Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need Lots of Help! - "__"


  • This topic is locked This topic is locked
7 replies to this topic

#1 obigowens

obigowens

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 21 July 2018 - 09:39 PM

My computer is buggy as all hell and i need help Can't download FRST and my computer is opening tabs at random

 



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:56 AM

Posted 21 July 2018 - 09:41 PM

Hi obigowens :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

3Al62Pm.pngMiniToolBox
  • Download MiniToolBox and move the file to your Desktop
  • Right-click on MiniToolBox.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Check the following options:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP Configuration
    • List Winsock Entries
    • List Last 10 Event Viewer Errors
    • List Installed Programs
    • List Devices - Only Problems
    • List Users, Partitions and Memory size
      OQmAcqS.png
  • Once this is done, click on Go and wait for the scan to complete
  • Once the scan is complete, a log will open. Please copy/paste the content of the output log in your next reply

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 obigowens

obigowens
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 21 July 2018 - 09:51 PM

http://file:///C:/Users/acoo3/Desktop/MTB.txt



#4 obigowens

obigowens
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 21 July 2018 - 09:52 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by acoo3 (administrator) on 21-07-2018 at 20:50:25
Running from "C:\Users\acoo3\Downloads"
Microsoft Windows 10 Home  (X64)
Model: Inspiron 7559 Manufacturer: Dell Inc.
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com
0.0.0.0 cdn.tuto4pc.com
 
There are 7 entries.
 
========================= IP Configuration: ================================
 
Intel® Dual Band Wireless-AC 3165 = Wi-Fi (Connected)
LogMeIn Hamachi Virtual Ethernet Adapter = Ethernet 2 (Hardware not present)
Realtek PCIe GBE Family Controller = Ethernet (Media disconnected)
Bluetooth Device (Personal Area Network) = Bluetooth Network Connection 2 (Media disconnected)
AnchorFree TAP-Windows Adapter V9 = Ethernet 3 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global
add route prefix=0.0.0.0/0 interface="Ethernet 2" nexthop=25.0.0.1 publish=Yes
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet (Kernel Debugger) 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 2" forwarding=enabled advertise=enabled metric=9000 nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet 3" forwarding=enabled advertise=enabled metric=5 nud=enabled ignoredefaultroutes=disabled
set subinterface interface= subinterface=ethernet_32774 mtu=1404
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : DESKTOP-KSMF93I
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
 
Ethernet adapter Ethernet:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : F4-8E-38-EE-21-C6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet 3:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : AnchorFree TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-09-15-A4-96
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 58-FB-84-57-04-0F
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Local Area Connection* 1:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : 5A-FB-84-57-04-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Wireless LAN adapter Wi-Fi:
 
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Intel® Dual Band Wireless-AC 3165
   Physical Address. . . . . . . . . : 58-FB-84-57-04-0E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::90e:2b90:56c6:48e4%19(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.0.3(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, July 19, 2018 7:48:43 PM
   Lease Expires . . . . . . . . . . : Sunday, July 22, 2018 11:49:17 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 89717636
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-C6-C0-3C-F4-8E-38-EE-21-C6
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       205.171.3.25
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Bluetooth Network Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network) #2
   Physical Address. . . . . . . . . : 58-FB-84-57-04-12
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
Server:  modem.Home
Address:  192.168.0.1
 
Name:    google.com
Addresses:  2607:f8b0:400a:804::200e
  216.58.217.46
 
 
Pinging google.com [216.58.217.46] with 32 bytes of data:
Reply from 216.58.217.46: bytes=32 time=16ms TTL=56
Reply from 216.58.217.46: bytes=32 time=106ms TTL=56
 
Ping statistics for 216.58.217.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 106ms, Average = 61ms
Server:  modem.Home
Address:  192.168.0.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:1023::4
  2001:4998:c:1023::5
  2001:4998:44:41d::4
  2001:4998:58:1836::10
  2001:4998:44:41d::3
  2001:4998:58:1836::11
  72.30.35.10
  98.137.246.7
  98.138.219.232
  98.137.246.8
  72.30.35.9
  98.138.219.231
 
 
Pinging yahoo.com [98.137.246.7] with 32 bytes of data:
Reply from 98.137.246.7: bytes=32 time=234ms TTL=54
Reply from 98.137.246.7: bytes=32 time=24ms TTL=54
 
Ping statistics for 98.137.246.7:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 24ms, Maximum = 234ms, Average = 129ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...f4 8e 38 ee 21 c6 ......Realtek PCIe GBE Family Controller
  3...00 ff 09 15 a4 96 ......AnchorFree TAP-Windows Adapter V9
 22...58 fb 84 57 04 0f ......Microsoft Wi-Fi Direct Virtual Adapter
  4...5a fb 84 57 04 0e ......Microsoft Wi-Fi Direct Virtual Adapter #2
 19...58 fb 84 57 04 0e ......Intel® Dual Band Wireless-AC 3165
 11...58 fb 84 57 04 12 ......Bluetooth Device (Personal Area Network) #2
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.3     55
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.0.0    255.255.255.0         On-link       192.168.0.3    311
      192.168.0.3  255.255.255.255         On-link       192.168.0.3    311
    192.168.0.255  255.255.255.255         On-link       192.168.0.3    311
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link       192.168.0.3    311
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link       192.168.0.3    311
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    331 ::1/128                  On-link
 19    311 fe80::/64                On-link
 19    311 fe80::90e:2b90:56c6:48e4/128
                                    On-link
  1    331 ff00::/8                 On-link
 19    311 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [51712] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\SysWOW64\mswsock.dll [341920] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67072] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [84992] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [401968] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/19/2018 07:52:35 PM) (Source: Application Hang) (User: )
Description: The program SCPSL.exe version 2018.1.5.11711 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3128
 
Start Time: 01d41fcc412303c2
 
Termination Time: 195
 
Application Path: C:\Users\acoo3\Desktop\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exe
 
Report Id: e415cacd-4ef2-4643-bc57-23ebab958bc1
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/18/2018 10:07:24 PM) (Source: Application Hang) (User: )
Description: The program SearchUI.exe version 10.0.17134.112 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2434
 
Start Time: 01d41f159c34e4c0
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 
Report Id: bb7d17e9-7c75-4e5a-9b94-093ae63af9c5
 
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: CortanaUI
 
Error: (07/18/2018 10:04:42 PM) (Source: Application Hang) (User: )
Description: The program SearchUI.exe version 10.0.17134.112 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 18bc
 
Start Time: 01d411626f1e33fa
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
 
Report Id: da0198a6-37ce-4ee9-be30-08c46b656de7
 
Faulting package full name: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: CortanaUI
 
Error: (07/12/2018 11:25:03 PM) (Source: Application Hang) (User: )
Description: The program steamvr_room_setup.exe version 5.6.0.64340 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 5d50
 
Start Time: 01d41a68ce0afd71
 
Termination Time: 15
 
Application Path: C:\Users\acoo3\Desktop\Steam\steamapps\common\SteamVR\tools\steamvr_room_setup\win64\steamvr_room_setup.exe
 
Report Id: b2ac1ef0-9dd0-4368-8b19-eeb5dd5f4462
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/12/2018 11:24:48 PM) (Source: Application Hang) (User: )
Description: The program Steam.exe version 4.55.34.56 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 4fd0
 
Start Time: 01d41554e0cda6bb
 
Termination Time: 40
 
Application Path: C:\Users\acoo3\Desktop\Steam\Steam.exe
 
Report Id: 50489072-2af4-4988-b25e-6863f2457b2a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/12/2018 10:59:32 PM) (Source: Application Hang) (User: )
Description: The program vrmonitor.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 3f00
 
Start Time: 01d41a658dadfe90
 
Termination Time: 8
 
Application Path: C:\Users\acoo3\Desktop\Steam\steamapps\common\SteamVR\bin\win64\vrmonitor.exe
 
Report Id: 7945ba36-cff1-41c3-bac5-51f235fba52a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (07/12/2018 10:54:18 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 991425028 ms
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function:  WIPolicyActiveRelationshipTableChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  PolicyActiveRelationshipTableChanged [44]
Policy:  Active Policy [0]
Exception Function:  Policy::executePolicyActiveRelationshipTableChanged
Exception Text:  
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function:  EsifServices::primitiveExecuteGet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
Error: (07/12/2018 10:54:18 PM) (Source: DPTF) (User: )
Description: Intel® Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 991425023 ms
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function:  WIPolicyActiveRelationshipTableChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  PolicyActiveRelationshipTableChanged [44]
Policy:  Active Policy [0]
Exception Function:  Policy::executePolicyActiveRelationshipTableChanged
Exception Text:  
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function:  EsifServices::primitiveExecuteGet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
Error: (07/12/2018 10:51:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: TrinusPSVR.exe, version: 1.0.0.0, time stamp: 0x5b0af104
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0b5729c3
Faulting process id: 0x2c74
Faulting application start time: 0xTrinusPSVR.exe0
Faulting application path: TrinusPSVR.exe1
Faulting module path: TrinusPSVR.exe2
Report Id: TrinusPSVR.exe3
Faulting package full name: TrinusPSVR.exe4
Faulting package-relative application ID: TrinusPSVR.exe5
 
Error: (07/12/2018 10:51:55 PM) (Source: .NET Runtime) (User: )
Description: Application: TrinusPSVR.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Emgu.CV.CvInvoke.CvtColor(Emgu.CV.IInputArray, Emgu.CV.IOutputArray, Emgu.CV.CvEnum.ColorConversion, Int32)
   at #=z1aHp4dgpSFsCJLVkJNrolxcVSpeD.#=zCaIPuhRWyJ9f()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
 
System errors:
=============
Error: (07/21/2018 08:18:25 PM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 07:57:16 PM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 03:33:30 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 03:13:05 PM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 01:17:17 PM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 12:37:06 PM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 11:52:17 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 01:26:24 AM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 01:09:24 AM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (07/21/2018 01:07:56 AM) (Source: DCOM) (User: DESKTOP-KSMF93I)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}DESKTOP-KSMF93Iacoo3S-1-5-21-3374839382-1196693647-2710809228-1001LocalHost (Using LRPC)UnavailableUnavailable
 
 
Microsoft Office Sessions:
=========================
Error: (07/19/2018 07:52:35 PM) (Source: Application Hang)(User: )
Description: SCPSL.exe2018.1.5.11711312801d41fcc412303c2195C:\Users\acoo3\Desktop\Steam\steamapps\common\SCP Secret Laboratory\SCPSL.exee415cacd-4ef2-4643-bc57-23ebab958bc1
 
Error: (07/18/2018 10:07:24 PM) (Source: Application Hang)(User: )
Description: SearchUI.exe10.0.17134.112243401d41f159c34e4c04294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exebb7d17e9-7c75-4e5a-9b94-093ae63af9c5Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI
 
Error: (07/18/2018 10:04:42 PM) (Source: Application Hang)(User: )
Description: SearchUI.exe10.0.17134.11218bc01d411626f1e33fa4294967295C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exeda0198a6-37ce-4ee9-be30-08c46b656de7Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewyCortanaUI
 
Error: (07/12/2018 11:25:03 PM) (Source: Application Hang)(User: )
Description: steamvr_room_setup.exe5.6.0.643405d5001d41a68ce0afd7115C:\Users\acoo3\Desktop\Steam\steamapps\common\SteamVR\tools\steamvr_room_setup\win64\steamvr_room_setup.exeb2ac1ef0-9dd0-4368-8b19-eeb5dd5f4462
 
Error: (07/12/2018 11:24:48 PM) (Source: Application Hang)(User: )
Description: Steam.exe4.55.34.564fd001d41554e0cda6bb40C:\Users\acoo3\Desktop\Steam\Steam.exe50489072-2af4-4988-b25e-6863f2457b2a
 
Error: (07/12/2018 10:59:32 PM) (Source: Application Hang)(User: )
Description: vrmonitor.exe1.0.0.13f0001d41a658dadfe908C:\Users\acoo3\Desktop\Steam\steamapps\common\SteamVR\bin\win64\vrmonitor.exe7945ba36-cff1-41c3-bac5-51f235fba52a
 
Error: (07/12/2018 10:54:18 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 991425028 ms
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function:  WIPolicyActiveRelationshipTableChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  PolicyActiveRelationshipTableChanged [44]
Policy:  Active Policy [0]
Exception Function:  Policy::executePolicyActiveRelationshipTableChanged
Exception Text:  
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function:  EsifServices::primitiveExecuteGet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
Error: (07/12/2018 10:54:18 PM) (Source: DPTF)(User: )
Description: Intel® Dynamic Platform and Thermal FrameworkESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 991425023 ms
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\WIPolicyActiveRelationshipTableChanged.cpp @ line 52
Executing Function:  WIPolicyActiveRelationshipTableChanged::execute
Message:  Unhandled exception caught during execution of work item
Framework Event:  PolicyActiveRelationshipTableChanged [44]
Policy:  Active Policy [0]
Exception Function:  Policy::executePolicyActiveRelationshipTableChanged
Exception Text:  
 
DPTF Build Version:  8.2.10900.330
DPTF Build Date:  May 16 2016 11:32:37
Source File:  ..\..\..\Sources\Manager\EsifServices.cpp @ line 457
Executing Function:  EsifServices::primitiveExecuteGet
Message:  Error returned from ESIF services interface function call
Participant:  NoParticipant
Domain:  NoDomain
ESIF Primitive:  GET_ACTIVE_RELATIONSHIP_TABLE [89]
ESIF Instance:  255
ESIF Return Code:  ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
 
Error: (07/12/2018 10:51:59 PM) (Source: Application Error)(User: )
Description: TrinusPSVR.exe1.0.0.05b0af104unknown0.0.0.000000000c00000050b5729c32c7401d41a64d385c388C:\Program Files (x86)\TrinusPSVR\TrinusPSVR.exeunknown6775c2d4-cc36-4e6a-8478-1f0640c98e6c
 
Error: (07/12/2018 10:51:55 PM) (Source: .NET Runtime)(User: )
Description: Application: TrinusPSVR.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at Emgu.CV.CvInvoke.CvtColor(Emgu.CV.IInputArray, Emgu.CV.IOutputArray, Emgu.CV.CvEnum.ColorConversion, Int32)
   at #=z1aHp4dgpSFsCJLVkJNrolxcVSpeD.#=zCaIPuhRWyJ9f()
   at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Threading.ThreadHelper.ThreadStart()
 
 
CodeIntegrity Errors:
===================================
  Date: 2018-07-01 11:38:07.183
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2018-06-30 17:18:04.010
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\vsservp.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2018-06-27 00:46:09.675
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-27 00:46:09.646
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-27 00:46:09.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-27 00:46:09.443
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-25 00:47:25.899
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-25 00:47:25.867
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x86\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-25 00:47:25.717
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2018-06-25 00:47:25.659
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\InfusedApps\Applications\Microsoft.HEVCVideoExtension_1.0.2512.0_x64__8wekyb3d8bbwe\x64\hevcdecoder_store.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.5.3.44494 - BitTorrent Inc.)
A3Launcher version 0.1.6.2 (HKLM-x32\...\{1E29A86E-9AE2-4CD8-74C8-6B170ED3C4D2}_is1) (Version: 0.1.6.2 - Maca134)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
AirMech Strike (HKLM\...\Steam App 206500) (Version:  - Carbon Games)
Alien Swarm: Reactive Drop - SDK (HKLM\...\Steam App 593000) (Version:  - )
Alien Swarm: Reactive Drop (HKLM\...\Steam App 563560) (Version:  - Reactive Drop Team)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach)
AVG PC TuneUp (HKLM-x32\...\{9C775BB6-1453-45EB-8C78-A5CC5199113D}) (Version: 16.77.3 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.77.3.23060 - AVG Technologies)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BDAntiRansomware (HKLM\...\{BE40AB1F-558F-4434-B72F-461EF97E7796}_is1) (Version: 1.0.12.151 - Bitdefender)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 22.0.20.99 - Bitdefender)
Bitdefender Internet Security (HKLM\...\Bitdefender) (Version: 22.0.21.297 - Bitdefender)
Bitdefender VPN (HKLM\...\Bitdefender VPN) (Version: 22.0.7.565 - Bitdefender)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Black Squad (HKLM\...\Steam App 550650) (Version:  - NS STUDIO)
Breach & Clear (HKLM\...\Steam App 266130) (Version:  - Mighty Rabbit Studios)
Chromium (HKLM-x32\...\{7F6D97AD-2FED-462D-9E6D-36AD4EEDE52D}) (Version:  - )
Counter-Strike Nexon: Zombies (HKLM\...\Steam App 273110) (Version:  - Nexon)
Cuisine Royale (HKLM\...\Steam App 884660) (Version:  - Darkflow Software)
Cuisine Royale Launcher 1.0.0.28 (HKCU\...\{eeededa4-29ff-8962-96e1-e2282d8a62c1}}_is1) (Version:  - Gaijin Entertainment)
Dell Customer Connect (HKLM-x32\...\{35BEC446-269E-42E4-8EED-191A38CCFF3D}) (Version: 1.4.10.0 - Dell Inc.)
Dell Digital Delivery (HKLM-x32\...\{99B7C4B5-DC14-441D-A5B6-7340F682BC81}) (Version: 3.1.1117.0 - Dell Products, LP)
Dell Help & Support (HKLM\...\{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.) Hidden
Dell Help & Support (HKLM-x32\...\InstallShield_{457EFE69-8F49-43E0-80F9-1DEF4F7690C2}) (Version: 2.5.23.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\InstallShield_{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{4CB4741A-20C1-454E-8276-993D06A76D67}) (Version: 2.2.3.2 - Dell Inc.)
Dell Update (HKLM-x32\...\{D8AE5F9D-647C-49B4-A666-1C20B44EC0E1}) (Version: 2.1.3.0 - Dell Inc.)
Discord (HKCU\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.36 - NVIDIA Corporation) Hidden
Driver Easy 5.6.3 (HKLM\...\DriverEasy_is1) (Version: 5.6.3 - Easeware)
Dropbox (HKLM-x32\...\Dropbox) (Version: 53.4.67 - Dropbox, Inc.)
Dropbox 20 GB (HKLM-x32\...\{B2028B68-3275-35EA-A926-35D7E5279BC7}) (Version: 4.0.14.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.61 - PC-Doctor, Inc.) Hidden
Epic Games Launcher (HKLM-x32\...\{93BFE5DF-776E-436F-8693-DF1F72C0E3C1}) (Version: 1.1.151.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FL Studio 20 (HKLM-x32\...\FL Studio 20) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FMW 1 (HKLM\...\{4CC5FB14-3F4D-4FA8-B921-00A9B40145C4}) (Version: 1.227.45 - AVG Technologies) Hidden
Fuse (HKLM\...\Steam App 257400) (Version:  - Mixamo)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
GoodGame QuickAccess (HKLM-x32\...\GoodGame QuickAccess) (Version: 1.0.1.0 - Adaware)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
Infestation: The New Z (HKLM\...\Steam App 555570) (Version:  - Fredaikis AB)
Infinity (HKCU\...\Infinity) (Version: 4.0.13 - WeMod)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4454 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.9.1053 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{8c595286-0f9e-42de-a0d4-969aba282637}) (Version: 20.50.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 10.0.1 (64-bit) (HKLM\...\{D33DF729-38BB-5651-9D40-93BFEFB5DCED}) (Version: 10.0.1.0 - Oracle Corporation)
Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Logitech Gaming Software 8.98 (HKLM\...\Logitech Gaming Software) (Version: 8.98.234 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\{892DB406-ADF8-4C30-9840-8438AF5B8763}) (Version: 2.2.0.607 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.607 - LogMeIn, Inc.)
MagiCats Builder (HKLM\...\Steam App 690610) (Version:  - Dreamz Studio)
Make It Rain: Love of Money (HKLM\...\Steam App 615400) (Version:  - Game Troopers)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.6.9060.3 - Waves Audio Ltd.) Hidden
Medieval Engineers (HKLM\...\Steam App 333950) (Version:  - Keen Software House)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.10228.20134 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movavi Video Converter 18 Premium (HKLM-x32\...\Movavi Video Converter 18 Premium) (Version: 18.1.0 - Movavi)
NVIDIA 3D Vision Driver 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.36 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.36 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.36 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.3 - OBS Project)
Of Guards And Thieves (HKLM\...\Steam App 302590) (Version:  - Subvert Games)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10228.20134 - Microsoft Corporation) Hidden
Parsec (HKLM-x32\...\Parsec) (Version:  - Parsec Cloud Inc.)
Planetary Annihilation: TITANS (HKLM\...\Steam App 386070) (Version:  - Uber Entertainment)
Product Registration (HKLM\...\{48114909-3C3B-43E6-BF98-AE9C396500A3}) (Version: 3.0.127.0 - Dell Inc.) Hidden
Project Zomboid (HKLM\...\Steam App 108600) (Version:  - The Indie Stone)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.5.02 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8142 - Realtek Semiconductor Corp.)
Roblox Player for acoo3 (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - Roblox Corporation)
SAS: Zombie Assault 4 (HKLM\...\Steam App 678800) (Version:  - Ninja Kiwi)
SCP: Secret Laboratory (HKLM\...\Steam App 700330) (Version:  - Hubert Moszka)
Search the Web (Yahoo) (HKLM-x32\...\{6C6C84AC-3CEC-552C-8D6C-25AC5DECF62C}) (Version:  - )
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.5 - PcWinTech.com)
SmartByte Drivers and Services (HKLM\...\{EC62F71A-6CFA-4918-9EBC-99BFF86DB3C9}) (Version: 1.2.600 - Rivet Networks)
Spotify (HKCU\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version:  - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Empire at War: Gold Pack (HKLM\...\Steam App 32470) (Version:  - Petroglyph)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam 360 Video Player (HKLM\...\Steam App 613220) (Version:  - Valve)
SteamVR (HKLM\...\Steam App 250820) (Version:  - )
Streamlabs OBS 0.9.2 (HKLM\...\029c4619-0385-5543-9426-46f9987161d9) (Version: 0.9.2 - General Workings, Inc.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.6447 - TeamViewer)
Total War Arena (HKCU\...\TWA.EU.PRODUCTION) (Version:  - Wargaming.net)
Totally Accurate Battlegrounds (HKLM\...\Steam App 823130) (Version:  - Landfall)
TrinusPSVR version 0.9.6 (HKLM-x32\...\{C529A614-8359-4B1C-9FC1-A2C4279971C3}_is1) (Version: 0.9.6 - Odd Sheep SL.)
Twitch (HKCU\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Ultimate Custom Night (HKLM\...\Steam App 871720) (Version:  - Scott Cawthon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKCU\...\Wargaming.net Game Center) (Version: 18.4.0.412 - Wargaming.net)
Windows Driver Package - Microsoft PS VR Control (Interface 5) (02/22/2013 6.1.7600.16385) (HKLM\...\7664041C62AE68D4B2EB4627167336BB2D4D7C46) (Version: 02/22/2013 6.1.7600.16385 - Microsoft)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Zero-K (HKLM\...\Steam App 334920) (Version:  - Zero-K Team)
 
========================= Devices: ================================
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Device ID: ROOT\NET\0000
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 68%
Total physical RAM: 8060.39 MB
Available physical RAM: 2573.84 MB
Total Virtual: 16660.17 MB
Available Virtual: 6267.43 MB
 
========================= Partitions: =====================================
 
1 Drive c: (OS) (Fixed) (Total:918.85 GB) (Free:225.89 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DESKTOP-KSMF93I
 
acoo3                    Administrator            DefaultAccount           
defaultuser0             Guest                    WDAGUtilityAccount       
 
 
**** End of log ****


#5 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:56 AM

Posted 21 July 2018 - 09:55 PM

RQKuhw1.pngRogueKiller
  • Download the right version of RogueKiller for your Windows version (32 or 64-bit)
  • Once done, move the executable file to your Desktop, right-click on it and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Click on the Start Scan button in the right panel, which will bring you to another tab, and click on it again (this time it'll be in the bottom right corner)
  • Wait for the scan to complete
  • On completion, the results will be displayed
  • Check every single entry (threat found), and click on the Remove Selected button
  • On completion, the results will be displayed. Click on the Open Report button in the bottom left corner, followed by the Open TXT button (also in the bottom left corner)
  • This will open the report in Notepad. Copy/paste its content in your next reply
zcMPezJ.pngAdwCleaner - Fix Mode
  • Download AdwCleaner and move it to your Desktop
  • Right-click on AdwCleaner.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users)
  • Accept the EULA (I accept), then click on Scan
  • Let the scan complete. Once it's done, make sure that every item listed in the different tabs is checked and click on the Clean & Repair button. This will kill all the active processes
  • Once the cleaning process is complete, AdwCleaner will ask to restart your computer, do it
  • After the restart, a log will open when logging in. Please copy/paste the content of that log in your next reply
Your next reply(ies) should therefore contain:
  • Copy/pasted RogueKiller clean log
  • Copy/pasted AdwCleaner clean log

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:56 AM

Posted 21 July 2018 - 10:06 PM

warning.gifMalicious Programs Warning!

I noticed that you have malicious programs installed on your system. I'll ask you to uninstall them since uninstalling such programs before running malware removal tools will ensure a better clean-up.
  • Chromium
  • Search the Web (Yahoo)
If you have an issue when uninstalling a program, please let me know.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:56 AM

Posted 29 July 2018 - 10:00 AM

Hi obigowens,

Are you still with me?

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:56 AM

Posted 31 July 2018 - 08:41 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users