Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bandwidth Hogging Virus?


  • Please log in to reply
4 replies to this topic

#1 kolorus

kolorus

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 06 August 2017 - 10:19 AM

I believe I have a bandwidth hogging virus on my desktop. When my desktop is running, the bandwidth in my home is reduced from about 20mbs to 1 mbs and my ping is significantly increased. Windows Task Manager does not show any internet usage. 

 

When I shut down my computer, my bandwidth returns to normal.

 

I have run Malwarebytes Free and Malwarebytes Anti-Rootkit.

 

What's next?

Thanks



BC AdBot (Login to Remove)

 


#2 kolorus

kolorus
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 06 August 2017 - 11:29 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by David (administrator) on 06-08-2017 at 12:28:29
Running from "C:\Users\David\Downloads"
Microsoft Windows 10 Home  (X64)
Model: All Series Manufacturer: ASUS
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Intel® Ethernet Connection (2) I218-V = Ethernet (Connected)
Broadcom 802.11ac Network Adapter = Wi-Fi (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-JNDGHHD
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Intel® Ethernet Connection (2) I218-V
   Physical Address. . . . . . . . . : 14-DD-A9-7B-03-64
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::447a:f872:2ff3:928%5(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.5.92(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, August 6, 2017 10:37:44 AM
   Lease Expires . . . . . . . . . . : Monday, August 7, 2017 10:37:43 AM
   Default Gateway . . . . . . . . . : 192.168.5.1
   DHCP Server . . . . . . . . . . . : 192.168.5.1
   DHCPv6 IAID . . . . . . . . . . . : 68476329
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-F1-97-2E-14-DD-A9-7B-03-64
   DNS Servers . . . . . . . . . . . : 209.18.47.61
                                       209.18.47.62
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : The Broadcom 802.11 Network Adapter provides wireless local area networking.
   Physical Address. . . . . . . . . : AC-E0-10-CD-3B-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : AE-E0-10-CD-3B-4A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Bluetooth Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth PAN HelpText
   Physical Address. . . . . . . . . : 30-10-B3-9C-A9-30
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:953c:41c:21cc:9fe3:47be(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::41c:21cc:9fe3:47be%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 385875968
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-F1-97-2E-14-DD-A9-7B-03-64
   NetBIOS over Tcpip. . . . . . . . : Disabled
 
Tunnel adapter isatap.{6CE2CA84-4AA9-4619-8102-58B54BC00592}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    google.com
Addresses:  2607:f8b0:4009:80b::200e
 172.217.6.14
 
 
Pinging google.com [216.58.192.206] with 32 bytes of data:
Reply from 216.58.192.206: bytes=32 time=33ms TTL=54
Reply from 216.58.192.206: bytes=32 time=30ms TTL=54
 
Ping statistics for 216.58.192.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 30ms, Maximum = 33ms, Average = 31ms
Server:  dns-cac-lb-01.rr.com
Address:  209.18.47.61
 
Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:44:204::a7
 2001:4998:58:c02::a9
 206.190.36.45
 98.138.253.109
 98.139.180.149
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=88ms TTL=48
Reply from 206.190.36.45: bytes=32 time=101ms TTL=48
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 88ms, Maximum = 101ms, Average = 94ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  5...14 dd a9 7b 03 64 ......Intel® Ethernet Connection (2) I218-V
  7...ac e0 10 cd 3b 4a ......The Broadcom 802.11 Network Adapter provides wireless local area networking.
 10...ae e0 10 cd 3b 4a ......Microsoft Wi-Fi Direct Virtual Adapter
 19...30 10 b3 9c a9 30 ......Bluetooth PAN HelpText
  1...........................Software Loopback Interface 1
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.5.1     192.168.5.92     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.5.0    255.255.255.0         On-link      192.168.5.92    281
     192.168.5.92  255.255.255.255         On-link      192.168.5.92    281
    192.168.5.255  255.255.255.255         On-link      192.168.5.92    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.5.92    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.5.92    281
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11    331 ::/0                     On-link
  1    331 ::1/128                  On-link
 11    331 2001::/32                On-link
 11    331 2001:0:9d38:953c:41c:21cc:9fe3:47be/128
                                    On-link
  5    281 fe80::/64                On-link
 11    331 fe80::/64                On-link
 11    331 fe80::41c:21cc:9fe3:47be/128
                                    On-link
  5    281 fe80::447a:f872:2ff3:928/128
                                    On-link
  1    331 ff00::/8                 On-link
  5    281 ff00::/8                 On-link
 11    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [62976] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (08/06/2017 10:46:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: RazerIngameEngine.exe, version: 1.0.12.8578, time stamp: 0x566f4203
Faulting module name: RzWinMgrSrv.dll, version: 1.0.12.8578, time stamp: 0x566f41d4
Exception code: 0xc0000409
Fault offset: 0x00026e99
Faulting process id: 0x3364
Faulting application start time: 0xRazerIngameEngine.exe0
Faulting application path: RazerIngameEngine.exe1
Faulting module path: RazerIngameEngine.exe2
Report Id: RazerIngameEngine.exe3
Faulting package full name: RazerIngameEngine.exe4
Faulting package-relative application ID: RazerIngameEngine.exe5
 
Error: (08/06/2017 10:39:58 AM) (Source: Application Hang) (User: )
Description: The program Skype.exe version 7.37.0.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 27dc
 
Start Time: 01d30ec198beb45a
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: 1ddb88be-7ab5-11e7-90b8-3010b39ca930
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/05/2017 01:20:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: RazerIngameEngine.exe, version: 1.0.12.8578, time stamp: 0x566f4203
Faulting module name: RzWinMgrSrv.dll, version: 1.0.12.8578, time stamp: 0x566f41d4
Exception code: 0xc0000409
Fault offset: 0x00026e99
Faulting process id: 0x20f4
Faulting application start time: 0xRazerIngameEngine.exe0
Faulting application path: RazerIngameEngine.exe1
Faulting module path: RazerIngameEngine.exe2
Report Id: RazerIngameEngine.exe3
Faulting package full name: RazerIngameEngine.exe4
Faulting package-relative application ID: RazerIngameEngine.exe5
 
Error: (08/04/2017 12:05:03 AM) (Source: Application Error) (User: )
Description: Faulting application name: RazerIngameEngine.exe, version: 1.0.12.8578, time stamp: 0x566f4203
Faulting module name: RzWinMgrSrv.dll, version: 1.0.12.8578, time stamp: 0x566f41d4
Exception code: 0xc0000409
Fault offset: 0x00026e99
Faulting process id: 0x24bc
Faulting application start time: 0xRazerIngameEngine.exe0
Faulting application path: RazerIngameEngine.exe1
Faulting module path: RazerIngameEngine.exe2
Report Id: RazerIngameEngine.exe3
Faulting package full name: RazerIngameEngine.exe4
Faulting package-relative application ID: RazerIngameEngine.exe5
 
Error: (08/03/2017 11:51:33 PM) (Source: .NET Runtime) (User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 67756C50
Stack:
 
Error: (08/03/2017 11:21:35 PM) (Source: Application Hang) (User: )
Description: The program Wow-64.exe version 7.2.5.24742 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2db8
 
Start Time: 01d30cb1abd3903d
 
Termination Time: 64
 
Application Path: C:\Program Files (x86)\World of Warcraft\Wow-64.exe
 
Report Id: 013a82b2-78c4-11e7-90b6-3010b39ca930
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/03/2017 02:12:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: Microsoft.Photos.exe, version: 2017.18062.13720.0, time stamp: 0x594b16dc
Faulting module name: twinapi.appcore.dll, version: 10.0.14393.1378, time stamp: 0x594a144a
Exception code: 0xc000027b
Fault offset: 0x000000000006d1b4
Faulting process id: 0x1ae0
Faulting application start time: 0xMicrosoft.Photos.exe0
Faulting application path: Microsoft.Photos.exe1
Faulting module path: Microsoft.Photos.exe2
Report Id: Microsoft.Photos.exe3
Faulting package full name: Microsoft.Photos.exe4
Faulting package-relative application ID: Microsoft.Photos.exe5
 
Error: (08/02/2017 04:16:07 PM) (Source: Application Error) (User: )
Description: Faulting application name: RazerIngameEngine.exe, version: 1.0.12.8578, time stamp: 0x566f4203
Faulting module name: RzWinMgrSrv.dll, version: 1.0.12.8578, time stamp: 0x566f41d4
Exception code: 0xc0000409
Fault offset: 0x00026e99
Faulting process id: 0x26b8
Faulting application start time: 0xRazerIngameEngine.exe0
Faulting application path: RazerIngameEngine.exe1
Faulting module path: RazerIngameEngine.exe2
Report Id: RazerIngameEngine.exe3
Faulting package full name: RazerIngameEngine.exe4
Faulting package-relative application ID: RazerIngameEngine.exe5
 
Error: (08/01/2017 10:26:25 PM) (Source: .NET Runtime) (User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 72657A61
Stack:
 
Error: (07/29/2017 10:39:14 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
.
 
 
System errors:
=============
Error: (08/06/2017 11:22:57 AM) (Source: Microsoft-Windows-Kernel-General) (User: DESKTOP-JNDGHHD)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1063952339-3378319248-1522256115-1001-0-ntuser.dat
 
Error: (08/06/2017 11:22:54 AM) (Source: Microsoft-Windows-Kernel-General) (User: DESKTOP-JNDGHHD)
Description: 0x8000002a117\??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\S-1-5-21-1063952339-3378319248-1522256115-1001-0-ntuser.dat
 
Error: (08/06/2017 10:52:16 AM) (Source: Microsoft-Windows-Kernel-General) (User: DESKTOP-JNDGHHD)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-1063952339-3378319248-1522256115-1001-0-ntuser.dat
 
Error: (08/06/2017 10:52:13 AM) (Source: Microsoft-Windows-Kernel-General) (User: DESKTOP-JNDGHHD)
Description: 0x8000002a116\??\C:\ProgramData\Malwarebytes' Anti-Malware (portable)\S-1-5-21-1063952339-3378319248-1522256115-1001-0-ntuser.dat
 
Error: (08/06/2017 10:38:44 AM) (Source: Service Control Manager) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/06/2017 10:38:35 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/06/2017 10:37:41 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/06/2017 10:37:41 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/06/2017 10:37:41 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (08/06/2017 10:37:22 AM) (Source: DCOM) (User: DESKTOP-JNDGHHD)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
 
 
Microsoft Office Sessions:
=========================
Error: (08/06/2017 10:46:24 AM) (Source: Application Error)(User: )
Description: RazerIngameEngine.exe1.0.12.8578566f4203RzWinMgrSrv.dll1.0.12.8578566f41d4c000040900026e99336401d30ec1a2830d62C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exeC:\Program Files (x86)\Razer\InGameEngine\32bit\RzWinMgrSrv.dll0cafede5-0fff-45a6-84c9-64bb7475de9d
 
Error: (08/06/2017 10:39:58 AM) (Source: Application Hang)(User: )
Description: Skype.exe7.37.0.10327dc01d30ec198beb45a4294967295C:\Program Files (x86)\Skype\Phone\Skype.exe1ddb88be-7ab5-11e7-90b8-3010b39ca930
 
Error: (08/05/2017 01:20:03 PM) (Source: Application Error)(User: )
Description: RazerIngameEngine.exe1.0.12.8578566f4203RzWinMgrSrv.dll1.0.12.8578566f41d4c000040900026e9920f401d30e0a8a0765f1C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exeC:\Program Files (x86)\Razer\InGameEngine\32bit\RzWinMgrSrv.dll8170242a-c525-4f01-963a-25208141c85c
 
Error: (08/04/2017 12:05:03 AM) (Source: Application Error)(User: )
Description: RazerIngameEngine.exe1.0.12.8578566f4203RzWinMgrSrv.dll1.0.12.8578566f41d4c000040900026e9924bc01d30cd519fe3155C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exeC:\Program Files (x86)\Razer\InGameEngine\32bit\RzWinMgrSrv.dllbfc00899-1c7f-4ceb-9cd0-7a8b3945c083
 
Error: (08/03/2017 11:51:33 PM) (Source: .NET Runtime)(User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 67756C50
Stack:
 
Error: (08/03/2017 11:21:35 PM) (Source: Application Hang)(User: )
Description: Wow-64.exe7.2.5.247422db801d30cb1abd3903d64C:\Program Files (x86)\World of Warcraft\Wow-64.exe013a82b2-78c4-11e7-90b6-3010b39ca930
 
Error: (08/03/2017 02:12:11 AM) (Source: Application Error)(User: )
Description: Microsoft.Photos.exe2017.18062.13720.0594b16dctwinapi.appcore.dll10.0.14393.1378594a144ac000027b000000000006d1b41ae001d30c1f715edb7eC:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exeC:\WINDOWS\SYSTEM32\twinapi.appcore.dll7c75b256-412e-4471-af09-4fe12250d659Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbweApp
 
Error: (08/02/2017 04:16:07 PM) (Source: Application Error)(User: )
Description: RazerIngameEngine.exe1.0.12.8578566f4203RzWinMgrSrv.dll1.0.12.8578566f41d4c000040900026e9926b801d30b36eef3be50C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exeC:\Program Files (x86)\Razer\InGameEngine\32bit\RzWinMgrSrv.dllf390a37f-3772-4091-b89e-fd59ae905527
 
Error: (08/01/2017 10:26:25 PM) (Source: .NET Runtime)(User: )
Description: Application: RzStats.Manager.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 72657A61
Stack:
 
Error: (07/29/2017 10:39:14 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
 
System Error:
Access is denied.
 
 
CodeIntegrity Errors:
===================================
  Date: 2017-08-06 11:02:39.181
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 11:02:39.180
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 11:02:37.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 11:02:37.319
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:57:02.886
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:57:02.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:56:25.309
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:56:25.308
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:55:56.187
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2017-08-06 10:55:56.186
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
AIDA64 Extreme v5.90 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.90 - FinalWire Ltd.)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 378.92 - NVIDIA Corporation) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{7EAC8A42-9FAC-4F6B-AABF-C08C9F2E0F13}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BingProvidedSearch (HKLM-x32\...\{9C9F745F-CC1F-A5DF-7D9F-D55FAD1F06DF}) (Version:  - )
Black Desert Online (HKLM-x32\...\{C1F96C92-7B8C-485F-A9CD-37A0708A2A60}) (Version: 1.0.0.7 - Kakao Games Europe B.V.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CodeBlocks (HKCU\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
Corsair Utility Engine (HKLM-x32\...\{D9867424-41AD-45D5-A39B-11D5C9C07782}) (Version: 2.12.66 - Corsair)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version:  - FromSoftware, Inc.)
Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.11 - Bloodshed Software)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
f.lux (HKCU\...\Flux) (Version:  - )
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Girlvania (HKCU\...\{837FAFB9-EBA5-4727-95AD-792C4F671531}) (Version: 1.2.2 - Girlvanic Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
ILLUSION HoneySelect (HKLM-x32\...\{1F709DAC-507B-47DA-B04F-367EF5AA20B4}) (Version: 1.00.0000 - ILLUSION)
iTunes (HKLM\...\{9D0D2A8B-7E7B-4D88-8D50-24286ED6A5EB}) (Version: 12.5.5.5 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 8 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180710}) (Version: 8.0.710.15 - Oracle Corporation)
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
League of Legends (HKLM-x32\...\{79BF4901-1EC4-4726-B3C2-A7859706C6E7}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
LOOT version 0.10.2 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.10.2 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4953.1001 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
MSI Kombustor 3.5.1 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
Mumble 1.2.17 (HKLM-x32\...\{95A0093C-0C81-4D0B-BCA7-3CE11755A6BD}) (Version: 1.2.17 - Thorvald Natvig)
NieR:Automata™ (HKLM\...\Steam App 524220) (Version:  - Square Enix)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 378.92 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.8.0.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.8.0.89 - NVIDIA Corporation)
NVIDIA Graphics Driver 378.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.92 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.23 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.6 - OBS Project)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.4953.1001 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server) (HKLM\...\Steam App 622590) (Version:  - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.7 - Power Software Ltd)
RapeLay (HKLM-x32\...\{CA31F991-DBD2-4DE1-B6D2-30105F23CBBC}) (Version: 1.03 - ILLUSION)
Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.1.5 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Sakura Beach 2 (HKLM\...\Steam App 407980) (Version:  - Winged Cloud)
SciTE Text Editor (HKLM-x32\...\{6438CA9F-4E27-4FB7-A9AF-319A99C09DBE}) (Version: 3.6.3 - ebswift.com)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Simulationcraft(x64) version 7.1.5.01 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 7.1.5.01 - Simulationcraft)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Skyrim Script Extender (SKSE) (HKLM\...\Steam App 365720) (Version:  - The SKSE Team)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 1.0.60.492.gbb40dab8 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.6.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.6.1 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 3: Wild Hunt (HKLM\...\Steam App 292030) (Version:  - CD PROJEKT RED)
thriXXX-Launcher (HKLM-x32\...\thriXXX-Launcher) (Version:  - thriXXX Software GmbH)
UE4 Prerequisites (x86) (HKLM-x32\...\{6EAAE1C0-6000-45FA-B46D-D206144925BF}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x86) (HKLM-x32\...\{f1203e43-4ddb-4280-974e-73f14d793dbd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.3.7f1 - Unity Technologies ApS)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Wallpaper Engine (HKLM\...\Steam App 431960) (Version:  - Kristjan Skutta)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.4 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Yareel version 1.0.2 (HKLM-x32\...\{7D3D9C01-C6C7-4993-8CE8-FB01F4A1178F}_is1) (Version: 1.0.2 - Yareel Entertainment Ltd)
 
========================= Devices: ================================
 
Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: IntcAzAudAddService
Device ID: HDAUDIO\FUNC_01&VEN_10EC&DEV_0892&SUBSYS_1043863D&REV_1003\4&232B1333&0&0001
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
**** End of log ****


#3 JoshRoss

JoshRoss

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:01:29 AM

Posted 07 August 2017 - 05:43 AM

The logs should not be posted in this forum..... 

 

It seems you have a couple of malicious services running that can interfere with your processes. I would recommend uninstalling all your porn applications and illegal games. For starters. Secondly, make sure your torrents are turned off and are not running in the background as that can easily affect your bandwidth. Moreover, let's do a simple PC clean-up to remove any suspicion.

 
1. Check your Programs and features and see if there are any new recently installed programs that you don’t recognize. If there are, remove them.
2. Check your task manager for any suspicious processes, if found, identify folders and try to remove them manually. Or just "Win key + R" and type %appdata%. Afterward, delete potentially malicious folders.
3. Do a full scan with anti-virus software of your choice or use Windows Defender to clean up initial infections.
4. Scan your PC with Hitman Pro, Malwarebytes, and AdwCleaner. Multiple anti-malware solutions will confirm that the threat was removed.
5. Restart your PC in normal mode and do an additional scan to confirm that the malware is gone.
 
Let me know if the problem is gone or persists.


#4 kolorus

kolorus
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:29 AM

Posted 12 August 2017 - 06:29 PM

Hi. I have done everything on your list and the problem persists. 



#5 JoshRoss

JoshRoss

  • Members
  • 88 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States
  • Local time:01:29 AM

Posted 14 August 2017 - 01:15 AM

Sorry for the late response. Let's try something more in-depth then. Some steps will retain, but sometimes software has a hard time dealing with the issues in normal mode, so I do recommend the following.

 
1. Restart your PC in “Safe mode with networking.”
2. Install and run RKill to kill malicious processes and services
3. Repeat my previous steps 1-4.
4. Clean up your Registry and Cached files with CCleaner
5. Restart your PC in normal mode and do an additional scan to confirm that the malware is gone.
 
Let me know if it helps.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users