64-based PC
Description: ACPI x64-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL
Device ID: ROOT\ACPI_HAL\0000
 
Name: TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device
Description: TOSHIBA x64 ACPI-Compliant Value Added Logical and General Purpose Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: TOSHIBA
Service: TVALZ
Device ID: ACPI\TOS1900\2&DABA3FF&2
 
Name: Microsoft AC Adapter
Description: Microsoft AC Adapter
Class Guid: {72631e54-78a4-11d0-bcf7-00aa00b7b32a}
Manufacturer: Microsoft
Service: CmBatt
Device ID: ACPI\ACPI0003\4&10AB9051&0
 
Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANBH
 
Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIP
 
Name: PCI Express Root Complex
Description: PCI Express Root Complex
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci
Device ID: ACPI\PNP0A08\0
 
Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus
Device ID: PCI\VEN_8086&DEV_1E20&SUBSYS_FF1E1179&REV_04\3&11583659&0&D8
 
Name: Intel® Celeron® CPU 1037U @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_58_-_________INTEL®_CELERON®_CPU_1037U_@_1.80GHZ\_1
 
Name: Intel® Celeron® CPU 1037U @ 1.80GHz
Description: Intel Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Intel
Service: intelppm
Device ID: ACPI\GENUINEINTEL_-_INTEL64_FAMILY_6_MODEL_58_-_________INTEL®_CELERON®_CPU_1037U_@_1.80GHZ\_2
 
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub
Device ID: USB\ROOT_HUB20\4&5CB5622&0
 
Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C0C\2&DABA3FF&2
 
Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI
Device ID: ACPI_HAL\PNP0C08\0
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Device ID: HTREE\ROOT\0
 
Name: Microsoft Basic Render Driver
Description: Microsoft Basic Render Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BasicRender
Device ID: ROOT\BASICRENDER\0000
 
Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0C04\4&10AB9051&0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#00000071CE700000
 
Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Device ID: SWD\MSRRAS\MS_SSTPMINIPORT
 
Name: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Description: Intel® 7 Series/C216 Chipset Family SATA AHCI Controller - 1E03
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: storahci
Device ID: PCI\VEN_8086&DEV_1E03&SUBSYS_FF1E1179&REV_04\3&11583659&0&FA
 
Name: Microsoft XPS Document Writer
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{DB2EE18C-C48F-4C73-B3DB-3C742CB013BE}
 
Name: Intel® NM70 Express Chipset LPC Controller - 1E5F
Description: Intel® NM70 Express Chipset LPC Controller - 1E5F
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: msisadrv
Device ID: PCI\VEN_8086&DEV_1E5F&SUBSYS_FF1E1179&REV_04\3&11583659&0&F8
 
Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\FIXEDBUTTON\2&DABA3FF&2
 
Name: Fax
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{C3B2F47B-F0FF-4F73-9A9E-0653F604F9FB}
 
Name: Intel® Management Engine Interface 
Description: Intel® Management Engine Interface 
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: MEIx64
Device ID: PCI\VEN_8086&DEV_1E3A&SUBSYS_FF1E1179&REV_04\3&11583659&0&B0
 
Name: Microsoft Wi-Fi Direct Virtual Adapter
Description: Microsoft Wi-Fi Direct Virtual Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Device ID: {5D624F94-8850-40C3-A3FA-A4FD2080BAF3}\VWIFIMP_WFD\5&19B4ACCD&0&01
 
Name: Legacy device
Description: Legacy device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: ACPI\INT0800\4&10AB9051&0
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000000100000
 
Name: TOSHIBA Web Camera - HD
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Device ID: USB\VID_064E&PID_E374&MI_00\7&34C1266F&3&0000
 
Name: Speakers (Realtek High Definition Audio)
Description: Audio Endpoint
Class Guid: {c166523c-fe0c-4a94-a586-f1a80cfbbf3e}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\{0.0.0.00000000}.{6A9FEFF1-B73C-4942-8EEC-C993B0065384}
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 1 - 1E10
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_1E10&SUBSYS_FF1E1179&REV_C4\3&11583659&0&E0
 
Name: Microsoft GS Wavetable Synth
Description: Generic software device
Class Guid: {62f9c741-b25a-46ce-b54c-9bccce08b6f2}
Manufacturer: Microsoft
Service: 
Device ID: SWD\MMDEVAPI\MICROSOFTGSWAVETABLESYNTH
 
Name: Synaptics PS/2 Port TouchPad
Description: Synaptics PS/2 Port TouchPad
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: i8042prt
Device ID: ACPI\TOS0320\4&10AB9051&0
 
Name: Generic PnP Monitor
Description: Generic PnP Monitor
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard monitor types)
Service: monitor
Device ID: DISPLAY\SDC4347\4&1E64BF67&0&UID67568640
 
Name: Synaptics SMBus Driver
Description: Synaptics SMBus Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Synaptics
Service: SmbDrvI
Device ID: PCI\VEN_8086&DEV_1E22&SUBSYS_FF1E1179&REV_04\3&11583659&0&FB
 
Name: USB Composite Device
Description: USB Composite Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbccgp
Device ID: USB\VID_064E&PID_E374\HF1016-T840-SE04-REV0202
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\TOS1101\4&10AB9051&0
 
Name: NDIS Virtual Network Adapter Enumerator
Description: NDIS Virtual Network Adapter Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisVirtualBus
Device ID: ROOT\NDISVIRTUALBUS\0000
 
Name: Generic USB Hub
Description: Generic USB Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Generic USB Hub)
Service: usbhub
Device ID: USB\VID_8087&PID_0024\5&1A2FE12C&3&1
 
Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\PNP0100\4&10AB9051&0
 
Name: TOSHIBA MQ01ABF050
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk
Device ID: SCSI\DISK&VEN_TOSHIBA&PROD_MQ01ABF050\4&23BFA7D7&0&000000
 
Name: MATbleepA DVD-RAM UJ8C2
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Device ID: SCSI\CDROM&VEN_MATbleepA&PROD_DVD-RAM_UJ8C2\4&23BFA7D7&0&050000
 
Name: Memory Controller
Description: Memory Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: 
Device ID: PCI\VEN_8086&DEV_0154&SUBSYS_FF1E1179&REV_09\3&11583659&0&00
 
Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios
Device ID: ROOT\MSSMBIOS\0000
 
Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: 
Device ID: ACPI\INT340E\2&DABA3FF&2
 
Name: TOSHIBA tos_sps64 Driver
Description: TOSHIBA tos_sps64 Driver
Class Guid: {8bbd94a0-a150-11d4-a878-0040265b73ee}
Manufacturer: TOSHIBA Corporation
Service: tos_sps64
Device ID: ROOT\TOSSEC\0000
 
Name: Microsoft Print to PDF
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Device ID: SWD\PRINTENUM\{D6ACC1D3-7FE3-4F10-94BB-BC7F810A58D7}
 
Name: Volume
Description: Volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volume
Device ID: STORAGE\VOLUME\{8CBC49D8-080E-11E3-BE6E-806E6F6E6963}#0000000058500000
 
Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum
Device ID: ROOT\SYSTEM\0000
 
Name: IWD Bus Enumerator
Description: IWD Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: iwdbus
Device ID: ROOT\SYSTEM\0001
 
Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi
Device ID: ACPI\PNP0C14\ITFS
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Device ID: ROOT\RDPBUS\0000
 
Name: Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
Description: Realtek RTL8188EE Wireless LAN 802.11n PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Device ID: PCI\VEN_10EC&DEV_8179&SUBSYS_018110EC&REV_01\4&2EEAE01&0&00E1
 
Name: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Description: Qualcomm Atheros AR8162/8166/8168 PCI-E Fast Ethernet Controller (NDIS 6.30)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros
Service: L1C
Device ID: PCI\VEN_1969&DEV_1090&SUBSYS_FF1E1179&REV_10\4&12860E61&0&00E0
 
Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Device ID: SWD\MSRRAS\MS_NDISWANIPV6
 
Name: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Description: Intel® 7 Series/C216 Chipset Family PCI Express Root Port 2 - 1E12
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: pci
Device ID: PCI\VEN_8086&DEV_1E12&SUBSYS_FF1E1179&REV_C4\3&11583659&0&E1
 
Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Device ID: SWD\MSRRAS\MS_L2TPMINIPORT
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 63%
Total physical RAM: 3975.27 MB
Available physical RAM: 1464.78 MB
Total Virtual: 6855.37 MB
Available Virtual: 3834.71 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Hard Drive) (Fixed) (Total:452.57 GB) (Free:190.56 GB) NTFS
2 Drive d: (TMNT_SAVANTI_PT_1) (CDROM) (Total:0.85 GB) (Free:0 GB) UDF
 
========================= Users: ========================================
 
User accounts for \\HOLLY
 
Administrator            DefaultAccount           Guest                    
Holly Gryzelak           
 
========================= Minidump Files ==================================
 
No minidump file found
 
========================= Restore Points ==================================
 
 
**** End of log ****
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64 
Ran by Holly Gryzelak (Administrator) on Tue 02/28/2017 at 16:55:49.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 37 
 
Failed to delete: C:\Program Files (x86)\Common Files\avg secure search\vtoolbarupdater (Folder) 
Failed to delete: C:\Program Files (x86)\inboxace_1g (Folder) 
Failed to delete: C:\Program Files (x86)\premieropinion (Folder) 
Failed to delete: C:\Program Files\slimservice (Folder) 
Successfully deleted: C:\ProgramData\apn (Folder) 
Successfully deleted: C:\ProgramData\appverifier (Folder) 
Successfully deleted: C:\ProgramData\avg security toolbar (Folder) 
Successfully deleted: C:\ProgramData\slimware utilities inc (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\driverupdate (Folder) 
Successfully deleted: C:\ProgramData\Start Menu\Programs\slimcleaner plus (Folder) 
Successfully deleted: C:\ProgramData\tweakbit (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\downloaded installers (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gkojfkhlekighikafcpjkiklfbnlmeio (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gkojfkhlekighikafcpjkiklfbnlmeio_0.localstorage (File) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\iac (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\inboxace_1g (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\pokki (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\AppData\Local\slimware utilities inc (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\iac (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\inboxace_1g (Folder) 
Successfully deleted: C:\Users\Holly Gryzelak\Appdata\LocalLow\inboxace_1gei (Folder) 
Successfully deleted: C:\Users\Public\Desktop\driverupdate.lnk (Shortcut) 
Successfully deleted: C:\Users\Public\Desktop\slimcleaner plus.lnk (Shortcut) 
Successfully deleted: C:\users\Public\Documents\downloaded installers (Folder) 
Successfully deleted: C:\WINDOWS\system32\drivers\swdumon.sys (File) 
Successfully deleted: C:\WINDOWS\system32\Tasks\SlimCleaner Plus (Scheduled Scan - Holly Gryzelak) (Task)
Successfully deleted: C:\WINDOWS\Tasks\DriverUpdate Scan.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\DriverUpdate Startup.job (Task) 
Successfully deleted: C:\WINDOWS\Tasks\SlimCleaner Plus (Scheduled Scan - Holly Gryzelak).job (Task) 
Successfully deleted: C:\Program Files (x86)\avg safeguard toolbar (Folder) 
Successfully deleted: C:\Program Files (x86)\avg security toolbar (Folder) 
Successfully deleted: C:\Program Files (x86)\driverupdate (Folder) 
Successfully deleted: C:\Program Files\comodo\geekbuddy (Folder) 
Successfully deleted: C:\Program Files\slimcleaner plus (Folder) 
 
 
 
Registry: 23 
 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_B0DD3B3E6F293D913595DC4CCD06528B (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SlimCleaner Plus (Registry Value) 
Successfully deleted: HKLM\Software\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle (Registry Key) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxAce AppIntegrator 64-bit (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\InboxAce Search Scope Monitor (Registry Value) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\PremierOpinion (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SlimService (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\SWDUMon (Registry Key) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\vToolbarUpdater40.3.7 (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{3775afd7-5921-4571-968f-85a631203d1c} (Registry Value) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F771523C-3D0A-457F-A192-EECA39A3D2E8} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9359da42-06fb-46f2-9e4a-05c05b98a5ef} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d5a1d22b-9e17-454f-8ecd-83c578fb3983} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page (Registry Value) 
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{3775afd7-5921-4571-968f-85a631203d1c} (Registry Value) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/28/2017 at 17:40:12.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 



#11 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:06 AM

Posted 28 February 2017 - 10:24 PM

Excellent work Holly !....boopme (Global Moderator) will be more than pleased to see those.

 

 

you may have missed these...

 

AdwCleaner

  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

and......

 

 

Please download Malwarebytes Anti-Malware to your desktop.

  • Double-click mb3-setup-1878.1878-3.0.6.1469.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:06 PM

Posted 01 March 2017 - 11:30 AM

Good.. you have some file corruption we will get to.
Did you run ESET?

Uninstall AVG tune up.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 01 March 2017 - 02:24 PM

# AdwCleaner v6.044 - Logfile created 01/03/2017 at 14:09:07
# Updated on 28/02/2017 by Malwarebytes
# Database : 2017-02-28.2 [Local]
# Operating System : Windows 10 Home  (X64)
# Username : Holly Gryzelak - HOLLY
# Running from : C:\Users\Holly Gryzelak\Downloads\adwcleaner_6.044.exe
# Mode: Clean
 
 
 
***** [ Services ] *****
 
[-] Service deleted: PremierOpinion
[-] Service deleted: swdumon
[-] Service deleted: WtuSystemSupport
[-] Service deleted: Update service
[-] Service deleted: SlimService
 
 
***** [ Folders ] *****
 
[#] Folder deleted on reboot: C:\Program Files (x86)\InboxAce_1g
[-] Folder deleted: C:\ProgramData\Avg_Update_0217tb
[-] Folder deleted: C:\ProgramData\Avg_Update_0814tb
[-] Folder deleted: C:\ProgramData\Avg_Update_1114tb
[-] Folder deleted: C:\WINDOWS\Installer\{B4A63B72-8F65-45BA-934F-B4AA62B70147}
[-] Folder deleted: C:\Users\Holly Gryzelak\AppData\Local\avg web tuneup
[-] Folder deleted: C:\Users\Holly Gryzelak\AppData\Roaming\EasyFileOpener
[-] Folder deleted: C:\Users\Holly Gryzelak\Favorites\StumbleUpon
[-] Folder deleted: C:\Users\Guest\AppData\Local\Pokki
[-] Folder deleted: C:\Users\Guest\Favorites\StumbleUpon
[-] Folder deleted: C:\Program Files\slimservice
[-] Folder deleted: C:\Program Files\avg web tuneup
[#] Folder deleted on reboot: C:\Program Files\SlimService
[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search
[-] Folder deleted: C:\ProgramData\AVG Secure Search
[-] Folder deleted: C:\ProgramData\avg web tuneup
[-] Folder deleted: C:\ProgramData\BSD\DriverHive
[-] Folder deleted: C:\ProgramData\BSD
[#] Folder deleted on reboot: C:\ProgramData\BSD\DriverHiveEngine
[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search
[#] Folder deleted on reboot: C:\ProgramData\Application Data\avg web tuneup
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHive
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD
[#] Folder deleted on reboot: C:\ProgramData\Application Data\BSD\DriverHiveEngine
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion
[#] Folder deleted on reboot: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\premieropinion
[-] Folder deleted: C:\Program Files (x86)\OLBPre
[-] Folder deleted: C:\Program Files (x86)\PremierOpinion
[-] Folder deleted: C:\Program Files (x86)\avg web tuneup
[#] Folder deleted on reboot: C:\Program Files (x86)\premieropinion
[#] Folder deleted on reboot: C:\Program Files (x86)\InboxAce_1g
[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search
[-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki
[#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki
[-] Folder deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Folder deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Folder deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
 
 
***** [ Files ] *****
 
[-] File deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
[#] File deleted: C:\WINDOWS\SysWoW64\pmls.dll
[-] File deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pilplloabdedfmialnfchjomjmpjcoej_0.localstorage
[-] File deleted: C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kofkpgiaknijknhajbhnghkodiccblkg_0.localstorage
 
 
***** [ DLL ] *****
 
 
 
***** [ WMI ] *****
 
 
 
***** [ Shortcuts ] *****
 
 
 
***** [ Scheduled Tasks ] *****
 
[-] Task deleted: LaunchApp
[-] Task deleted: LaunchPreSignup
 
 
***** [ Registry ] *****
 
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g_is1
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\AppDataLow\Software\InboxAce_1g_is1
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g_is1
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\InboxAce_1g_is1
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\AppDataLow\Software\InboxAce_1g_is1
[#] Key deleted on reboot: HKCU\Software\InboxAce_1g
[#] Key deleted on reboot: HKCU\Software\InboxAce_1g_is1
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\InboxAce_1g_is1
[-] Key deleted: HKLM\SOFTWARE\InboxAce_1g
[#] Key deleted on reboot: HKLM\SOFTWARE\InboxAce_1g_is1
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g_is1
[#] Key deleted on reboot: [x64] HKCU\Software\InboxAce_1g
[#] Key deleted on reboot: [x64] HKCU\Software\InboxAce_1g_is1
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\InboxAce_1g_is1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller.1
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector
[-] Key deleted: HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector.1
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@InboxAce_1g.com/Plugin
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InboxAce_1gbar Uninstall Firefox
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InboxAce_1gbar Uninstall Internet Explorer
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17df5fb2-d3f7-4f85-912b-e2b498c3cf04}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{189f7243-af42-43b8-855e-36c437c2d2a9}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2e74685c-0a5d-4c4a-b69c-594b006d53a4}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38c203e0-6b25-44cc-819c-6468da3493fa}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45e6ce9e-41ac-48c1-9cc8-715d349c644d}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61e1a1ca-285d-42b2-aa6b-89498391b502}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverUpdate
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverUpdate_is1
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4A63B72-8F65-45BA-934F-B4AA62B70147}
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4A63B72-8F65-45BA-934F-B4AA62B70147}_is1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{0a7ef307-3a60-4970-a10d-f5b729a3e669}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{0a7ef307-3a60-4970-a10d-f5b729a3e669}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin.InboxAce_1g.PseudoTransparentPlugin
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.PseudoTransparentPlugin.InboxAce_1g.PseudoTransparentPlugin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{155b1561-e8f8-49f0-8cc8-68834fc5a509}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{155b1561-e8f8-49f0-8cc8-68834fc5a509}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller.InboxAce_1g.ThirdPartyInstaller
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ThirdPartyInstaller.InboxAce_1g.ThirdPartyInstaller.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{261c81c2-f143-4cfb-8201-312d4474bc74}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{261c81c2-f143-4cfb-8201-312d4474bc74}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{3775afd7-5921-4571-968f-85a631203d1c}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{3775afd7-5921-4571-968f-85a631203d1c}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{387abd54-5e83-4e03-b020-6a6e5eafe1f4}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{387abd54-5e83-4e03-b020-6a6e5eafe1f4}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin.InboxAce_1g.SettingsPlugin
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.SettingsPlugin.InboxAce_1g.SettingsPlugin.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{38c203e0-6b25-44cc-819c-6468da3493fa}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{38c203e0-6b25-44cc-819c-6468da3493fa}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{475e9a77-6fe9-43e3-99a1-02a9f5496fe3}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{475e9a77-6fe9-43e3-99a1-02a9f5496fe3}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{484822e7-c2a3-4991-ab35-502d122ebeaa}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{484822e7-c2a3-4991-ab35-502d122ebeaa}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton.InboxAce_1g.ScriptButton
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ScriptButton.InboxAce_1g.ScriptButton.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{7d21c596-47ed-40dc-babb-397cb0080df0}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{7d21c596-47ed-40dc-babb-397cb0080df0}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector.InboxAce_1g.ToolbarProtector
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.ToolbarProtector.InboxAce_1g.ToolbarProtector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{910517d6-1167-4866-bb66-2db32e32e2dc}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{910517d6-1167-4866-bb66-2db32e32e2dc}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{9359da42-06fb-46f2-9e4a-05c05b98a5ef}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{A0368956-D0FA-4F97-BA34-0B4AC5331EEE}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A0368956-D0FA-4F97-BA34-0B4AC5331EEE}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu.InboxAce_1g.HTMLMenu
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.HTMLMenu.InboxAce_1g.HTMLMenu.1
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{c2cc1565-59b4-4cd6-97c8-4106362ad72d}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{c2cc1565-59b4-4cd6-97c8-4106362ad72d}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton.InboxAce_1g.MultipleButton
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\InboxAce_1g.MultipleButton.InboxAce_1g.MultipleButton.1
[#] Key deleted on reboot: {5fdb0cd8-5760-44d1-8d13-a78bf558c3c7}
[#] Key deleted on reboot: {07B5F0F7-BAD2-49EA-A3B9-58421C106EEA}
[#] Key deleted on reboot: {2DE39074-FB8E-488C-BFDA-86018A9688EC}
[#] Key deleted on reboot: {51FE0762-774F-497D-ACA4-D20BDF6CB8F9}
[#] Key deleted on reboot: {58C502E5-3FFA-4225-8B62-F033B28DD205}
[#] Key deleted on reboot: {684A0F47-547A-4865-AADB-B6CE4A4B1C85}
[#] Key deleted on reboot: {7750AFAF-40F3-408C-BF6F-0FCE24B82342}
[#] Key deleted on reboot: {D4BD6801-D4E0-49A8-8EE8-43F478DB49DE}
[#] Key deleted on reboot: {E725EA2F-DDBB-4C4B-8FE8-C6C23233685E}
[#] Key deleted on reboot: {F468F270-9A1B-44C5-BA76-81CC0C29680B}
[#] Key deleted on reboot: {F9C17917-8FEA-4E6C-A669-7D798763B63B}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{00A9855C-9193-44D7-B206-5AC035147E44}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{02FEF269-69DD-448D-9203-B193A7A8E2F6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{047AFE52-F44A-480B-8E14-5D420F841781}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{0A506F97-B0EE-462E-9F0E-EF2AAA9645CA}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{189F7243-AF42-43B8-855E-36C437C2D2A9}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2E74685C-0A5D-4C4A-B69C-594B006D53A4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{38E453ED-B428-4BF5-9F80-E6A033A8D079}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{3DAD2DDC-8932-41E9-A496-008ECA4C692A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4FEC3895-637F-474F-9ECD-C7F5906934DA}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{562D51E1-DB11-4E57-8A47-80FC71205227}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{600F84C4-3396-404B-A5A5-6951E5F30E56}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{70C69E3F-6EBD-4914-B480-859A52042FF4}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{00A9855C-9193-44D7-B206-5AC035147E44}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{02FEF269-69DD-448D-9203-B193A7A8E2F6}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{047AFE52-F44A-480B-8E14-5D420F841781}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{0A506F97-B0EE-462E-9F0E-EF2AAA9645CA}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{189F7243-AF42-43B8-855E-36C437C2D2A9}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{2E74685C-0A5D-4C4A-B69C-594B006D53A4}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{38E453ED-B428-4BF5-9F80-E6A033A8D079}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{3DAD2DDC-8932-41E9-A496-008ECA4C692A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{4FEC3895-637F-474F-9ECD-C7F5906934DA}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{562D51E1-DB11-4E57-8A47-80FC71205227}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{600F84C4-3396-404B-A5A5-6951E5F30E56}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{70C69E3F-6EBD-4914-B480-859A52042FF4}
[-] Key deleted: [x64] HKLM\SOFTWARE\Classes\Interface\{798C273C-9B95-405C-9226-A18BFCA068B3}
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[-] Key deleted: HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\WtuServer.WtuServerObj.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1BD47D21-01F4-4538-9290-39FD569A0F24}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{149622B2-F1C5-492D-BFDF-8E5ED85854A0}
[-] Key deleted: HKCU\Software\Classes\CLSID\{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\CLSID\{3775AFD7-5921-4571-968F-85A631203D1C}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\CLSID\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{A5FF3EB5-BF62-4D59-84DF-DC518E46FCB3}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3775AFD7-5921-4571-968F-85A631203D1C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3775AFD7-5921-4571-968F-85A631203D1C}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9359DA42-06FB-46F2-9E4A-05C05B98A5EF}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{5FDB0CD8-5760-44D1-8D13-A78BF558C3C7}]
[-] Key deleted: HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\AVG Security Toolbar
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InstallCore
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\SlimWare Utilities Inc
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\csastats
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\ICSW1.22
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\BSD
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\AppDataLow\Software\InboxAce_1g
[#] Key deleted on reboot: HKU\S-1-5-18\Software\AskPartnerNetwork
[#] Key deleted on reboot: HKCU\Software\AVG Security Toolbar
[#] Key deleted on reboot: HKCU\Software\InboxAce_1g
[#] Key deleted on reboot: HKCU\Software\InstallCore
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: HKCU\Software\ICSW1.22
[#] Key deleted on reboot: HKCU\Software\BSD
[#] Key deleted on reboot: HKCU\Software\AppDataLow\Software\InboxAce_1g
[-] Key deleted: HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[#] Key deleted on reboot: HKLM\SOFTWARE\InboxAce_1g
[-] Key deleted: HKLM\SOFTWARE\SlimWare Utilities Inc
[-] Key deleted: HKLM\SOFTWARE\AVG Tuneup
[-] Key deleted: HKLM\SOFTWARE\TWEAKBIT
[-] Key deleted: HKLM\SOFTWARE\Auslogics
[-] Key deleted: HKLM\SOFTWARE\BSD
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}
[#] Key deleted on reboot: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverUpdate
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1943296973-570151442-4265386025-1004\Software\InboxAce_1g
[#] Key deleted on reboot: [x64] HKCU\Software\AVG Security Toolbar
[#] Key deleted on reboot: [x64] HKCU\Software\InboxAce_1g
[#] Key deleted on reboot: [x64] HKCU\Software\InstallCore
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\SlimWare Utilities Inc
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\ICSW1.22
[#] Key deleted on reboot: [x64] HKCU\Software\BSD
[#] Key deleted on reboot: [x64] HKCU\Software\AppDataLow\Software\InboxAce_1g
[-] Key deleted: [x64] HKLM\SOFTWARE\SLIMWARE UTILITIES, INC.
[-] Key deleted: [x64] HKLM\SOFTWARE\AppVerifierService
[-] Key deleted: [x64] HKLM\SOFTWARE\AVG Secure Search
[-] Key deleted: HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\50D2BAFD096C90345A82B25A790BDF69
[-] Data restored: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Data restored: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Data restored: HKU\S-1-5-21-1943296973-570151442-4265386025-501-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-02282017133153340\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] 
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL] 
[-] Key deleted: HKU\S-1-5-21-1943296973-570151442-4265386025-1004\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [ApnTBMon]
[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\chfdnecihphmhljaaejmgoiahnihplgn
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\kofkpgiaknijknhajbhnghkodiccblkg
 
 
***** [ Web browsers ] *****
 
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default\Web data] [Search Provider] Deleted: search provided by yahoo
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [startup_urls] Deleted: hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frmr_16_19&param1=1&param2=f%3D7%26b%3Dchmm%26cc%3Dca%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzz0DtBtByEyE0D0A0EtAyD0F0DyC0BtN0D0Tzu0StCyDzyyEtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCzz0CtDzztCtDtBtGyDyE0E0DtGtDtC0E0FtGyE0B0EtAtGtCzzzzzztByEyCtByCtD0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyB0DtA0AtD0BtDtGyDtAtAzytGyEyBzytDtG0B0CtBtDtGyCtCzztA0E0B0B0CtDtB0EtD2QtN0A0LzuyE%26cr%3D1735145651%26a%3Dwncy_frmr_16_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [extension] Deleted: chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [extension] Deleted: kofkpgiaknijknhajbhnghkodiccblkg
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [extension] Deleted: mkndcbhcgphcfkkddanakjiepeknbgle
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
[-] [C:\Users\Holly Gryzelak\AppData\Local\Chromium\User Data\Default] [homepage] Deleted: hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frmr_16_19&param1=1&param2=f%3D1%26b%3Dchmm%26cc%3Dca%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyEzz0DtBtByEyE0D0A0EtAyD0F0DyC0BtN0D0Tzu0StCyDzyyEtN1L2XzutAtFtBtCtFtCtFyCtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyCzz0CtDzztCtDtBtGyDyE0E0DtGtDtC0E0FtGyE0B0EtAtGtCzzzzzztByEyCtByCtD0A0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0EyB0DtA0AtD0BtDtGyDtAtAzytGyEyBzytDtG0B0CtBtDtGyCtCzztA0E0B0B0CtDtB0EtD2QtN0A0LzuyE%26cr%3D1735145651%26a%3Dwncy_frmr_16_19%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome&uref=chmm
[-] [C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: chfdnecihphmhljaaejmgoiahnihplgn
[-] [C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: kofkpgiaknijknhajbhnghkodiccblkg
[-] [C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: mkndcbhcgphcfkkddanakjiepeknbgle
[-] [C:\Users\Holly Gryzelak\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
 
 
*************************
 
:: "Tracing" keys deleted
:: Winsock settings cleared
 
*************************
 
C:\AdwCleaner\AdwCleaner[C0].txt - [30246 Bytes] - [01/03/2017 14:09:07]
C:\AdwCleaner\AdwCleaner[S0].txt - [27415 Bytes] - [01/03/2017 12:38:58]
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [30394 Bytes] ##########


#14 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 6,105 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:06 AM

Posted 01 March 2017 - 03:01 PM

now that took care of a mountain of trouble......well done !!

 

be aware that the ESET scan will take a long time......dont be at all surprised at 2 hours +.....i have known eset to run for 6 hours at times....go get coffee...go for a walk....

 

just in case you are having trouble finding eset....

 

  • ESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
  • Remove found threats
  • Scan archives
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  •  
  •  
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.
  • [/list]

Condobloke ...Outback Australian  fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy

 GcnI1aH.jpg

 

 


#15 HollyM

HollyM
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  

Posted 01 March 2017 - 03:02 PM

ran last program Melwarebytes






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users