Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with most advisable scans/programs


  • Please log in to reply
5 replies to this topic

#1 TheSlickness

TheSlickness

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 29 November 2017 - 12:04 AM

1. Thank you for being a resource for us and anyone's time in helping here.

 

2. I've had a very smooth running laptop for a couple years, and now it's starting to get very buggy. I think my system may need cleaned and could use a walk-through on what to run and what to do with the scan results, to see if I have some harmful viruses or what have you. A lot of random lagging between actions that didn't exist last month are happening and I don't see another reason for it. Things seem updated properly and Regular Windows Defender hasn't flagged anything in recent scans.

 

 

*Windows 10: It says it's up-to-date

*Dell Inspiron 3542

*My cookies were cleaned recently.

*While I'm worried I have some sort of viruses or something on my system, I do seem to recall this started to misbehave after the last Windows update, in case that's relevant.

*I've run some of the Microsoft suggested autofixes that might be relevant, but nothing interesting seemed to show up. One media player fix that was probably unrelated after some song files duplicated.

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 29 November 2017 - 10:47 AM

Welcome, please do these next.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 TheSlickness

TheSlickness
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 30 November 2017 - 10:32 AM

Global Moderator, thank you for your reply.

 

Results for the MiniToolBox with my computer name redacted (I didn't know if that mattered or not):

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by **********(administrator) on 30-11-2017 at 02:46:06
Running from "C:\Users\**********\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Inspiron 3542 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Dell Wireless 1705 802.11b|g|n (2.4GHZ) = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : **********-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : B8-2A-72-C3-08-82
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 16-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 56-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
   Physical Address. . . . . . . . . : 64-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:301:77dc:e640:cc36:b5f8:998d:9bbe(Preferred)
   IPv6 Address. . . . . . . . . . . : 2602:301:77dc:e640::49(Duplicate)
   Lease Obtained. . . . . . . . . . : Tuesday, November 28, 2017 10:01:48 AM
   Lease Expires . . . . . . . . . . : Wednesday, December 27, 2017 5:13:31 AM
   Temporary IPv6 Address. . . . . . : 2602:301:77dc:e640:65a2:f191:f3d9:81b2(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:301:77dc:e640:b12f:c50:ec71:11ee(Deprecated)
   Link-local IPv6 Address . . . . . : fe80::cc36:b5f8:998d:9bbe%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.74(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 28, 2017 10:01:46 AM
   Lease Expires . . . . . . . . . . : Friday, December 01, 2017 12:13:23 AM
   Default Gateway . . . . . . . . . : fe80::9662:69ff:fe53:8f80%9
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 224680452
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-EE-89-78-B8-2A-72-C3-08-82
   DNS Servers . . . . . . . . . . . : 2602:301:77dc:e640::1
                                       192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       attlocal.net

Tunnel adapter Local Area Connection* 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  dsldevice6.attlocal.net
Address:  2602:301:77dc:e640::1

Name:    google.com
Addresses:  2607:f8b0:4009:80d::200e
      216.58.192.238


Pinging google.com [2607:f8b0:4009:805::200e] with 32 bytes of data:
Reply from 2607:f8b0:4009:805::200e: time=28ms
Reply from 2607:f8b0:4009:805::200e: time=29ms

Ping statistics for 2607:f8b0:4009:805::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 28ms, Maximum = 29ms, Average = 28ms
Server:  dsldevice6.attlocal.net
Address:  2602:301:77dc:e640::1

Name:    yahoo.com
Addresses:  2001:4998:44:204::100d
      2001:4998:c:e33::53
      2001:4998:58:2201::73
      206.190.39.42
      98.139.180.180
      98.138.252.38


Pinging yahoo.com [2001:4998:c:e33::53] with 32 bytes of data:
Reply from 2001:4998:c:e33::53: time=88ms
Reply from 2001:4998:c:e33::53: time=92ms

Ping statistics for 2001:4998:c:e33::53:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 88ms, Maximum = 92ms, Average = 90ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...b8 2a 72 c3 08 82 ......Realtek PCIe FE Family Controller
 10...16 5a 04 8c 5d 38 ......Microsoft Wi-Fi Direct Virtual Adapter
  7...56 5a 04 8c 5d 38 ......Microsoft Hosted Network Virtual Adapter
  9...64 5a 04 8c 5d 38 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.74     55
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link      192.168.1.74    311
     192.168.1.74  255.255.255.255         On-link      192.168.1.74    311
    192.168.1.255  255.255.255.255         On-link      192.168.1.74    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.1.74    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.1.74    311
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9    311 ::/0                     fe80::9662:69ff:fe53:8f80
  1    331 ::1/128                  On-link
  9    311 2602:301:77dc:e640::/64  On-link
  9     71 2602:301:77dc:e640::/64  fe80::9662:69ff:fe53:8f80
  9    311 2602:301:77dc:e640:65a2:f191:f3d9:81b2/128
                                    On-link
  9    311 2602:301:77dc:e640:b12f:c50:ec71:11ee/128
                                    On-link
  9    311 2602:301:77dc:e640:cc36:b5f8:998d:9bbe/128
                                    On-link
  9    311 fe80::/64                On-link
  9    311 fe80::cc36:b5f8:998d:9bbe/128
                                    On-link
  1    331 ff00::/8                 On-link
  9    311 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/29/2017 11:16:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/29/2017 07:59:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/29/2017 04:13:36 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 57.0.0.6525, time stamp: 0x5a0859ef
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b
Exception code: 0xc0000374
Fault offset: 0x00000000000f775f
Faulting process id: 0x6a8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/28/2017 11:07:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.2.17.55, time stamp: 0x589a6f77
Faulting module name: SynTPEnh.exe, version: 19.2.17.55, time stamp: 0x589a6f77
Exception code: 0xc0000005
Fault offset: 0x000000000000323f
Faulting process id: 0x1520
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report Id: SynTPEnh.exe3
Faulting package full name: SynTPEnh.exe4
Faulting package-relative application ID: SynTPEnh.exe5

Error: (11/28/2017 11:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/28/2017 08:07:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/28/2017 08:07:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/28/2017 05:56:04 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 57.0.0.6525, time stamp: 0x5a0859ef
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b
Exception code: 0xc0000374
Fault offset: 0x00000000000f775f
Faulting process id: 0x136c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/28/2017 03:49:41 AM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 57.0.0.6525, time stamp: 0x5a0859ef
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b
Exception code: 0xc0000374
Fault offset: 0x00000000000f775f
Faulting process id: 0x1de0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5

Error: (11/27/2017 09:58:49 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 57.0.0.6525, time stamp: 0x5a0859ef
Faulting module name: ntdll.dll, version: 10.0.15063.608, time stamp: 0x8274fd8b
Exception code: 0xc0000374
Fault offset: 0x00000000000f775f
Faulting process id: 0x1fc4
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5


System errors:
=============
Error: (11/30/2017 12:13:23 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/29/2017 03:17:04 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/29/2017 12:18:15 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/29/2017 11:16:39 AM) (Source: DCOM) (User: **********-PC)
Description: Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe!App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca

Error: (11/29/2017 11:16:21 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/29/2017 07:48:17 AM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/28/2017 11:07:19 PM) (Source: Tcpip) (User: )
Description: The system detected an address conflict for IP address 2602:301:77dc:e640::49 with the system
having network hardware address 70-18-8B-47-0E-EA. Network operations on this system may
be disrupted as a result.

Error: (11/28/2017 08:07:50 PM) (Source: DCOM) (User: **********-PC)
Description: Microsoft.Windows.ShellExperienceHost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy!App

Error: (11/26/2017 06:06:04 AM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (11/26/2017 06:06:03 AM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.



Microsoft Office Sessions:
=========================
Error: (11/29/2017 11:16:39 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2144927141

Error: (11/29/2017 07:59:40 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170

Error: (11/29/2017 04:13:36 AM) (Source: Application Error)(User: )
Description: plugin-container.exe57.0.0.65255a0859efntdll.dll10.0.15063.6088274fd8bc000037400000000000f775f6a801d368f250a7eed4C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\WINDOWS\SYSTEM32\ntdll.dll15390504-2fc8-4f1b-9dee-0f6055df7e26

Error: (11/28/2017 11:07:37 PM) (Source: Application Error)(User: )
Description: SynTPEnh.exe19.2.17.55589a6f77SynTPEnh.exe19.2.17.55589a6f77c0000005000000000000323f152001d366a6b5c70a65C:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exee3d2e3e2-06a2-4aaf-9097-127697f31bd1

Error: (11/28/2017 11:07:29 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI-2144927142

Error: (11/28/2017 08:07:50 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App-2144927141

Error: (11/28/2017 08:07:36 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App-2144927142

Error: (11/28/2017 05:56:04 AM) (Source: Application Error)(User: )
Description: plugin-container.exe57.0.0.65255a0859efntdll.dll10.0.15063.6088274fd8bc000037400000000000f775f136c01d3683772e2d31eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\WINDOWS\SYSTEM32\ntdll.dll9cebe1a5-950b-49ff-8945-e4e9877fb397

Error: (11/28/2017 03:49:41 AM) (Source: Application Error)(User: )
Description: plugin-container.exe57.0.0.65255a0859efntdll.dll10.0.15063.6088274fd8bc000037400000000000f775f1de001d36825cf7a4a30C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\WINDOWS\SYSTEM32\ntdll.dlle7dc7ce6-454f-4951-8fa3-c9afccded6f4

Error: (11/27/2017 09:58:49 PM) (Source: Application Error)(User: )
Description: plugin-container.exe57.0.0.65255a0859efntdll.dll10.0.15063.6088274fd8bc000037400000000000f775f1fc401d367f4cc72dedbC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\WINDOWS\SYSTEM32\ntdll.dll83143f07-c422-4563-883f-0cbf7faf2560


CodeIntegrity Errors:
===================================
  Date: 2017-11-30 02:43:31.431
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 02:43:31.426
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 00:47:22.372
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 00:47:22.337
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-29 11:26:39.234
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-29 11:26:39.177
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-28 09:18:20.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-28 09:18:19.998
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-28 02:58:21.990
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-28 02:58:21.931
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.2.0.0 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: 1.19.2.46095 - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Clone2Go Video Converter Free Version 2.8.2 (HKLM-x32\...\Clone2Go Video Converter Free Version_is1) (Version:  - Clone2Go.com)
ContactKeeper 1.5.0 (HKLM-x32\...\ContactKeeper_is1) (Version:  - ContactKeeper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 5.85 - NCH Software)
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Gameroom 1.10.6515.35995 (HKLM-x32\...\{0B5F75BB-9192-4E2C-A0A6-D07DC31A2E84}) (Version: 1.10.6515.35995 - Facebook)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Free Video To Audio Converter 2015 6.5.6 (HKLM-x32\...\Free Video To Audio Converter 2015_is1) (Version:  - FAEMedia Co., Ltd.)
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hulu Downloader 2.8.199.88 (HKLM-x32\...\Hulu Downloader_is1) (Version:  - Hulu-downloader, Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Letters from Nowhere (HKLM-x32\...\Letters from Nowhere_is1) (Version:  - )
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Margrave: The Blacksmith’s Daughter (HKLM-x32\...\Margrave: The Blacksmith’s Daughter) (Version: 1.0.0.0 - INTENIUM GmbH)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0 (x64 en-US)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
SCREENSEVEN GAME CENTER (HKLM-x32\...\VIVAGplayer) (Version: 2.3.1.37 - INTENIUM GmbH)
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version:  - 5th Cell Media)
Sid Meier's Civilization III: Complete (HKLM\...\Steam App 3910) (Version:  - Firaxis Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.2.5f1 - Unity Technologies ApS)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
VidCrop (HKLM-x32\...\VidCrop_is1) (Version:  - VidCrop)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Word Whomp To Go (HKLM-x32\...\Word Whomp To Go_is1) (Version:  - )
Yammer Notifier (HKCU\...\8c3c8c06fefda92b) (Version: 1.2.3.885 - Microsoft Corporation)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 4000.18 MB
Available physical RAM: 2702.3 MB
Total Virtual: 10838.74 MB
Available Virtual: 8501.9 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:441.99 GB) (Free:353.07 GB) NTFS
3 Drive y: (RECOVERY) (Fixed) (Total:23.73 GB) (Free:23.13 GB) NTFS

========================= Users: ========================================

User accounts for \\**********-PC

Administrator            DefaultAccount           Guest                    
**********              


**** End of log ****
 

Results for the AdwCleaner:

# AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 30 07:55:26 2017
# Updated on 2017/27/10 by Malwarebytes
# Database: 11-29-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1642032668-1336547674-3641952885-1001\Software\AppDataLow\Software\Settings Manager
PUP.Optional.Legacy, [Key] - HKCU\Software\AppDataLow\Software\Settings Manager
PUP.Optional.Spigot, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1672163f-8651-4c0d-9c05-4ba941123972}
PUP.Optional.Spigot, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61db39d5-034c-45c0-8bb2-daf857edcf3b}
PUP.Optional.Spigot, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CAE9BEC8-4723-4347-AFC6-25EE3326BA5B}
PUP.Optional.Spigot, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90E4CD0C-426F-4207-805B-7885AB32D43F}
PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-1642032668-1336547674-3641952885-1001\Software\PRODUCTSETUP
PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************



########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

 

 

 

I did not ask it to clean the PUP's, and still have the program open. I didn't know if you wanted that cleaned or put on hold.

Here is the results for the eset scanner, with my username redacted, again:

C:\Users\**********\AppData\Local\LymphosarcomasAdmonition\NonredeemablePalinode.dat    Win32/DealPly.CI potentially unwanted application    
C:\Users\**********\AppData\Local\{C6A0F0FC-E208-9C44-8F90-B9ACABF84534}\uninstall.exe    a variant of Win32/DealPly.AY potentially unwanted application    
 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 30 November 2017 - 10:53 AM

Ok , yes you can now remove what ADW found.

Restart Computer and please run MINI again.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 TheSlickness

TheSlickness
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:51 PM

Posted 04 December 2017 - 05:39 PM

Apologies for the delay, here are the next MTB results:

MiniToolBox by Farbar  Version: 17-06-2016
Ran by ********** (administrator) on 01-12-2017 at 04:26:53
Running from "C:\Users\**********\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Inspiron 3542 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
========================= IP Configuration: ================================

Dell Wireless 1705 802.11b|g|n (2.4GHZ) = Wireless Network Connection (Connected)
Realtek PCIe FE Family Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wireless Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 5" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : **********-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : attlocal.net

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : B8-2A-72-C3-08-82
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 16-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 3:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Hosted Network Virtual Adapter
   Physical Address. . . . . . . . . : 56-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : attlocal.net
   Description . . . . . . . . . . . : Dell Wireless 1705 802.11b/g/n (2.4GHZ)
   Physical Address. . . . . . . . . : 64-5A-04-8C-5D-38
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2602:301:77dc:e640::45(Preferred)
   Lease Obtained. . . . . . . . . . : Friday, December 01, 2017 1:40:39 AM
   Lease Expires . . . . . . . . . . : Saturday, December 30, 2017 12:39:59 PM
   IPv6 Address. . . . . . . . . . . : 2602:301:77dc:e640:cc36:b5f8:998d:9bbe(Preferred)
   Temporary IPv6 Address. . . . . . : 2602:301:77dc:e640:fc02:8be6:b4bb:8adf(Preferred)
   Link-local IPv6 Address . . . . . : fe80::cc36:b5f8:998d:9bbe%9(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.74(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, December 01, 2017 1:40:37 AM
   Lease Expires . . . . . . . . . . : Saturday, December 02, 2017 1:40:37 AM
   Default Gateway . . . . . . . . . : fe80::9662:69ff:fe53:8f80%9
                                       192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DHCPv6 IAID . . . . . . . . . . . : 224680452
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-EE-89-78-B8-2A-72-C3-08-82
   DNS Servers . . . . . . . . . . . : 2602:301:77dc:e640::1
                                       192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       attlocal.net

Tunnel adapter Local Area Connection* 4:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:24aa:2074:e882:319b(Preferred)
   Link-local IPv6 Address . . . . . : fe80::24aa:2074:e882:319b%4(Preferred)
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 67108864
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-EE-89-78-B8-2A-72-C3-08-82
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  dsldevice6.attlocal.net
Address:  2602:301:77dc:e640::1

Name:    google.com
Addresses:  2607:f8b0:4009:80a::200e
      216.58.218.14


Pinging google.com [2607:f8b0:4009:800::200e] with 32 bytes of data:
Reply from 2607:f8b0:4009:800::200e: time=27ms
Reply from 2607:f8b0:4009:800::200e: time=28ms

Ping statistics for 2607:f8b0:4009:800::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server:  dsldevice6.attlocal.net
Address:  2602:301:77dc:e640::1

Name:    yahoo.com
Addresses:  2001:4998:44:204::100d
      2001:4998:58:2201::73
      2001:4998:c:e33::53
      206.190.39.42
      98.138.252.38
      98.139.180.180


Pinging yahoo.com [2001:4998:58:2201::73] with 32 bytes of data:
Reply from 2001:4998:58:2201::73: time=52ms
Reply from 2001:4998:58:2201::73: time=51ms

Ping statistics for 2001:4998:58:2201::73:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 51ms, Maximum = 52ms, Average = 51ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  8...b8 2a 72 c3 08 82 ......Realtek PCIe FE Family Controller
 10...16 5a 04 8c 5d 38 ......Microsoft Wi-Fi Direct Virtual Adapter
  7...56 5a 04 8c 5d 38 ......Microsoft Hosted Network Virtual Adapter
  9...64 5a 04 8c 5d 38 ......Dell Wireless 1705 802.11b/g/n (2.4GHZ)
  1...........................Software Loopback Interface 1
  4...00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.74     55
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link      192.168.1.74    311
     192.168.1.74  255.255.255.255         On-link      192.168.1.74    311
    192.168.1.255  255.255.255.255         On-link      192.168.1.74    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link      192.168.1.74    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link      192.168.1.74    311
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  9    311 ::/0                     fe80::9662:69ff:fe53:8f80
  1    331 ::1/128                  On-link
  4    331 2001::/32                On-link
  4    331 2001:0:9d38:6ab8:24aa:2074:e882:319b/128
                                    On-link
  9    311 2602:301:77dc:e640::/64  On-link
  9     71 2602:301:77dc:e640::/64  fe80::9662:69ff:fe53:8f80
  9    311 2602:301:77dc:e640::45/128
                                    On-link
  9    311 2602:301:77dc:e640:cc36:b5f8:998d:9bbe/128
                                    On-link
  9    311 2602:301:77dc:e640:fc02:8be6:b4bb:8adf/128
                                    On-link
  9    311 fe80::/64                On-link
  4    331 fe80::/64                On-link
  4    331 fe80::24aa:2074:e882:319b/128
                                    On-link
  9    311 fe80::cc36:b5f8:998d:9bbe/128
                                    On-link
  1    331 ff00::/8                 On-link
  9    311 ff00::/8                 On-link
  4    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [133392] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/01/2017 01:42:29 AM) (Source: Application Error) (User: )
Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x53463944
Faulting module name: MSVCR90.dll, version: 9.0.30729.9279, time stamp: 0x57fb316a
Exception code: 0xc0000005
Fault offset: 0x0003734d
Faulting process id: 0xdd0
Faulting application start time: 0xUA.exe0
Faulting application path: UA.exe1
Faulting module path: UA.exe2
Report Id: UA.exe3
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4016

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4016

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2017 12:40:02 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname **********-PC.local already in use; will try **********-PC-2.local instead

Error: (11/30/2017 12:40:02 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 **********-PC.local. Addr 192.168.1.74

Error: (11/30/2017 12:40:01 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.74:5353   16 **********-PC.local. AAAA 2602:0301:77DC:E640:0000:0000:0000:0045

Error: (11/30/2017 08:24:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/29/2017 11:16:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (11/29/2017 07:59:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: **********-PC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (12/01/2017 01:40:35 AM) (Source: Service Control Manager) (User: )
Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (12/01/2017 01:40:33 AM) (Source: Service Control Manager) (User: )
Description: The CldFlt service failed to start due to the following error:
%%50 = The request is not supported.


Error: (12/01/2017 01:39:40 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (12/01/2017 01:39:40 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device Service service to connect.

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The Dell Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The SoftThinks Agent Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The SynTPEnh Caller Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (12/01/2017 01:38:17 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================
Error: (12/01/2017 01:42:29 AM) (Source: Application Error)(User: )
Description: UA.exe1.0.0.153463944MSVCR90.dll9.0.30729.927957fb316ac00000050003734ddd001d36a6f77f68847C:\Users\**********\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\WINDOWS\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.9279_none_50939ec6bcb7c97c\MSVCR90.dll89ed6ce8-2872-4b36-99a2-952de7ec7126

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4016

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4016

Error: (11/30/2017 05:23:02 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/30/2017 12:40:02 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname **********-PC.local already in use; will try **********-PC-2.local instead

Error: (11/30/2017 12:40:02 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister    4 **********-PC.local. Addr 192.168.1.74

Error: (11/30/2017 12:40:01 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.74:5353   16 **********-PC.local. AAAA 2602:0301:77DC:E640:0000:0000:0000:0045

Error: (11/30/2017 08:24:08 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170

Error: (11/29/2017 11:16:39 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2144927141

Error: (11/29/2017 07:59:40 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: **********-PC)
Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170


CodeIntegrity Errors:
===================================
  Date: 2017-12-01 04:24:44.784
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-12-01 04:24:44.780
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 12:50:22.095
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 12:50:22.062
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 07:25:48.122
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 07:25:48.121
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 05:21:51.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 05:21:51.157
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 05:10:09.582
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-11-30 05:10:09.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


=========================== Installed Programs ============================

Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.2.0.0 - Amazon)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version: 1.19.2.46095 - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Clone2Go Video Converter Free Version 2.8.2 (HKLM-x32\...\Clone2Go Video Converter Free Version_is1) (Version:  - Clone2Go.com)
ContactKeeper 1.5.0 (HKLM-x32\...\ContactKeeper_is1) (Version:  - ContactKeeper)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.8.1.70 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated)
Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.)
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 5.85 - NCH Software)
f.lux (HKCU\...\Flux) (Version:  - )
Facebook Gameroom 1.10.6515.35995 (HKLM-x32\...\{0B5F75BB-9192-4E2C-A0A6-D07DC31A2E84}) (Version: 1.10.6515.35995 - Facebook)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
Free Video To Audio Converter 2015 6.5.6 (HKLM-x32\...\Free Video To Audio Converter 2015_is1) (Version:  - FAEMedia Co., Ltd.)
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hulu Downloader 2.8.199.88 (HKLM-x32\...\Hulu Downloader_is1) (Version:  - Hulu-downloader, Inc.)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.3.34 - Intel Corporation)
iTunes (HKLM\...\{F2517A28-8CB8-4206-B86C-5EDD4EA26682}) (Version: 12.7.1.14 - Apple Inc.)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Letters from Nowhere (HKLM-x32\...\Letters from Nowhere_is1) (Version:  - )
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Margrave: The Blacksmith’s Daughter (HKLM-x32\...\Margrave: The Blacksmith’s Daughter) (Version: 1.0.0.0 - INTENIUM GmbH)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 57.0.1 (x64 en-US)) (Version: 57.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 49.0.2725.47 (HKLM-x32\...\Opera 49.0.2725.47) (Version: 49.0.2725.47 - Opera Software)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.18 - Dell Inc.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.88.617.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.)
SCREENSEVEN GAME CENTER (HKLM-x32\...\VIVAGplayer) (Version: 2.3.1.37 - INTENIUM GmbH)
Scribblenauts Unlimited (HKLM\...\Steam App 218680) (Version:  - 5th Cell Media)
Sid Meier's Civilization III: Complete (HKLM\...\Steam App 3910) (Version:  - Firaxis Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 5.2.5f1 - Unity Technologies ApS)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.)
VidCrop (HKLM-x32\...\VidCrop_is1) (Version:  - VidCrop)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Word Whomp To Go (HKLM-x32\...\Word Whomp To Go_is1) (Version:  - )
Yammer Notifier (HKCU\...\8c3c8c06fefda92b) (Version: 1.2.3.885 - Microsoft Corporation)
Yousician Launcher version 1.0 (HKLM-x32\...\{EF45EAE9-523E-47C3-8634-A81923B11DD5}_is1) (Version: 1.0 - Yousician)

========================= Memory info: ===================================

Percentage of memory in use: 48%
Total physical RAM: 4000.18 MB
Available physical RAM: 2049.79 MB
Total Virtual: 8608.18 MB
Available Virtual: 6079.96 MB

========================= Partitions: =====================================

1 Drive c: (OS) (Fixed) (Total:441.99 GB) (Free:353.82 GB) NTFS

========================= Users: ========================================

User accounts for \\**********-PC

Administrator            DefaultAccount           Guest                    
**********               


**** End of log ****
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:51 PM

Posted 05 December 2017 - 10:17 AM

Hello.. I like to get a deeper look as these 2 may be malware
Faulting package full name: UA.exe4
Faulting package-relative application ID: UA.exe5

Do steps 6 and 7 ...

Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users