Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Smart Service trojan


  • Please log in to reply
10 replies to this topic

#1 wendy555

wendy555

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 30 April 2017 - 01:23 AM

Hi, I'm in a big pickel, whenever i tried to run any malware removal software whether it be mbar, roguekiller, tdss killer and renaming it and rkiller none of it worked. so i tried going into safe mode to see if it could run them then, heres my problem. the start menu doesnt work i can type stuff in but nothing happens, i cant do windows key and r because my gaming keyboard has windows key disabled and whenever i try to do advanced restart, i can access settings for some reason, it just does a regular restart into safe boot again, on top of all of that, i looked at all of the guides to remove the trojan on this website and several others and whenever i tried to download something it would say that the requested resource was in use. i tried an online scanner before i went into safe mode and it found like 30 things but then when the scan was done it said nothing was found. Im extremly scared my info is gonna be sold to the russians or someone else as i have autofill for pretty much everything. I also have no flashdrives in my house so i cant put in logs


Edited by hamluis, 30 April 2017 - 05:38 AM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 30 April 2017 - 11:16 AM

i wrote thatfrom my labtop the problem was with my desktop which is what im writing this with, i managed to access msconfig through command prompt and get out of safe mode, i managed to get rogue killer to work, its running right now, im hoping if it doesnt get rid of all of the trojan it will atleast allow me to run mcafee and malwarebytes


Edited by wendy555, 30 April 2017 - 11:16 AM.


#3 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 30 April 2017 - 02:04 PM

rogue killer has ran twice but its the same files, i think the virus has admin or something and makes it so it cant be deleted



#4 iMacg3

iMacg3

    Bleepin' PowerPC G3


  • Malware Study Hall Senior
  • 1,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:09:10 AM

Posted 30 April 2017 - 05:52 PM

Have you tried running the scan tools in Safe mode? (without networking) I couldn't understand from your post.

What OS are you using? How long has this infection been going on for?

Have you tried using the iExplore.exe or rkill.com versions of RKill?

 

If you have a digital camera, you can transfer the rkill log (if Rkill works) by plugging in your camera to the affected PC, transfer files to the camera, and then retrieving the files on the laptop.


Edited by iMacg3, 30 April 2017 - 06:06 PM.

Regards, iMacg3

If I do not reply to your malware removal topic in 48 hours, please send me a PM.

"Do, or do not. There is no try." - Yoda


#5 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 30 April 2017 - 06:39 PM

ive tried all renamed versions of rkill and im not aware of the scan tools your talking about im also using windows 10


Edited by wendy555, 30 April 2017 - 06:39 PM.


#6 iMacg3

iMacg3

    Bleepin' PowerPC G3


  • Malware Study Hall Senior
  • 1,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:09:10 AM

Posted 30 April 2017 - 08:09 PM

Click on the "Rkill.com" tool that I showed you and see if it works.

 

Try the below programs to see if they work.

 

 

Download Farbar MiniToolBox and save the file to your desktop.

  1. Open MiniToolBox by right-clicking it and selecting Run as Administrator.

  2. Make sure the following options are checked and then click Go:

Report IE Proxy Settings

Report FF Proxy Settings

List content of Hosts

List IP configuration

List Winsock Entries

List last 10 Event Viewer log

List Installed Programs

List Devices (Don't change any settings here)

List Users, Partitions and Memory size

List Restore Points

  1. Paste the log file contents into a post.

 

Download FSS (Farbar Service Scanner) and save it to your desktop.

 

1. Right-click FSS and select Run as Administrator.

2. Make sure the following options are selected:

 

Internet Services

Windows Firewall

System Restore

Security Center/Action Center

Windows Update

Windows Defender

Other Services

 

3. Click Scan and wait until the scan is complete.

 

A logfile called FSS.txt will be on your desktop.

Paste the contents into a post.


Edited by iMacg3, 30 April 2017 - 08:29 PM.

Regards, iMacg3

If I do not reply to your malware removal topic in 48 hours, please send me a PM.

"Do, or do not. There is no try." - Yoda


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:10 AM

Posted 30 April 2017 - 09:11 PM

This guide may also help..

https://www.bleepingcomputer.com/virus-removal/remove-the-requested-resource-is-in-use-error
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 05 May 2017 - 11:52 PM

Farbar Service Scanner Version: 27-01-2016
Ran by tom_f_mf1 (administrator) on 05-05-2017 at 21:52:01
Running from "C:\Users\tom_f_mf1\Downloads"
Microsoft Windows 10 Home  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig"="0"
 
 
Security Center:
============
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****


#9 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 05 May 2017 - 11:53 PM

rkill.com doesnt work



#10 wendy555

wendy555
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:06:10 AM

Posted 05 May 2017 - 11:55 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by tom_f_mf1 (administrator) on 05-05-2017 at 21:54:35
Running from "C:\Users\tom_f_mf1\Downloads"
Microsoft Windows 10 Home  (X64)
Model: 750-177c Manufacturer: HP
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.autoconfig_url", "data:text/plain, function FindProxyForURL(url, host) {if(isInNet(host, '192.168.0.0', '255.255.0.0')) return 'DIRECT'; \nif(host == 'us1-base.cd-n.net') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nif(host == 'us3-base.cd-n.net') return 'DIRECT'; \nif(host == 'jp1-base.cd-n.net') return 'DIRECT'; \nif(host == 'de1-base.cd-n.net') return 'DIRECT'; \nif(host == 'au1-base.cd-n.net') return 'DIRECT'; \nif(host == 'ir1-base.cd-n.net') return 'DIRECT'; \nif(host == 'sg1-base.cd-n.net') return 'DIRECT'; \nif(host == 'kr1-base.cd-n.net') return 'DIRECT'; \nif(host == '127.0.0.1') return 'DIRECT'; \nif(host == 'localhost') return 'DIRECT'; \nif(host == 'us2-base.cd-n.net') return 'DIRECT'; \nreturn 'HTTPS geydolrrg4yc4nbufy4tcizrgq4tgnjrga2dama.2po.info:443';}"
"network.proxy.type", 0
========================= Hosts content: =================================
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
Intel® Dual Band Wireless-AC 3165 = Wi-Fi (Hardware not present)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Hardware not present)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-CCTPBUV
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : lan
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : C0-7C-D1-A2-37-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::21ae:3037:63bf:b0f8%9(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.86.197(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, May 5, 2017 8:37:56 PM
   Lease Expires . . . . . . . . . . : Saturday, May 6, 2017 8:37:55 PM
   Default Gateway . . . . . . . . . : 192.168.86.1
   DHCP Server . . . . . . . . . . . : 192.168.86.1
   DHCPv6 IAID . . . . . . . . . . . : 146832593
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-18-43-8D-C0-7C-D1-A2-37-74
   DNS Servers . . . . . . . . . . . : 209.244.0.3
                                       209.244.0.4
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.lan:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : lan
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:90d7:43f:eeb:b63f:7237(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::43f:eeb:b63f:7237%7(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 100663296
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-18-43-8D-C0-7C-D1-A2-37-74
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  resolver1.level3.net
Address:  209.244.0.3
 
Name:    google.com
Addresses:  2607:f8b0:4007:809::200e
 216.58.216.142
 216.58.216.142
 216.58.216.142
 
 
Pinging google.com [216.58.216.142] with 32 bytes of data:
Reply from 216.58.216.142: bytes=32 time=41ms TTL=53
Reply from 216.58.216.142: bytes=32 time=41ms TTL=53
 
Ping statistics for 216.58.216.142:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 41ms, Maximum = 41ms, Average = 41ms
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=70ms TTL=52
Reply from 98.138.253.109: bytes=32 time=213ms TTL=52
 
Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 70ms, Maximum = 213ms, Average = 141ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...c0 7c d1 a2 37 74 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
  8...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  7...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.86.1   192.168.86.197     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
     192.168.86.0    255.255.255.0         On-link    192.168.86.197    281
   192.168.86.197  255.255.255.255         On-link    192.168.86.197    281
   192.168.86.255  255.255.255.255         On-link    192.168.86.197    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link    192.168.86.197    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link    192.168.86.197    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  7    331 ::/0                     On-link
  1    331 ::1/128                  On-link
  7    331 2001::/32                On-link
  7    331 2001:0:9d38:90d7:43f:eeb:b63f:7237/128
                                    On-link
  9    281 fe80::/64                On-link
  7    331 fe80::/64                On-link
  7    331 fe80::43f:eeb:b63f:7237/128
                                    On-link
  9    281 fe80::21ae:3037:63bf:b0f8/128
                                    On-link
  1    331 ff00::/8                 On-link
  9    281 ff00::/8                 On-link
  7    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/05/2017 08:59:35 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143"1".
Dependent Assembly 53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/05/2017 08:59:34 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (05/05/2017 08:59:09 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143"1".
Dependent Assembly 53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/05/2017 08:59:07 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "urn:schemas-microsoft-com:asm.v1^file1".Error in manifest or policy file "urn:schemas-microsoft-com:asm.v1^file2" on line urn:schemas-microsoft-com:asm.v1^file3.
The value "F:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dll" of attribute "name" in element "urn:schemas-microsoft-com:asm.v1^file" is invalid.
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: PerfNet) (User: )
Description: 
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib) (User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib) (User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
 
System errors:
=============
Error: (05/05/2017 09:17:13 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (05/05/2017 08:43:16 PM) (Source: Service Control Manager) (User: )
Description: The HP Support Solutions Framework Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The Windows Management Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Management Service service to connect.
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: 
%%170 = The requested resource is in use.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Firewall Core Service service failed to start due to the following error: 
%%170 = The requested resource is in use.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee Platform Services service failed to start due to the following error: 
%%170 = The requested resource is in use.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee VirusScan Announcer service failed to start due to the following error: 
%%170 = The requested resource is in use.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee CSP Service service failed to start due to the following error: 
%%170 = The requested resource is in use.
 
 
Error: (05/05/2017 08:40:04 PM) (Source: Service Control Manager) (User: )
Description: The McAfee AP Service service failed to start due to the following error: 
%%170 = The requested resource is in use.
 
 
 
Microsoft Office Sessions:
=========================
Error: (05/05/2017 08:59:35 PM) (Source: SideBySide)(User: )
Description: 53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143"c:\program files (x86)\google\chrome\application\сhrоmе.bаt.exe
 
Error: (05/05/2017 08:59:34 PM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (05/05/2017 08:59:09 PM) (Source: SideBySide)(User: )
Description: 53.0.2785.143,language="&#x2a;",type="win32",version="53.0.2785.143"c:\program files (x86)\google\chrome\application\сhrоmе.bаt.exe
 
Error: (05/05/2017 08:59:07 PM) (Source: SideBySide)(User: )
Description: urn:schemas-microsoft-com:asm.v1^filenameF:\joju\projects\XSplitCSDemo\RazerLauncher\Components\StreamingServicesAPI.dllc:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifestc:\program files (x86)\razer\razer cortex\StreamingServicesAPI.dll.Manifest2
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: PerfNet)(User: )
Description: 
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib)(User: )
Description: MSDTCC:\WINDOWS\system32\msdtcuiu.DLL4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib)(User: )
Description: LsaC:\Windows\System32\Secur32.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib)(User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll4
 
Error: (05/05/2017 08:38:18 PM) (Source: Perflib)(User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll4
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-04-29 21:23:06.217
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-04-29 21:22:40.269
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-04-29 21:22:36.369
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-04-29 21:22:36.364
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-28 17:44:07.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-28 17:43:48.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-28 17:43:48.741
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-15 17:50:47.134
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-15 17:50:39.123
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
  Date: 2016-10-15 17:50:39.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.5.0.43580 - BitTorrent Inc.)
Adobe Audition CC 2017 (HKLM-x32\...\AUDT_10_0_2) (Version: 10.0.2 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.49 - NVIDIA Corporation) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audition (HKLM\...\{52452272-9233-4A27-AA7A-E05C2E7A61BD}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Batman™: Arkham Knight (HKLM\...\Steam App 208650) (Version:  - Rocksteady Studios)
Batman™: Arkham Origins (HKLM\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.6.108.7905 - BlueStack Systems, Inc.)
Chroma Sync (HKLM-x32\...\{BC8D681E-1F5D-4C68-8E3E-A9A614D66C14}) (Version: 1.1.1 - Ultrabox Entertainment Limited)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
DragonBoost (HKCU\...\DragonBoost) (Version:  - )
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1.2 - )
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Grammarly for Microsoft® Office Suite (HKCU\...\{b1eb8775-bc01-49f5-9885-9ff3c9b4a7a3}) (Version: 6.5.57 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{2CC6EE9C-51D8-479E-8B0B-F061F658FC9B}) (Version: 6.5.57 - Grammarly) Hidden
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.3.50.9 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{D7D5F438-26EF-45AB-AB89-C476FBCF8584}) (Version: 12.5.32.203 - Hewlett-Packard Company)
Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{fb610cea-ba50-4d4b-a717-cf025419035c}) (Version: 10.1.1.13 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.6 (HKLM-x32\...\{2B710CA5-99F0-4D29-962C-29A7CFF7A989}) (Version: 2.6.0.32 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4627 - Intel Corporation)
Intel® Ready Mode Technology (HKLM\...\{B61BD6D2-0B9F-49BF-9987-4038E3F748EA}) (Version: 1.1.70.520 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{7B11A2EA-168E-442A-809E-5F8908A7504F}) (Version: 19.50.1 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{185db067-38cd-4521-a43e-c39b96ee1389}) (Version: 19.50.1 - Intel Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
LOOT version 0.9.2 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.9.2 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0 R13 - McAfee, Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 53.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0 (x86 en-US)) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
NBA 2K16 (HKLM\...\Steam App 370240) (Version:  - Visual Concepts)
NBA 2K17 (HKLM\...\Steam App 385760) (Version:  - Visual Concepts)
NCH Tone Generator (HKLM-x32\...\ToneGen) (Version:  - NCH Software)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.5 - Black Tree Gaming)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.1 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.5.0.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.76 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.49 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7967.2139 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Paladins (HKLM\...\Steam App 444090) (Version:  - Hi-Rez Studios)
Peace (HKLM\...\Peace) (Version: 1.4.0.1 - P.E. Verbeek)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1054.0 - Passmark Software)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.14.8 - Razer Inc.)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.6.8.66 - Razer Inc.)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.26 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7882 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.4.9 - Reimage)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
ROBLOX Player for tom_f_mf1 (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 1.4.3 - Western Digital Corporation or its affiliates)
SanDisk SSD Dashboard Service (HKLM-x32\...\{760A9A9B-238A-4EC2-ABFD-88F340D676BC}) (Version: 1.0.2 - SanDisk Corporation)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0360 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.5.0.76 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version:  - Ubisoft)
Spotify (HKCU\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
Uninstall Samsung Printer Software (HKLM-x32\...\TotalUninstaller) (Version: 4.0.0.67 - Samsung Electronics CO., LTD.)
Uplay (HKLM-x32\...\Uplay) (Version: 31.1 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
XSplit Broadcaster (HKLM-x32\...\{8EE36890-8F28-4518-B9BA-1EDD518144A1}) (Version: 2.9.1701.1635 - SplitmediaLabs)
 
========================= Devices: ================================
 
Name: Bluetooth Device (Personal Area Network)
Description: Bluetooth Device (Personal Area Network)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: BthPan
Device ID: BTH\MS_BTHPAN\6&1A2F7809&0&2
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Intel® Dual Band Wireless-AC 3165
Description: Intel® Dual Band Wireless-AC 3165
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: Netwtw04
Device ID: PCI\VEN_8086&DEV_3165&SUBSYS_40108086&REV_81\4&396630DF&0&00E0
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 35%
Total physical RAM: 16283.53 MB
Available physical RAM: 10443.56 MB
Total Virtual: 18715.53 MB
Available Virtual: 11016.16 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:893.7 GB) (Free:333.45 GB) NTFS
2 Drive d: (Hard Drive) (Fixed) (Total:1863.02 GB) (Free:503.57 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-CCTPBUV
 
Administrator            DefaultAccount           Guest                    
harpe                    tom                      tom_f_mf1                
 
========================= Restore Points ==================================
 
29-04-2017 02:16:46 McAfee Vulnerability Scanner
29-04-2017 02:23:37 Revo Uninstaller's restore point - Unlocker
30-04-2017 04:16:12 Revo Uninstaller's restore point - AnonymizerGadget
30-04-2017 18:28:08 Removed Macrium Reflect Free Edition
04-05-2017 23:16:25 Windows Modules Installer
 
**** End of log ****


#11 iMacg3

iMacg3

    Bleepin' PowerPC G3


  • Malware Study Hall Senior
  • 1,479 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Indiana, USA
  • Local time:09:10 AM

Posted 06 May 2017 - 08:12 AM

Please use this copy of Rkill and see if it works. It's called WiNlOgOn.exe.


Regards, iMacg3

If I do not reply to your malware removal topic in 48 hours, please send me a PM.

"Do, or do not. There is no try." - Yoda





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users