Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown virus/malware?


  • Please log in to reply
9 replies to this topic

#1 maxkragen

maxkragen

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 01 August 2017 - 12:36 PM

Greetings to all. Thank you for taking the time to read this and possibly help me. Deeply appreciate you giving your free time to someone you don't know. I literally have no idea what is going on but it sometimes causes interruptions to log in process on certain pages. Meaning, it blocks the normal log in procedure by putting text on top of other text. I have found a workaround but it is very annoying to go through this every time. I had downloaded some illegal programs right before this happened (have since removed and rolled back) and have run different antivirus and anti malware programs to get rid of it but to no avail. My sincere thanks to all who may offer any help.

Attached File  sample1.png   221.62KB   0 downloadsAttached File  sample2.png   261.07KB   0 downloadsAttached File  sample3.png   173.8KB   0 downloadsAttached File  sample4.png   236.4KB   0 downloadsAttached File  sample5.png   267.01KB   0 downloads


Edited by hamluis, 01 August 2017 - 12:51 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:17 AM

Posted 01 August 2017 - 09:23 PM

Welcome aboard p22002758.gif

 

p22002970.gif Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.


NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me.
NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run

p22002970.gif Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


p22002970.gif Please download MiniToolBox and run it.

Checkmark following boxes:
  • Report IE Proxy Settings
  • Report FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (do NOT change any settings here)
  • List Users, Partitions and Memory size
  • List Restore Points

Click Go and post the result.

p22002970.gif Please download Malwarebytes to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • Then click Finish.
  • Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  • If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  • When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
  • Restart your computer when prompted to do so.
  • The Scan log is available throughout History ->Application logs. Please post it contents in your next reply.


p22002970.gifDownload 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
  • "mbar-log-{date} (xx-xx-xx).txt"
  • "system-log.txt"


NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.

p22002970.gif Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Windows Vista, 7 or 8 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.


If normal mode still doesn't work, run the tool from safe mode.

When the scan is done Notepad will open with rKill log.
Post it in your next reply.

NOTE. rKill.txt log will also be present on your desktop.

NOTE Do NOT wrap your logs in "quote" or "code" brackets.
Do NOT use spoilers.
Do NOT edit your reply to post additional logs. Create new reply. I'll not get any email notifications about edits so I won't know you posted something new.


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#3 maxkragen

maxkragen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 01 August 2017 - 09:55 PM

I'll get right to work sir. Thank you and will post soon! 



#4 maxkragen

maxkragen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 01 August 2017 - 10:53 PM

Ok...I followed your post word for word and no restarts were required. Here are the results;

 

 Results of screen317's Security Check version 1.014 --- 12/23/15  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Wise Disk Cleaner 9.51  
 Java 8 Update 141  
 Java version 32-bit out of Date! 
 Adobe Flash Player 21.0.0.197  
 Google Chrome (59.0.3071.115) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 
 
 

Farbar Service Scanner Version: 27-01-2016
Ran by Owner (administrator) on 01-08-2017 at 22:10:27
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Disabled. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
 
 
Windows Defender Disabled Policy: 
==========================
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
 
 
**** End of log ****
 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Owner (administrator) on 01-08-2017 at 22:12:25
Running from "C:\Users\Owner\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: HP Compaq 8000 Elite CMT PC Manufacturer: Hewlett-Packard
Boot Mode: Normal
***************************************************************************
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
========================= FF Proxy Settings: ============================== 
 
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® 82567LM-3 Gigabit Network Connection = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : random-pc
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.il.comcast.net
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net
   Description . . . . . . . . . . . : Intel® 82567LM-3 Gigabit Network Connection
   Physical Address. . . . . . . . . : F4-CE-46-2C-00-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:248:8101:a48a::942a(Preferred) 
   Lease Obtained. . . . . . . . . . : Monday, July 31, 2017 6:48:17 PM
   Lease Expires . . . . . . . . . . : Monday, August 07, 2017 6:48:17 PM
   IPv6 Address. . . . . . . . . . . : 2601:248:8101:a48a::cb5b(Preferred) 
   Lease Obtained. . . . . . . . . . : Friday, July 28, 2017 8:19:39 PM
   Lease Expires . . . . . . . . . . : Saturday, September 08, 2153 4:40:44 AM
   IPv6 Address. . . . . . . . . . . : 2601:248:8101:a48a:107b:79fd:6175:c5c(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:248:8101:a48a:68bc:5510:71f0:e901(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::107b:79fd:6175:c5c%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.124(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, July 28, 2017 8:19:38 PM
   Lease Expires . . . . . . . . . . : Tuesday, August 08, 2017 8:19:38 AM
   Default Gateway . . . . . . . . . : fe80::250:f1ff:fe80:0%11
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 250924614
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-E9-EC-56-F4-CE-46-2C-00-4A
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter isatap.hsd1.il.comcast.net:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.il.comcast.net
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:204e:30b5:b6e9:c253(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::204e:30b5:b6e9:c253%14(Preferred) 
   Default Gateway . . . . . . . . . : 
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  2607:f8b0:4009:812::200e
 216.58.192.238
 
 
Pinging google.com [2607:f8b0:4009:813::200e] with 32 bytes of data:
Reply from 2607:f8b0:4009:813::200e: time=17ms 
Reply from 2607:f8b0:4009:813::200e: time=32ms 
 
Ping statistics for 2607:f8b0:4009:813::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 17ms, Maximum = 32ms, Average = 24ms
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
 2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 98.138.253.109
 206.190.36.45
 98.139.180.149
 
 
Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Reply from 2001:4998:44:204::a7: time=31ms 
Reply from 2001:4998:44:204::a7: time=31ms 
 
Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 31ms, Maximum = 31ms, Average = 31ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...f4 ce 46 2c 00 4a ......Intel® 82567LM-3 Gigabit Network Connection
  1...........................Software Loopback Interface 1
 12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1       10.0.0.124     10
         10.0.0.0    255.255.255.0         On-link        10.0.0.124    266
       10.0.0.124  255.255.255.255         On-link        10.0.0.124    266
       10.0.0.255  255.255.255.255         On-link        10.0.0.124    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link        10.0.0.124    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link        10.0.0.124    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    266 ::/0                     fe80::250:f1ff:fe80:0
  1    306 ::1/128                  On-link
 14     58 2001::/32                On-link
 14    306 2001:0:9d38:6ab8:204e:30b5:b6e9:c253/128
                                    On-link
 11     18 2601:248:8101:a48a::/64  On-link
 11    266 2601:248:8101:a48a::942a/128
                                    On-link
 11    266 2601:248:8101:a48a::cb5b/128
                                    On-link
 11    266 2601:248:8101:a48a:107b:79fd:6175:c5c/128
                                    On-link
 11    266 2601:248:8101:a48a:68bc:5510:71f0:e901/128
                                    On-link
 11    266 fe80::/64                On-link
 14    306 fe80::/64                On-link
 11    266 fe80::107b:79fd:6175:c5c/128
                                    On-link
 14    306 fe80::204e:30b5:b6e9:c253/128
                                    On-link
  1    306 ff00::/8                 On-link
 14    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/01/2017 03:16:53 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (07/31/2017 08:45:55 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (07/31/2017 01:53:46 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (07/30/2017 07:01:02 PM) (Source: Windows Backup) (User: )
Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).
 
Error: (07/30/2017 06:13:51 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (07/29/2017 11:59:47 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (07/29/2017 10:30:24 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108
 
Error: (07/28/2017 08:52:45 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (07/28/2017 08:21:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/28/2017 04:06:22 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
 
System errors:
=============
Error: (08/01/2017 01:04:43 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (07/31/2017 06:25:00 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (07/31/2017 06:24:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (07/31/2017 06:24:59 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (07/31/2017 06:24:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (07/31/2017 06:24:58 PM) (Source: Disk) (User: )
Description: The driver detected a controller error on \Device\Harddisk4\DR4.
 
Error: (07/30/2017 02:12:35 AM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053 = The service did not respond to the start or control request in a timely fashion.
 
 
Error: (07/30/2017 02:12:35 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (07/30/2017 02:09:52 AM) (Source: Service Control Manager) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/30/2017 02:09:45 AM) (Source: Service Control Manager) (User: )
Description: The Intel® PROSet Monitoring Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (08/01/2017 03:16:53 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (07/31/2017 08:45:55 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (07/31/2017 01:53:46 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (07/30/2017 07:01:02 PM) (Source: Windows Backup)(User: )
Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)
 
Error: (07/30/2017 06:13:51 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (07/29/2017 11:59:47 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (07/29/2017 10:30:24 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108
 
Error: (07/28/2017 08:52:45 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (07/28/2017 08:21:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/28/2017 04:06:22 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
 
=========================== Installed Programs ============================
 
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 21.0.0.215 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.106.2020.110 - Alps Electric)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Beowulf TM (HKLM-x32\...\{DA2B455A-B0BE-4C5A-B73A-0615F37C81D5}) (Version: 1.00 - Ubisoft) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{85EC2DC7-901A-C7A8-69CC-D14B5311C057}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{155ABE97-ABF9-EE58-3270-334EF950F3A9}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{44167DA6-B26A-A06B-213E-A481135FCBF0}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{ED204021-2012-F4F3-E495-F4AFD74D66FF}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1D12B9AD-21F1-791A-6A85-47F27406282C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{0101153A-CA07-4E2C-EF5E-D411604CF036}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{3BBAB5EA-62DA-2431-3A1F-3F89BBAE739D}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{975476BF-784B-0C34-09B3-AE6DC25C2B3C}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{2F028509-06B7-9869-5FD6-1F367A0B5827}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{8A5107B8-9CC4-141F-141D-B1952B84A62A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{BFDF75E6-EBBE-FD30-7DED-A80A072A0452}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{665B0E99-0560-6850-876C-259CC785D49A}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{8191CEE4-C7AB-5A02-4587-9D12B6B443F2}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{E3D88B8D-BB11-D376-C3C6-EF7D0F8DD725}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{8831C53E-B6FA-3DE6-FB39-66BD5019F083}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CB203E05-4AAA-9076-7D8B-5D7CAD7F0D39}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{4166E94C-7758-3D0E-1518-05BF181FBA21}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{E2D25167-8913-E00E-6755-270D9010DF62}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{4BE67694-29C6-6A69-85E4-D06EFCA12846}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{7B1A228A-7D97-3209-B386-AA878D3555C5}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{54603A0D-55EB-44D8-0D79-4B7CB94AD6B7}) (Version: 2017.0720.1902.32426 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.32 - Piriform)
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
ETDWare PS/2-X64 11.6.2.1_WHQL (HKLM\...\Elantech) (Version: 11.6.2.1 - ELAN Microelectronic Corp.)
Ginger (HKLM-x32\...\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.158 - Ginger Software) Hidden
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.158 - Ginger Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.29.5 - Google Inc.) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Network Connections 22.0.18.0 (HKLM\...\PROSetDX) (Version: 22.0.18.0 - Intel)
Java 8 Update 141 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 141 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.4.2 - Notepad++ Team)
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.5.1.2 - Popcorn Time)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Wise Disk Cleaner 9.51 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.51 - WiseCleaner.com, Inc.)
World of Tanks (HKCU\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version:  - Wargaming.net)
 
========================= Devices: ================================
 
Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Device ID: ACPI\PNP0F13\4&37387F07&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: 
Device ID: USB\VID_0000&PID_0000\5&637AB4F&0&5
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 
 
Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard with HP QLB
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard Development Company, L.P.
Service: i8042prt
Device ID: ACPI\PNP0303\4&37387F07&0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 34%
Total physical RAM: 6075.25 MB
Available physical RAM: 3967.33 MB
Total Virtual: 12148.68 MB
Available Virtual: 9742.92 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:147.04 GB) (Free:45.46 GB) NTFS
3 Drive e: (PNY) (Removable) (Total:7.59 GB) (Free:3.59 GB) FAT32
4 Drive g: (Crucial) (Removable) (Total:7.45 GB) (Free:1.78 GB) FAT32
5 Drive h: () (Removable) (Total:7.45 GB) (Free:3.45 GB) FAT32
6 Drive i: () (Removable) (Total:14.9 GB) (Free:0.01 GB) FAT32
 
========================= Users: ========================================
 
User accounts for \\RANDOM-PC
 
Administrator            Guest                    Owner                    
Twins                    
 
========================= Restore Points ==================================
 
 
**** End of log ****
 
 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 8/1/17
Scan Time: 10:14 PM
Log File: malwarebytes1.txt
Administrator: Yes
 
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.139
Update Package Version: 1.0.2486
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: RANDOM-PC\Owner
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369274
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 3 min, 12 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 

Malwarebytes
www.malwarebytes.com
 
-Log Details-
Scan Date: 8/1/17
Scan Time: 10:14 PM
Log File: malwarebytes1.txt
Administrator: Yes
 
-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.139
Update Package Version: 1.0.2486
License: Trial
 
-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: RANDOM-PC\Owner
 
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369274
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 3 min, 12 sec
 
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
-Scan Details-
Process: 0
(No malicious items detected)
 
Module: 0
(No malicious items detected)
 
Registry Key: 0
(No malicious items detected)
 
Registry Value: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Data Stream: 0
(No malicious items detected)
 
Folder: 0
(No malicious items detected)
 
File: 0
(No malicious items detected)
 
Physical Sector: 0
(No malicious items detected)
 
 
(end)
 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
 
Account is Administrative
 
Internet Explorer version: 11.0.9600.18738
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.992000 GHz
Memory total: 6370357248, free: 3829493760
 
Downloaded database version: v2017.08.02.01
Downloaded database version: v2017.05.27.01
Downloaded database version: v2017.07.17.01
=======================================
Initializing...
------------ Kernel report ------------
     08/01/2017 22:27:25
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\drivers\iusb3hcs.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\amdkmpfd.sys
\SystemRoot\system32\drivers\AtiPcie.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\GizmoDrv.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\e1k62x64.sys
\SystemRoot\system32\drivers\usbuhci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\t_mouse.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\windows\system32\drivers\mbae64.sys
\SystemRoot\system32\drivers\MBAMChameleon.sys
\??\C:\windows\system32\drivers\farflt.sys
\??\C:\windows\system32\drivers\mbam.sys
\??\C:\windows\system32\drivers\mwac.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\msctf.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\gdi32.dll
\Windows\System32\imm32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\advapi32.dll
\Windows\System32\difxapi.dll
\Windows\System32\setupapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\user32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\usp10.dll
\Windows\System32\kernel32.dll
\Windows\System32\urlmon.dll
\Windows\System32\normaliz.dll
\Windows\System32\wininet.dll
\Windows\System32\iertutil.dll
\Windows\System32\ole32.dll
\Windows\System32\sechost.dll
\Windows\System32\clbcatq.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\comdlg32.dll
\Windows\System32\nsi.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
 
Scan started
Database versions:
  main:    v2017.08.02.01
  rootkit: v2017.05.27.01
 
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009054060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009054ab0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009054060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8008fb6060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A70815D5
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 1021952
    Partition is bootable
    Partition file system is NTFS
 
    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1024000  Numsec = 308359168
    Partition is not bootable
    Partition file system is NTFS
 
    Partition 2 type is Other (0x27)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 309383168  Numsec = 3112960
    Partition is not bootable
    Partition file system is NTFS
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 160000000000 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8009ed0790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009ed39b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009ed0790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8009ee2330, DeviceName: \Device\00000070\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 73696D20
 
Partition information:
 
    Partition 0 type is Other (0xa)
    Partition is INVALID!!!
    Partition starts at LBA: 1919230059  Numsec = 4285689714
    Partition is not bootable
Failed to read VBR on partition 0.
 
    Partition 1 type is Other (0x65)
    Partition is INVALID!!!
    Partition starts at LBA: 544829025  Numsec = 544826731
    Partition is not bootable
Failed to read VBR on partition 1.
 
    Partition 2 type is Other (0x65)
    Partition is INVALID!!!
    Partition starts at LBA: 168653938  Numsec = 0
    Partition is not bootable
Failed to read VBR on partition 2.
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2885681152  Numsec = 52929
    Partition is not bootable
Failed to read VBR on partition 3.
 
Disk Size: 16008609792 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8009e6f790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009616040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009e6f790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8009616b60, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 0
 
Partition information:
 
    Partition 0 type is Other (0xb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 32  Numsec = 15633376
    Partition is not bootable
    Partition file system is FAT32
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 8004304896 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa80056ea170, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80077b72b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80056ea170, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80062fa800, DeviceName: \Device\0000008c\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18
 
Partition information:
 
    Partition 0 type is Other (0xb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 56  Numsec = 15950536
    Partition is not bootable
    Partition file system is FAT32
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 8166703104 bytes
Sector size: 512 bytes
 
Done!
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa800d655060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800c8a5170, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d655060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800a131aa0, DeviceName: \Device\00000091\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C3072E18
 
Partition information:
 
    Partition 0 type is Other (0xc)
    Partition is ACTIVE.
    Partition starts at LBA: 2264  Numsec = 15660840
    Partition is not bootable
    Partition file system is FAT32
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable
 
Disk Size: 8019509248 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-1024000-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-309383168-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-1919230059-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-544829025-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-2-168653938-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-3-2885681152-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-32-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-3-0-56-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-4-0-2264-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-r.mbam...
Removal finished
 

Rkill 2.9.1 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/01/2017 10:40:55 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/01/2017 10:41:39 PM
Execution time: 0 hours(s), 0 minute(s), and 44 seconds(s)


#5 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:17 AM

Posted 02 August 2017 - 05:44 PM

I don't see any active antivirus program.

Why?


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#6 maxkragen

maxkragen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 02 August 2017 - 09:21 PM

I game and watch a lot of movies and the ones I trust all seem to have the biggest strain on those processes and since I quit porn (never have done social media), I just don't ever go to any dangerous sites anymore. Therefore, I only install/run when I notice something strange. Otherwise, I use CCleaner and Wise Disk Cleaner daily. Has done a great job of keeping this small dinosaur chugging along.



#7 CyberSec_ET

CyberSec_ET

  • Members
  • 151 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Forestville California
  • Local time:07:17 AM

Posted 02 August 2017 - 11:04 PM

I game and watch a lot of movies and the ones I trust all seem to have the biggest strain on those processes and since I quit porn (never have done social media), I just don't ever go to any dangerous sites anymore. Therefore, I only install/run when I notice something strange. Otherwise, I use CCleaner and Wise Disk Cleaner daily. Has done a great job of keeping this small dinosaur chugging along.

 

Well apparently those trusted games and/or movies, must of gave your system a virus.

Continue using no antivirus and no antimalware will constantly plague your system with PC Threats. 



#8 maxkragen

maxkragen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 02 August 2017 - 11:21 PM

Oh...sorry. I guess I left out the part where I got the bright idea to torrent. No MOAR! Thank you for your help in looking at it though. I'm a little wiser now, as I walk away with a friendly wave.

 

I'll do a system wipe and start over and make no mistakes.


Edited by maxkragen, 02 August 2017 - 11:22 PM.


#9 Broni

Broni

    The Coolest BC Computer


  • BC Advisor
  • 42,679 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Daly City, CA
  • Local time:07:17 AM

Posted 03 August 2017 - 07:28 PM

Make sure you install some AV program.

Good luck :)


My Website

p4433470.gif

My help doesn't cost a penny, but if you'd like to consider a donation, click p22001735.gif


 


#10 maxkragen

maxkragen
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:17 AM

Posted 03 August 2017 - 09:56 PM

Will do!  :busy:






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users