Frst & addition logs for networking problem

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • maxim123
    PCHF Member
    • Aug 2017
    • 463

    #1

    Frst & addition logs for networking problem

    Hi, when I got the router, I could login to admin panel anytime I wanted and easily too. After months, I could login only after resetting the router. Now, even after resetting, it seems to be very difficult.

    I looked into the internet and saw the various suggestions there, but none of them worked for me.
    Please help me.
    Thank you.

    Here is the ipconfig log:

    Code:
    C:\WINDOWS\system32>ipconfig /all
    
    Windows IP Configuration
    
    Host Name . . . . . . . . . . . . : ADMIN
    Primary Dns Suffix . . . . . . . :
    Node Type . . . . . . . . . . . . : Hybrid
    IP Routing Enabled. . . . . . . . : No
    WINS Proxy Enabled. . . . . . . . : No
    
    Wireless LAN adapter Local Area Connection* 2:
    
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
    Physical Address. . . . . . . . . : 76-29-AF-2C-90-55
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    
    Ethernet adapter Ethernet 2:
    
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
    Physical Address. . . . . . . . . : 68-F7-28-50-6E-46
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    Link-local IPv6 Address . . . . . : fe80::bdc8:b551:9d4e:5491%7(Preferred)
    IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
    Subnet Mask . . . . . . . . . . . : 255.255.255.0
    Lease Obtained. . . . . . . . . . : Wednesday, August 2, 2017 10:04:34 PM
    Lease Expires . . . . . . . . . . : Saturday, August 5, 2017 10:17:50 PM
    Default Gateway . . . . . . . . . : 192.168.1.1
    DHCP Server . . . . . . . . . . . : 192.168.1.1
    DHCPv6 IAID . . . . . . . . . . . : 90765096
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-58-95-B0-68-F7-28-50-6E-46
    DNS Servers . . . . . . . . . . . : 192.168.1.1
    NetBIOS over Tcpip. . . . . . . . : Enabled
    
    Ethernet adapter Ethernet 4:
    
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
    Physical Address. . . . . . . . . : 00-FF-C9-62-3B-62
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    
    Wireless LAN adapter Wi-Fi:
    
    Media State . . . . . . . . . . . : Media disconnected
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
    Physical Address. . . . . . . . . : 74-29-AF-2C-90-55
    DHCP Enabled. . . . . . . . . . . : Yes
    Autoconfiguration Enabled . . . . : Yes
    
    Tunnel adapter Local Area Connection* 12:
    
    Connection-specific DNS Suffix . :
    Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
    Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
    DHCP Enabled. . . . . . . . . . . : No
    Autoconfiguration Enabled . . . . : Yes
    IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:4cd:13e8:3f57:fefa(Preferred)
    Link-local IPv6 Address . . . . . : fe80::4cd:13e8:3f57:fefa%13(Preferred)
    Default Gateway . . . . . . . . . : ::
    DHCPv6 IAID . . . . . . . . . . . : 218103808
    DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-58-95-B0-68-F7-28-50-6E-46
    NetBIOS over Tcpip. . . . . . . . : Disabled
    
    C:\WINDOWS\system32>
  • veeg
    PCHF Director
    • Jul 2016
    • 8980

    #2
    Hello
    Have you tried a factory reset on your router? It should be in your manual and or listed on the router itself.
    Hopefully some of our other members will chime in soon.

    @Samuria @phillpower2 @gus

    Comment

    • Malnutrition
      PCHF Moderator
      • Jul 2016
      • 7041

      #3
      How to Factory Reset A Home Router.

      Comment

      • Malnutrition
        PCHF Moderator
        • Jul 2016
        • 7041

        #4
        Also, are you having issues logging into the router with just one machine? Is there a reason you want to log into the Admin Panel?

        Comment

        • maxim123
          PCHF Member
          • Aug 2017
          • 463

          #5
          Originally posted by vger
          Hello
          Have you tried a factory reset on your router? It should be in your manual and or listed on the router itself.
          Hopefully some of our other members will chime in soon.

          @Samuria @phillpower2 @gus
          Originally posted by Malnutrition
          How to Factory Reset A Home Router.
          Originally posted by Malnutrition
          Also, are you having issues logging into the router with just one machine? Is there a reason you want to log into the Admin Panel?
          Hi, I have factory reset my router. But just like with resetting the router, it worked only for once and after that, I would have to reset to login to the admin panel.
          Well, I only have a laptop right now, so I haven’t checked the router with other pcs.
          Main reason for me to log into the admin panel is to change wifi password.

          Comment

          • Malnutrition
            PCHF Moderator
            • Jul 2016
            • 7041

            #6
            Eliminate restrictive settings with this tool.
            [ul]
            [li]Temporarily disable your antivirus — Your antivirus may flag this tool as malware, it is safe to run I assure you.[/li]
            [li]Download SupRestric.exe save to your desktop. ( Unzip it there)[/li]
            [li]Close all running programs.[/li][li]Double click the file to launch it.[/li][li]Windows: 7/8/10 Vista and run as administrator[/li][li]Click Yes at any prompt.[/li]
            [li]The analysis takes only a few moments.[/li][li]The report is on the desktop ( CTR.txt )[/li][li]Copy paste report in next reply.[/li][li]A reboot is needed to complete the repairs.[/li][/ul]
            MiniToolBox

            Please download MINITOOLBOX and run it.

            Checkmark following boxes:

            Flush DNS
            Reset FF proxy Settings
            Reset Ie Proxy Settings
            Report IE Proxy Settings
            Report FF Proxy Settings
            List content of Hosts
            List IP configuration
            List Winsock Entries
            List last 10 Event Viewer log
            List Installed Programs
            List Users, Partitions and Memory size
            List Devices (problems only)

            Click Go and post the result.

            HijackThis.

            1- Please Click HERE to download HijackThis. – Unzip to your desktop.
            2- Right click run as admin.
            3- Click on the Main Menu button if not already there.
            4- Select Do a system scan and save a logfile.
            5- Copy paste the log here.

            Comment

            • maxim123
              PCHF Member
              • Aug 2017
              • 463

              #7
              suprestrict report.
              Code:
              Report of Restrictions Control Pierre13 (CTR version 2.4.0.0) of the 03 \ 08 \ 2017 with 12:05:18 PC of Max Windows 10 Pro (64 bits) repair error 2203 impossible.
              Control presence restrictions [TROJ_POWELIKS.B] feature_browser_emulation key deleted.
              [BKDR_BLACKEN.A] key Check_Associations deleted. Authorization installation Java (x86) deleted.
              Authorization installation Java (x64) deleted.
              Restriction Display Recent documents deleted.
              Restriction Display Documents deleted.
              Restriction Synchronization Background Information Streams and Web Slices Removed.
              Restriction discovery of RSS feeds and Web Slices deleted.
              Numeric keypad active.
              User Restriction for Windows Installer Removed.
              Windows Update Search Reverted.
              Windows Firewall service enabled.
              Windows Firewall settings restored by default and enabled.
               238 controlled restrictions. 12 Restricted Restriction (s).
              Reboot the PC to take the repair (s) into account.
              The report is on the desktop (C: \ Users \ USER \ Desktop \ CTR.txt)

              Comment

              • maxim123
                PCHF Member
                • Aug 2017
                • 463

                #8
                minitoolbox report:

                Code:
                MiniToolBox by Farbar Version: 17-06-2016
                Ran by Max (administrator) on 03-08-2017 at 12:13:57
                Running from “C:\Users\USER\Desktop”
                Microsoft Windows 10 Pro (X64)
                Model: 20369 Manufacturer: LENOVO
                Boot Mode: Normal
                [HR][/HR]
                ========================= Flush DNS: ===================================
                
                Windows IP Configuration
                
                Successfully flushed the DNS Resolver Cache.
                
                ========================= IE Proxy Settings: ==============================
                
                Proxy is not enabled.
                No Proxy Server is set.
                
                “Reset IE Proxy Settings”: IE Proxy Settings were reset.
                
                ========================= FF Proxy Settings: ==============================
                
                “Reset FF Proxy Settings”: Firefox Proxy settings were reset.
                
                ========================= Hosts content: =================================
                127.0.0.1 localhost
                127.0.0.1 rosettastone.com
                127.0.0.1 launch.rosettastone.com
                127.0.0.1 amp.rosettastone.com
                127.0.0.1 resources.rosettastone.com
                127.0.0.1 updates.rosettastone.com0.0.0.0 anchorfree.net
                0.0.0.0 www.mefeedia.com
                0.0.0.0 www.mefeedia.com
                0.0.0.0 delivery.anchorfree.us/land.php
                0.0.0.0 www.mefeedia.com
                0.0.0.0 www.mefeedia.com
                0.0.0.0 delivery.anchorfree.us/land.php
                ========================= IP Configuration: ================================
                
                Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC = Wi-Fi (Connected)
                Anchorfree HSS VPN Adapter = Ethernet 4 (Media disconnected)
                Realtek PCIe GBE Family Controller = Ethernet 2 (Media disconnected)
                [HEADING=1]----------------------------------[/HEADING]
                [HEADING=1]IPv4 Configuration[/HEADING]
                [HEADING=1]----------------------------------[/HEADING]
                pushd interface ipv4
                
                reset
                set global icmpredirects=enabled
                set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Wi-Fi” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Ethernet 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Local Area Connection* 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Wi-Fi 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Local Area Connection* 24” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Ethernet 4” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“Local Area Connection* 3” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“ppp_2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“ethernet_16” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                set interface interface=“wireless_14” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
                add address name=“Ethernet 4” address=192.168.172.1 mask=255.255.255.0
                
                popd
                [HEADING=1]End of IPv4 configuration[/HEADING]
                Windows IP Configuration
                
                Host Name . . . . . . . . . . . . : ADMIN
                Primary Dns Suffix . . . . . . . :
                Node Type . . . . . . . . . . . . : Hybrid
                IP Routing Enabled. . . . . . . . : No
                WINS Proxy Enabled. . . . . . . . : No
                
                Ethernet adapter Ethernet 2:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
                Physical Address. . . . . . . . . : 68-F7-28-50-6E-46
                DHCP Enabled. . . . . . . . . . . : Yes
                Autoconfiguration Enabled . . . . : Yes
                
                Wireless LAN adapter Local Area Connection* 2:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
                Physical Address. . . . . . . . . : 76-29-AF-2C-90-55
                DHCP Enabled. . . . . . . . . . . : Yes
                Autoconfiguration Enabled . . . . : Yes
                
                Ethernet adapter Ethernet 4:
                
                Media State . . . . . . . . . . . : Media disconnected
                Connection-specific DNS Suffix . :
                Description . . . . . . . . . . . : Anchorfree HSS VPN Adapter
                Physical Address. . . . . . . . . : 00-FF-C9-62-3B-62
                DHCP Enabled. . . . . . . . . . . : Yes
                Autoconfiguration Enabled . . . . : Yes
                
                Wireless LAN adapter Wi-Fi:
                
                Connection-specific DNS Suffix . :
                Description . . . . . . . . . . . : Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
                Physical Address. . . . . . . . . : 74-29-AF-2C-90-55
                DHCP Enabled. . . . . . . . . . . : Yes
                Autoconfiguration Enabled . . . . : Yes
                Link-local IPv6 Address . . . . . : fe80::bd3b:30c4:6d62:2524%5(Preferred)
                IPv4 Address. . . . . . . . . . . : 192.168.1.6(Preferred)
                Subnet Mask . . . . . . . . . . . : 255.255.255.0
                Lease Obtained. . . . . . . . . . : Thursday, August 3, 2017 12:09:19 PM
                Lease Expires . . . . . . . . . . : Sunday, August 6, 2017 12:09:19 PM
                Default Gateway . . . . . . . . . : 192.168.1.1
                DHCP Server . . . . . . . . . . . : 192.168.1.1
                DHCPv6 IAID . . . . . . . . . . . : 477374895
                DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-58-95-B0-68-F7-28-50-6E-46
                DNS Servers . . . . . . . . . . . : 192.168.1.1
                NetBIOS over Tcpip. . . . . . . . : Enabled
                
                Tunnel adapter Local Area Connection* 12:
                
                Connection-specific DNS Suffix . :
                Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
                Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
                DHCP Enabled. . . . . . . . . . . : No
                Autoconfiguration Enabled . . . . : Yes
                IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:280d:1b77:3f57:fef9(Preferred)
                Link-local IPv6 Address . . . . . : fe80::280d:1b77:3f57:fef9%11(Preferred)
                Default Gateway . . . . . . . . . : ::
                DHCPv6 IAID . . . . . . . . . . . : 184549376
                DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-58-95-B0-68-F7-28-50-6E-46
                NetBIOS over Tcpip. . . . . . . . : Disabled
                Server: UnKnown
                Address: 192.168.1.1
                
                Name: google.com
                Addresses: 2404:6800:4003:c01::8b
                172.217.27.110
                
                Pinging google.com [74.125.200.113] with 32 bytes of data:
                Reply from 74.125.200.113: bytes=32 time=155ms TTL=44
                Reply from 74.125.200.113: bytes=32 time=154ms TTL=44
                
                Ping statistics for 74.125.200.113:
                Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                Approximate round trip times in milli-seconds:
                Minimum = 154ms, Maximum = 155ms, Average = 154ms
                Server: UnKnown
                Address: 192.168.1.1
                
                Name: yahoo.com
                Addresses: 2001:4998:58:c02::a9
                2001:4998:c:a06::2:4008
                2001:4998:44:204::a7
                98.139.180.149
                98.138.253.109
                206.190.36.45
                
                Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
                Reply from 98.139.180.149: bytes=32 time=275ms TTL=40
                Reply from 98.139.180.149: bytes=32 time=271ms TTL=40
                
                Ping statistics for 98.139.180.149:
                Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                Approximate round trip times in milli-seconds:
                Minimum = 271ms, Maximum = 275ms, Average = 273ms
                
                Pinging 127.0.0.1 with 32 bytes of data:
                Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
                Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
                [HEADING=1]Ping statistics for 127.0.0.1:
                Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
                Approximate round trip times in milli-seconds:
                Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
                [HEADING=1]Interface List
                7…68 f7 28 50 6e 46 …Realtek PCIe GBE Family Controller
                19…76 29 af 2c 90 55 …Microsoft Wi-Fi Direct Virtual Adapter
                15…00 ff c9 62 3b 62 …Anchorfree HSS VPN Adapter
                5…74 29 af 2c 90 55 …Realtek RTL8723BE Wireless LAN 802.11n PCI-E NIC
                1…Software Loopback Interface 1
                11…00 00 00 00 00 00 00 e0 Microsoft Teredo Tunneling Adapter[/HEADING]
                [HEADING=1]IPv4 Route Table[/HEADING]
                [HEADING=1]Active Routes:
                Network Destination Netmask Gateway Interface Metric
                0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.6 55
                127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
                127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
                127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
                192.168.1.0 255.255.255.0 On-link 192.168.1.6 311
                192.168.1.6 255.255.255.255 On-link 192.168.1.6 311
                192.168.1.255 255.255.255.255 On-link 192.168.1.6 311
                224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
                224.0.0.0 240.0.0.0 On-link 192.168.1.6 311
                255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
                255.255.255.255 255.255.255.255 On-link 192.168.1.6 311[/HEADING]
                Persistent Routes:
                None
                [HEADING=1]IPv6 Route Table[/HEADING]
                [HEADING=1]Active Routes:
                If Metric Network Destination Gateway
                11 331 ::/0 On-link
                1 331 ::1/128 On-link
                11 331 2001::/32 On-link
                11 331 2001:0:4137:9e76:280d:1b77:3f57:fef9/128
                On-link
                5 311 fe80::/64 On-link
                11 331 fe80::/64 On-link
                11 331 fe80::280d:1b77:3f57:fef9/128
                On-link
                5 311 fe80::bd3b:30c4:6d62:2524/128
                On-link
                1 331 ff00::/8 On-link
                5 311 ff00::/8 On-link
                11 331 ff00::/8 On-link[/HEADING]
                Persistent Routes:
                None
                ========================= Winsock entries =====================================
                
                Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [54784] (Microsoft Corporation)
                Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
                Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
                Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [63488] (Microsoft Corporation)
                Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
                Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                Catalog9 12 C:\WINDOWS\SysWOW64\mswsock.dll [305568] (Microsoft Corporation)
                x64-Catalog5 01 C:\Windows\System32\napinsp.dll [66560] (Microsoft Corporation)
                x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
                x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [85504] (Microsoft Corporation)
                x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [79872] (Microsoft Corporation)
                x64-Catalog5 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31232] (Microsoft Corporation)
                x64-Catalog9 01 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 02 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 03 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 04 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 05 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 06 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 07 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 08 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 09 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 10 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 11 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                x64-Catalog9 12 C:\Windows\System32\mswsock.dll [358600] (Microsoft Corporation)
                
                ========================= Event log errors: ===============================
                [HEADING=1]Application errors:[/HEADING]
                Error: (08/03/2017 12:12:03 PM) (Source: SideBySide) (User: )
                Description: Activation context generation failed for “C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest1”.Error in manifest or policy file “C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest2” on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest3.
                A component version required by the application conflicts with another component version already active.
                Conflicting components are:.
                Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
                Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
                
                Error: (08/03/2017 10:19:28 AM) (Source: Application Error) (User: )
                Description: Faulting application name: CompatTelRunner.exe, version: 10.0.15156.1008, time stamp: 0x0413a786
                Faulting module name: KERNELBASE.dll, version: 10.0.15063.483, time stamp: 0xaa6457d1
                Exception code: 0xc06d007e
                Fault offset: 0x0000000000069e08
                Faulting process id: 0x2178
                Faulting application start time: 0xCompatTelRunner.exe0
                Faulting application path: CompatTelRunner.exe1
                Faulting module path: CompatTelRunner.exe2
                Report Id: CompatTelRunner.exe3
                Faulting package full name: CompatTelRunner.exe4
                Faulting package-relative application ID: CompatTelRunner.exe5
                
                Error: (08/02/2017 10:11:50 PM) (Source: SideBySide) (User: )
                Description: Activation context generation failed for “C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest1”.Error in manifest or policy file “C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest2” on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest3.
                A component version required by the application conflicts with another component version already active.
                Conflicting components are:.
                Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifest.
                Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifest.
                
                Error: (08/02/2017 12:24:39 PM) (Source: Application Error) (User: )
                Description: Faulting application name: CompatTelRunner.exe, version: 10.0.15156.1008, time stamp: 0x0413a786
                Faulting module name: KERNELBASE.dll, version: 10.0.15063.483, time stamp: 0xaa6457d1
                Exception code: 0xc06d007e
                Fault offset: 0x0000000000069e08
                Faulting process id: 0x16d0
                Faulting application start time: 0xCompatTelRunner.exe0
                Faulting application path: CompatTelRunner.exe1
                Faulting module path: CompatTelRunner.exe2
                Report Id: CompatTelRunner.exe3
                Faulting package full name: CompatTelRunner.exe4
                Faulting package-relative application ID: CompatTelRunner.exe5
                
                Error: (08/01/2017 11:46:57 AM) (Source: Application Error) (User: )
                Description: Faulting application name: CompatTelRunner.exe, version: 10.0.15156.1008, time stamp: 0x0413a786
                Faulting module name: KERNELBASE.dll, version: 10.0.15063.483, time stamp: 0xaa6457d1
                Exception code: 0xc06d007e
                Fault offset: 0x0000000000069e08
                Faulting process id: 0x270c
                Faulting application start time: 0xCompatTelRunner.exe0
                Faulting application path: CompatTelRunner.exe1
                Faulting module path: CompatTelRunner.exe2
                Report Id: CompatTelRunner.exe3
                Faulting package full name: CompatTelRunner.exe4
                Faulting package-relative application ID: CompatTelRunner.exe5
                
                Error: (07/31/2017 08:40:45 AM) (Source: Application Error) (User: )
                Description: Faulting application name: CompatTelRunner.exe, version: 10.0.15156.1008, time stamp: 0x0413a786
                Faulting module name: KERNELBASE.dll, version: 10.0.15063.483, time stamp: 0xaa6457d1
                Exception code: 0xc06d007e
                Fault offset: 0x0000000000069e08
                Faulting process id: 0x24f8
                Faulting application start time: 0xCompatTelRunner.exe0
                Faulting application path: CompatTelRunner.exe1
                Faulting module path: CompatTelRunner.exe2
                Report Id: CompatTelRunner.exe3
                Faulting package full name: CompatTelRunner.exe4
                Faulting package-relative application ID: CompatTelRunner.exe5
                
                Error: (07/31/2017 08:37:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: ADMIN)
                Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
                
                Error: (07/30/2017 07:18:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ADMIN)
                Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
                
                Error: (07/30/2017 08:25:37 AM) (Source: Application Error) (User: )
                Description: Faulting application name: CompatTelRunner.exe, version: 10.0.15156.1008, time stamp: 0x0413a786
                Faulting module name: KERNELBASE.dll, version: 10.0.15063.483, time stamp: 0xaa6457d1
                Exception code: 0xc06d007e
                Fault offset: 0x0000000000069e08
                Faulting process id: 0x2d7c
                Faulting application start time: 0xCompatTelRunner.exe0
                Faulting application path: CompatTelRunner.exe1
                Faulting module path: CompatTelRunner.exe2
                Report Id: CompatTelRunner.exe3
                Faulting package full name: CompatTelRunner.exe4
                Faulting package-relative application ID: CompatTelRunner.exe5
                
                Error: (07/29/2017 09:05:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: ADMIN)
                Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
                [HEADING=1]System errors:[/HEADING]
                Error: (08/03/2017 12:13:29 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
                Description: There was an error while attempting to read the local hosts file.
                
                Error: (08/03/2017 12:12:42 PM) (Source: DCOM) (User: NT AUTHORITY)
                Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
                
                Error: (08/03/2017 12:10:09 PM) (Source: Ntfs) (User: NT AUTHORITY)
                Description: A corruption was discovered in the file system structure on volume C:.
                
                The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1f000000047757. The name of the file is “\Windows\System32\linkinfo.dll”.
                
                Error: (08/03/2017 12:09:31 PM) (Source: Service Control Manager) (User: )
                Description: The NetTcpActivator service depends on the WAS service which failed to start because of the following error:
                %%126 = The specified module could not be found.
                
                Error: (08/03/2017 12:09:19 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
                Description: There was an error while attempting to read the local hosts file.
                
                Error: (08/03/2017 12:09:18 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
                Description: There was an error while attempting to read the local hosts file.
                
                Error: (08/03/2017 12:09:17 PM) (Source: Service Control Manager) (User: )
                Description: The NetPipeActivator service depends on the WAS service which failed to start because of the following error:
                %%126 = The specified module could not be found.
                
                Error: (08/03/2017 12:09:17 PM) (Source: Service Control Manager) (User: )
                Description: The W3SVC service depends on the WAS service which failed to start because of the following error:
                %%126 = The specified module could not be found.
                
                Error: (08/03/2017 12:09:17 PM) (Source: Service Control Manager) (User: )
                Description: The WAS service terminated with the following error:
                %%126 = The specified module could not be found.
                
                Error: (08/03/2017 12:09:17 PM) (Source: Service Control Manager) (User: )
                Description: The AppHostSvc service terminated with the following error:
                %%126 = The specified module could not be found.
                [HEADING=1]Microsoft Office Sessions:[/HEADING]
                Error: (08/03/2017 12:12:03 PM) (Source: SideBySide)(User: )
                Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifestD:\Program Files (x86)\Audacity\audacity.exe
                
                Error: (08/03/2017 10:19:28 AM) (Source: Application Error)(User: )
                Description: CompatTelRunner.exe10.0.15156.10080413a786KERNELBASE.dll10.0.15063.483aa6457d1c06d007e0000000000069e08217801d30c11c1ac3744C:\WINDOWS\system32\CompatTelRunner.exeC:\WINDOWS\System32\KERNELBASE.dll27d72f41-77dd-4f7c-b682-417f93634c80
                
                Error: (08/02/2017 10:11:50 PM) (Source: SideBySide)(User: )
                Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_26002d27e7c744a2.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.15063.483_none_6dad63fefc436da8.manifestD:\Program Files (x86)\Audacity\audacity.exe
                
                Error: (08/02/2017 12:24:39 PM) (Source: Application Error)(User: )
                Description: CompatTelRunner.exe10.0.15156.10080413a786KERNELBASE.dll10.0.15063.483aa6457d1c06d007e0000000000069e0816d001d30b5a167d81fdC:\WINDOWS\system32\CompatTelRunner.exeC:\WINDOWS\System32\KERNELBASE.dll296ae2e1-d7a0-4bfe-912a-015a3898c2e1
                
                Error: (08/01/2017 11:46:57 AM) (Source: Application Error)(User: )
                Description: CompatTelRunner.exe10.0.15156.10080413a786KERNELBASE.dll10.0.15063.483aa6457d1c06d007e0000000000069e08270c01d30a8ba950a0b8C:\WINDOWS\system32\CompatTelRunner.exeC:\WINDOWS\System32\KERNELBASE.dlla1c21dad-2938-4f4e-9bf7-c9d9b158f11a
                
                Error: (07/31/2017 08:40:45 AM) (Source: Application Error)(User: )
                Description: CompatTelRunner.exe10.0.15156.10080413a786KERNELBASE.dll10.0.15063.483aa6457d1c06d007e0000000000069e0824f801d309a87488bc26C:\WINDOWS\system32\CompatTelRunner.exeC:\WINDOWS\System32\KERNELBASE.dll9eeba943-64d6-4162-938b-de10ef088d28
                
                Error: (07/31/2017 08:37:26 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: ADMIN)
                Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170
                
                Error: (07/30/2017 07:18:52 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ADMIN)
                Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170
                
                Error: (07/30/2017 08:25:37 AM) (Source: Application Error)(User: )
                Description: CompatTelRunner.exe10.0.15156.10080413a786KERNELBASE.dll10.0.15063.483aa6457d1c06d007e0000000000069e082d7c01d308dd341f2f39C:\WINDOWS\system32\CompatTelRunner.exeC:\WINDOWS\System32\KERNELBASE.dlle016fe34-4585-4ba9-8d16-74c85a0b038e
                
                Error: (07/29/2017 09:05:24 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: ADMIN)
                Description: Microsoft.Windows.Photos_8wekyb3d8bbwe!App-2147023170
                [HEADING=1]CodeIntegrity Errors:[/HEADING]
                Date: 2017-08-02 17:24:43.090
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-08-02 17:24:42.278
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-30 19:31:29.572
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-30 19:31:28.404
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-27 11:52:28.251
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-27 11:52:27.706
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-26 18:56:40.358
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-26 18:56:39.780
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-19 21:07:36.232
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Windows\System32\DriverStore\FileRepository\c0313745.inf_amd64_133311ca362c9cc6\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements.
                
                Date: 2017-07-19 21:07:34.977
                Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
                
                =========================== Installed Programs ============================
                
                µTorrent (HKCU...\uTorrent) (Version: 3.5.0.43900 - BitTorrent Inc.)
                7-Zip 9.20 (HKLM-x32...\7-Zip) (Version: - )
                Adobe AIR (HKLM-x32...\Adobe AIR) (Version: 25.0.0.134 - Adobe Systems Incorporated)
                Adobe Flash Player 26 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
                Adobe Flash Player 26 PPAPI (HKLM-x32...\Adobe Flash Player PPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
                AMD Software (HKLM...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
                Anki (HKLM-x32...\Anki) (Version: - )
                Anvi Folder Locker 1.2.1370.0 (HKLM-x32...\Anvi Folder Locker) (Version: 1.2.1370.0 - Anvisoft)
                Audacity 2.1.3 (HKLM-x32...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
                AutoHotkey 1.1.23.01 (HKLM...\AutoHotkey) (Version: 1.1.23.01 - Lexikos)
                Bulk Rename Utility 2.7.1.3 (HKLM...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
                calibre (HKLM-x32...{CEAD2735-F47D-4E9C-88B2-D1DBACF7BFFF}) (Version: 2.25.0 - Kovid Goyal)
                Catalyst Control Center Next Localization BR (HKLM...{15EEB07A-3FB9-FA4C-8EFF-697728CB1E5C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization BR (HKLM...{D6823E97-B396-927D-D651-AFB82BE03523}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CHS (HKLM...{4B01C6D5-4693-6CA8-ECF7-A0F9E7FEC6DB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CHS (HKLM...{A63E3031-0522-18C6-F18F-7EE80973315F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CHT (HKLM...{50DBC6DD-C2A2-2C38-FE37-A48208474155}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CHT (HKLM...{A2966D0F-43BB-116D-C9C7-49612FBFD0AE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CS (HKLM...{4C608ED2-535B-2119-3661-9E6F7DDB600F}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization CS (HKLM...{BF26ACAF-6D09-023B-5FB7-8A848874A724}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization DA (HKLM...{9005C809-497A-FD45-CB96-76A3338E35B9}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization DA (HKLM...{9DB37D05-F855-5D7D-08C2-25E00E2CCDBC}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization DE (HKLM...{87250370-0A99-4ED9-DCE4-970DAC325FA5}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization DE (HKLM...{D84300A6-72F1-5771-B3B1-8FC71184AB38}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization EL (HKLM...{1F815C78-D31E-53FD-C8BF-3215E4F022A3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization EL (HKLM...{56D13277-FA9F-2842-682D-DD7298973585}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization ES (HKLM...{79F58747-D616-4CDB-7D8B-4BC580D99153}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization ES (HKLM...{8D0C7788-D519-7B65-36F6-D0D21296F173}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization FI (HKLM...{02E80355-64BF-6C1E-B0B7-76857D62A86D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization FI (HKLM...{930FD2C7-D026-197D-94E4-CB5917CE7420}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization FR (HKLM...{086D11E3-9CA4-DBEF-2B48-5A2EFFD53145}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization FR (HKLM...{77158555-E271-A561-ECDA-611639388B5C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization HU (HKLM...{97673BD1-8CA0-53EF-C4E7-282CD8748F1C}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization HU (HKLM...{D0C1EAB6-92F1-EE91-04C2-5947EE150593}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization IT (HKLM...{57EAA61A-CD02-DF34-0839-2549F57A334C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization IT (HKLM...{F1AD64B3-4114-8EF7-407C-F9F9122EDA68}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization JA (HKLM...{AA477FD2-347B-1732-5D8C-AF35AF1B9703}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization JA (HKLM...{ED28D75F-557C-39C9-5004-F8F17C8BC279}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization KO (HKLM...{41268A73-D680-48C5-DE5E-CF67C05CBBBB}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization KO (HKLM...{BBFC5953-2CB9-5932-1D47-52E4AA99737B}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization NL (HKLM...{01E7D692-D785-743F-5A55-F00162D26A1C}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization NL (HKLM...{9655DE76-0987-9159-5A7E-FCE18409D004}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization NO (HKLM...{5D8BA452-1264-7D13-E4EC-8236EC5B83FE}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization NO (HKLM...{CD73EC8B-9F04-5EA1-8FD4-AEE4DAC51267}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization PL (HKLM...{397C2EE5-B514-0CC5-53C3-2FBE46CE6EDF}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization PL (HKLM...{F49BA906-83DA-3F5A-5B24-03C8DE2A3936}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization RU (HKLM...{45FA39D2-8AEB-AFF8-2FA6-96891732CB80}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization RU (HKLM...{5A466CAA-F071-D9EF-A799-EF63552DBE70}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization SV (HKLM...{B3EA6CCB-F44C-DC35-94F5-1B9CC18FE598}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization SV (HKLM...{D7DC4DDB-3E0D-6F79-4258-4A461654B689}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization TH (HKLM...{ACDFF800-6015-BEEC-8A27-7B1A80915273}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization TH (HKLM...{AEE4C0AE-CDAF-5D37-2DA3-A2B3FDFE6E81}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization TR (HKLM...{A28B1FC5-3947-9D39-7FE5-A3CB18E16358}) (Version: 2016.0628.2138.37120 - Advanced Micro Devices, Inc.) Hidden
                Catalyst Control Center Next Localization TR (HKLM...{BE064737-1F2C-ECDD-916C-798E3D18C263}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
                CCleaner (HKLM...\CCleaner) (Version: 5.31 - Piriform)
                Conexant HD Audio (HKLM...\CNXT_AUDIO_HDA) (Version: 8.66.16.50 - Conexant)
                DCX Trader 1.8.15 (HKLM-x32...\DCX_Deploy_0) (Version: - )
                Discord PTB (HKCU...\DiscordPTB) (Version: 0.0.32 - Hammer & Chisel, Inc.)
                Dolby Digital Plus Home Theater (HKLM...{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
                Foxit Reader (HKLM-x32...\Foxit Reader_is1) (Version: 8.3.1.21155 - Foxit Software Inc.)
                Free Stopwatch (HKLM-x32...{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 4.0.0.0 - Comfort Software Group)
                FreeUndelete 2.1.36867.1 (HKLM-x32...{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix)
                Google Chrome (HKLM-x32...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
                Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
                Hotspot Shield 7.20.5 (HKLM-x32...{429c8d3a-6089-4020-a3be-bf075ed5d5aa}) (Version: 7.20.5.9941 - AnchorFree Inc.)
                Hotspot Shield 7.20.5 (HKLM-x32...{AF599C42-A2E5-4251-B7EE-4925C267F9F8}) (Version: 7.20.5.9941 - AnchorFree Inc.) Hidden
                Hotspot Shield 7.20.5 (HKLM-x32...\HotspotShield) (Version: 7.20.5 - AnchorFree Inc.) Hidden
                IDM Crack 6.28 build 9 (HKLM-x32...\IDM Crack 6.28 build 9) (Version: build 14 - Crackingpatching.com Team)
                InstaTrader (HKLM-x32...\InstaTrader) (Version: 4.00 - MetaQuotes Software Corp.)
                Intel(R) Processor Graphics (HKLM-x32...{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
                Internet Download Manager (HKLM-x32...\Internet Download Manager) (Version: - Tonec Inc.)
                IP Camera Adapter (HKLM-x32...{6D140BFF-7CC5-4BFE-AD6D-47035FFE5F14}) (Version: 2.0.0.0 - Pavel Khlebovich)
                Java 8 Update 45 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
                JDownloader 2 (HKLM...\jdownloader2) (Version: 2.0 - AppWork GmbH)
                KeyScrambler (HKLM-x32...\KeyScrambler) (Version: 3.8.1.0 - QFX Software Corporation)
                K-Lite Codec Pack 11.4.0 Basic (HKLM-x32...\KLiteCodecPack_is1) (Version: 11.4.0 - )
                KMPFaster (HKLM-x32...\simplitec POWER SUITE_is1) (Version: 2.3.2.902 - simplitec GmbH)
                Lenovo EasyCamera (HKLM-x32...{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
                Lenovo pointing device (HKLM...\Elantech) (Version: 11.4.69.4 - ELAN Microelectronic Corp.)
                Lenovo Solution Center (HKLM...{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
                Lenovo System Interface Foundation Driver (HKLM...{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
                Malwarebytes version 3.1.2.1733 (HKLM...{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
                MetaTrader - EXNESS (HKLM-x32...\MetaTrader - EXNESS) (Version: 6.00 - MetaQuotes Software Corp.)
                Microsoft Excel 2010 (HKLM-x32...\Office14.EXCEL) (Version: 14.0.4763.1000 - Microsoft Corporation)
                Microsoft OneDrive (HKCU...\OneDriveSetup.exe) (Version: 17.3.6943.0625 - Microsoft Corporation)
                Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710F4C1C-CC18-4C49-8CBF-51240C89A1A2}) (Version: - )
                Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
                Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
                Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM...{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
                Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
                Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: - )
                Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
                Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
                Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32...{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
                Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32...{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
                Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
                Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
                Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32...{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
                Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32...{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
                Microsoft Word 2010 (HKLM-x32...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation)
                Microsoft XNA Framework Redistributable 4.0 (HKLM-x32...{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
                Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
                Mozilla Firefox 47.0.1 (x86 en-US) (HKCU...\Mozilla Firefox 47.0.1 (x86 en-US)) (Version: 47.0.1 - Mozilla)
                MusicBee 3.0 (HKLM-x32...\MusicBee) (Version: 3.0 - Steven Mayall)
                Network Recording Player (HKLM-x32...{79417ECE-DA9D-49B3-B1C9-83AA3EAE6AE0}) (Version: 31.9.3.13 - Cisco WebEx LLC)
                OEM Application Profile (HKLM-x32...{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
                OpenAL (HKLM-x32...\OpenAL) (Version: - )
                PeerBlock 1.2 (r693) (HKLM...{015C5B35-B678-451C-9AEE-821E8D69621C}is1) (Version: 1.2.0.693 - PeerBlock, LLC)
                PrimoPDF – brought to you by Nitro PDF Software (HKLM-x32...\PrimoPDF) (Version: 5 - Nitro PDF Software)
                PS TO PC CONVERTER (HKLM-x32...{A483F88A-41E9-45B2-AAC9-A823DD9B4873}) (Version: 2007.01.01 - )
                PX Profile Update (HKLM-x32...{954CFDDE-AF07-2AF9-9600-706E798D42BA}) (Version: 1.00.1. - AMD) Hidden
                Raptr (HKLM-x32...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc)
                Rosetta Stone Language Training (HKLM-x32...{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.37.0 - Rosetta Stone, Ltd)
                Rosetta Stone Ltd Services (HKLM-x32...{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
                Samsung Kies3 (HKLM-x32...{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.) Hidden
                Samsung Kies3 (HKLM-x32...\InstallShield{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
                Sandboxie 5.20 (64-bit) (HKLM...\Sandboxie) (Version: 5.20 - Sandboxie Holdings, LLC)
                Skype Click to Call (HKLM-x32...{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
                Skype™ 7.1 (HKLM-x32...{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: - )
                Subtitle Edit 3.4.6 (HKLM-x32...\SubtitleEdit_is1) (Version: 3.4.6.544 - Nikse)
                USB Disk Security (HKLM-x32...\USB Disk Security_is1) (Version: - Zbshareware Lab)
                USB Vibration Joystick (HKLM-x32...{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}) (Version: 2007.08.17 - )
                Virtual DJ Home - Atomix Productions (HKLM-x32...\Virtual DJ Home - Atomix Productions) (Version: - )
                VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.4 - VideoLAN)
                Vulkan Run Time Libraries 1.0.3.1 (HKLM...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
                Vulkan Run Time Libraries 1.0.39.1 (HKLM...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
                Windows 10 Update and Privacy Settings (HKLM...{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
                Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
                Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
                WinHTTrack Website Copier 3.48-22 (x64) (HKLM...\WinHTTrack Website Copier_is1) (Version: 3.48.22 - HTTrack)
                WinRAR 4.01 (32-bit) (HKLM-x32...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
                Wise Data Recovery 3.82 (HKLM-x32...\Wise Data Recovery_is1) (Version: 3.82 - WiseCleaner.com, Inc.)
                YTD Video Downloader 5.8.2 (HKLM-x32...{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.2 - GreenTree Applications SRL)
                
                ========================= Devices: ================================
                
                ========================= Memory info: ===================================
                
                Percentage of memory in use: 53%
                Total physical RAM: 3992.36 MB
                Available physical RAM: 1864.79 MB
                Total Virtual: 4888.36 MB
                Available Virtual: 2746.96 MB
                
                ========================= Partitions: =====================================
                
                1 Drive c: (SYSTEM) (Fixed) (Total:116.37 GB) (Free:54.12 GB) NTFS
                2 Drive d: () (Fixed) (Total:348.57 GB) (Free:0.54 GB) NTFS
                
                ========================= Users: ========================================
                
                User accounts for \ADMIN
                
                Administrator DefaultAccount Guest
                Max
                
                **** End of log ****

                Comment

                • maxim123
                  PCHF Member
                  • Aug 2017
                  • 463

                  #9
                  hijack this logfile:

                  Code:
                  Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.17
                  
                  Platform: x64 Windows 10 (Pro), 10.0.15063 (ReleaseId: 1703), Service Pack: 0
                  Time: 03.08.2017 - 12:17
                  Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
                  Elevated: Yes
                  Ran by: Max (group: Administrator) on ADMIN
                  
                  Chrome: 59.0.3071.115
                  Firefox: 47.0.1.6018
                  Edge: 11.0.15063.447
                  Internet Explorer: 11.0.15063.0
                  
                  Boot mode: Normal
                  
                  Running processes:
                  Number | Path
                  1 C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
                  1 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                  1 C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
                  1 C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
                  1 C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
                  1 C:\Program Files\Elantech\ETDCtrl.exe
                  1 C:\Program Files\Elantech\ETDCtrlHelper.exe
                  1 C:\Program Files\Elantech\ETDIntelligent.exe
                  1 C:\Program Files\Elantech\ETDService.exe
                  1 C:\Program Files\Intel\iCLS Client\HeciServer.exe
                  1 C:\Program Files\Windows Defender\MSASCuiL.exe
                  1 C:\Program Files\Windows Defender\MsMpEng.exe
                  1 C:\Program Files\Windows Defender\NisSrv.exe
                  1 C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
                  1 C:\Program Files\lenovo\Lenovo Solution Center\LSCNotify.exe
                  2 C:\Program Files\lenovo\iMController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
                  1 C:\Program Files\lenovo\iMController\Service\Lenovo.Modern.ImController.exe
                  1 C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
                  1 C:\Users\USER\Desktop\HiJackThis.exe
                  1 C:\Users\USER\Desktop\MemCompression
                  1 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
                  1 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
                  1 C:\Windows\SysWOW64\notepad.exe
                  1 C:\Windows\System32\CxAudMsg64.exe
                  1 C:\Windows\System32\InputMethod\CHS\ChsIME.exe
                  1 C:\Windows\System32\RuntimeBroker.exe
                  1 C:\Windows\System32\SearchFilterHost.exe
                  1 C:\Windows\System32\SearchIndexer.exe
                  1 C:\Windows\System32\SearchProtocolHost.exe
                  1 C:\Windows\System32\SecurityHealthService.exe
                  1 C:\Windows\System32\Taskmgr.exe
                  2 C:\Windows\System32\WUDFHost.exe
                  1 C:\Windows\System32\atieclxx.exe
                  1 C:\Windows\System32\atiesrxx.exe
                  1 C:\Windows\System32\audiodg.exe
                  2 C:\Windows\System32\csrss.exe
                  1 C:\Windows\System32\dasHost.exe
                  1 C:\Windows\System32\dwm.exe
                  2 C:\Windows\System32\fontdrvhost.exe
                  1 C:\Windows\System32\igfxCUIService.exe
                  1 C:\Windows\System32\igfxEM.exe
                  1 C:\Windows\System32\igfxHK.exe
                  1 C:\Windows\System32\lsass.exe
                  1 C:\Windows\System32\msiexec.exe
                  1 C:\Windows\System32\services.exe
                  1 C:\Windows\System32\sihost.exe
                  1 C:\Windows\System32\smss.exe
                  1 C:\Windows\System32\spoolsv.exe
                  62 C:\Windows\System32\svchost.exe
                  1 C:\Windows\System32\taskhostw.exe
                  1 C:\Windows\System32\wininit.exe
                  1 C:\Windows\System32\winlogon.exe
                  1 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
                  1 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
                  1 C:\Windows\explorer.exe
                  1 D:\Program Files (x86)\Internet Download Manager\IDMan.exe
                  1 D:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
                  1 D:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
                  1 D:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
                  1 D:\Program Files (x86)\Mozilla Firefox\firefox.exe
                  1 D:\Program Files\Sandboxie\SbieSvc.exe
                  
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66} - Google - Google Search
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURL = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: SuggestionsURLFallback = http://api.bing.com/qsml.aspx?query={searchTerms}&maxwidth={ie:maxWidth}&rowheight={ie:rowHeight}&sectionHeight={ie:sectionHeight}&FORM=IESS02&market={language}
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: TopResultURL = http://www.bing.com/search?q={searchTerms}&src=IE-TopResult&FORM=IE11TR
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: URL = {searchTerms} - Search
                  R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - Google - Google Search
                  O1 - Hosts: Reset contents to default
                  O1 - Hosts: 127.0.0.1 rosettastone.com
                  O1 - Hosts: 127.0.0.1 launch.rosettastone.com
                  O1 - Hosts: 127.0.0.1 amp.rosettastone.com
                  O1 - Hosts: 127.0.0.1 resources.rosettastone.com
                  O1 - Hosts: 127.0.0.1 updates.rosettastone.com0.0.0.0 anchorfree.net
                  O1 - Hosts: 0.0.0.0 www.mefeedia.com
                  O1 - Hosts: 0.0.0.0 www.mefeedia.com
                  O1 - Hosts: 0.0.0.0 delivery.anchorfree.us/land.php
                  O1 - Hosts: 0.0.0.0 www.mefeedia.com
                  O1 - Hosts: 0.0.0.0 www.mefeedia.com
                  O1 - Hosts: 0.0.0.0 delivery.anchorfree.us/land.php
                  O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - D:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
                  O2 - BHO: PwdHelperExplorerMonitor - {A5426DC0-48FC-4BBD-A4DB-1E8641B3459C} - d:\Program Files (x86)\Anvisoft\Anvi Folder Locker\x64\PwdHelper64.dll
                  O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
                  O2-32 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - d:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
                  O2-32 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
                  O2-32 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
                  O2-32 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
                  O4 - HKCU..\StartupApproved\Run: [CCleaner Monitoring] (2016/04/26)C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
                  O4 - HKCU..\StartupApproved\Run: [IDMan] (2014/08/18)D:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
                  O4 - HKCU..\StartupApproved\Run: [PeerBlock] (2016/10/13)d:\Program Files\PeerBlock\peerblock.exe
                  O4 - HKCU..\StartupApproved\Run: [SandboxieControl] (2015/04/30)d:\Program Files\Sandboxie\SbieCtrl.exe
                  O4 - HKCU..\StartupApproved\Run: [Skype] (2014/08/18)C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun
                  O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
                  O4 - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
                  O4 - HKLM..\Run: [LenovoUtility] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
                  O4 - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
                  O4 - HKLM..\StartupApproved\Run32: [AdobeCS6ServiceManager] (2014/08/18)C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin
                  O4 - HKLM..\StartupApproved\Run32: [BCSSync] (2017/02/18)D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices
                  O4 - HKLM..\StartupApproved\Run32: [PowerDVD14Agent] (2015/06/28)C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
                  O4 - HKLM..\StartupApproved\Run32: [Raptr] (2017/02/18)C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup
                  O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] (2014/08/18)C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
                  O4 - HKLM..\StartupApproved\Run32: [SwitchBoard] (2014/08/18)C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
                  O4 - HKLM..\StartupApproved\Run32: [USB Security] (2015/03/09)C:\Users\USER\AppData\Roaming\Zbshareware Lab\USBGuard.exe
                  O4 - HKLM..\StartupApproved\Run: [AdobeAAMUpdater-1.0] (2014/08/18)C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
                  O4 - HKLM..\StartupApproved\Run: [ForteConfig] (2017/02/18)C:\Program Files\Conexant\ForteConfig\fmapp.exe
                  O4 - HKLM..\StartupApproved\Run: [IgfxTray] (2014/08/18)C:\Windows\system32\igfxtray.exe
                  O4 - HKLM..\StartupApproved\Run: [Lenovo Utility] (2016/04/25)C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
                  O4 - HKLM..\StartupApproved\Run: [SecurityHealth] (1601/01/01)C:\Program Files\Windows Defender\MSASCuiL.exe
                  O4 - HKLM..\StartupApproved\Run: [SmartAudio] (2015/05/17)C:\Program Files\CONEXANT\SAII\SACpl.exe /t
                  O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
                  O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
                  O4-32 - HKLM..\Run: [KeyScrambler] d:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
                  O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr (file missing)
                  O8 - Extra context menu item: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
                  O8 - Extra context menu item: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
                  O8 - Extra context menu item: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
                  O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (file missing)
                  O8 - Extra context menu item: Download all links with IDM - D:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
                  O8 - Extra context menu item: Download with IDM - D:\Program Files (x86)\Internet Download Manager\IEExt.htm
                  O8 - Extra context menu item: E&xport to Microsoft Excel - D:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
                  O8 - Extra context menu item: Se&nd to OneNote - D:\PROGRA~1\MICROS~1\Office14\ONBttnIE.dll (file missing)
                  O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (HKLM)
                  O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (HKLM)
                  O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (HKLM)
                  O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (HKLM)
                  O16-32 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
                  O17 - DHCP DNS - 1: 192.168.1.1
                  O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
                  O18 - Protocol: WSISAllmytubechrome - {4724F5AF-4E6D-41CA- - (no file)
                  O20 - AppInit_DLLs: C:\Windows\system32\nvinitx.dll
                  O22 - Task (Disabled): \Microsoft\Windows\Subscription\LicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe
                  O22 - Task (Disabled): \Microsoft\Windows\UpdateOrchestrator\Combined Scan Download Install - C:\WINDOWS\system32\usoclient.exe ScanInstallWait
                  O22 - Task (Disabled): \OfficeSoftwareProtectionPlatform\SvcRestartTask - C:\WINDOWS\system32\sc.exe start osppsvc
                  O22 - Task (Disabled): shutdown - C:\Windows\System32\shutdown.exe /h
                  O22 - Task (Ready): Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_137_pepper.exe -check pepperplugin
                  O22 - Task (Ready): Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
                  O22 - Task (Ready): CCleanerSkipUAC - C:\Program Files\CCleaner\CCleaner.exe $(Arg0)
                  O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
                  O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
                  O22 - Task (Ready): OneDrive Standalone Update Task-S-1-5-21-900945925-988278395-3478122750-1001 - C:\Users\USER\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
                  O22 - Task (Ready): StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
                  O22 - Task (Ready): \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
                  O22 - Task (Ready): \Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
                  O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\1fab31b4-f13e-45d1-a093-e2843a4a2cc5 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 1fab31b4-f13e-45d1-a093-e2843a4a2cc5
                  O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\5d272505-f594-48c0-a473-aef997c09382 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger 5d272505-f594-48c0-a473-aef997c09382
                  O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\a64f1ced-f198-47f2-8caa-321acb18e1d6 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger a64f1ced-f198-47f2-8caa-321acb18e1d6
                  O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\c585190e-226d-4d00-b112-e024dec1ed37 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe /timebasedeventtrigger c585190e-226d-4d00-b112-e024dec1ed37
                  O22 - Task (Ready): \Lenovo\LSC\LSCHardwareScan - C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan
                  O22 - Task (Ready): \Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
                  O22 - Task (Ready): \Lenovo\Lenovo Customer Feedback Program 64 35 - C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
                  O22 - Task (Ready): \Lenovo\Lenovo Solution Center Launcher - C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus
                  O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\compattelrunner.exe
                  O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\WINDOWS\system32\compattelrunner.exe -maintenance
                  O22 - Task (Ready): \Microsoft\Windows\BitLocker\BitLocker MDM policy Refresh - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},BitLockerPolicy - C:\WINDOWS\System32\edptask.dll
                  O22 - Task (Ready): \Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask - {E984D939-0E00-4DD9-AC3A-7ACA04745521} - (no file)
                  O22 - Task (Ready): \Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged - {AE31B729-D5FD-401E-AF42-784074835AFE},-RegisterDevice -ProtectionStateChanged -FreeNetworkOnly -NoLocation - C:\WINDOWS\system32\DeviceDirectoryClient.dll
                  O22 - Task (Ready): \Microsoft\Windows\EDP\EDP App Launch Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},AppLaunch - C:\WINDOWS\System32\edptask.dll
                  O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Auth Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},ReAuth - C:\WINDOWS\System32\edptask.dll
                  O22 - Task (Ready): \Microsoft\Windows\EDP\EDP Inaccessible Credentials Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},MissingCredentials - C:\WINDOWS\System32\edptask.dll
                  O22 - Task (Ready): \Microsoft\Windows\EDP\StorageCardEncryption Task - {61BCD1B9-340C-40EC-9D41-D7F1C0632F05},SDCardEncryptionPolicy - C:\WINDOWS\System32\edptask.dll
                  O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Cellular - C:\WINDOWS\system32\ProvTool.exe /turn 7 /source CellStateChangeTask
                  O22 - Task (Ready): \Microsoft\Windows\Management\Provisioning\Logon - C:\WINDOWS\system32\ProvTool.exe /turn 5 /source LogonIdleTask
                  O22 - Task (Ready): \Microsoft\Windows\Maps\MapsToastTask - {9885AEF2-BD9F-41E0-B15E-B3141395E803},$(Arg0);$(Arg1);$(Arg2);$(Arg3);$(Arg4);$(Arg5);$(Arg6);$(Arg7) - C:\WINDOWS\System32\mapstoasttask.dll
                  O22 - Task (Ready): \Microsoft\Windows\PLA\LSC Memory - C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\pla.dll,PlaHost “LSC Memory” “$(Arg0)”
                  O22 - Task (Ready): \Microsoft\Windows\Subscription\EnableLicenseAcquisition - C:\WINDOWS\system32\ClipRenew.exe -e
                  O22 - Task (Ready): \Microsoft\Windows\UNP\RunCampaignManager - C:\WINDOWS\System32\UNP\UNPCampaignManager.exe
                  O22 - Task (Ready): \Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan - C:\Program Files\Windows Defender\MpCmdRun.exe Scan -ScheduleJob -ScanTrigger 55
                  O22 - Task (Ready): \Microsoft\Windows\WwanSvc\NotificationTask - C:\WINDOWS\System32\WiFiTask.exe wwan
                  O22 - Task (Ready): \WiseCleaner\WDRSkipUAC - d:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe $UAC
                  O22 - Task (Ready): {1E6113B1-6320-42D6-98F3-9B2BBA5E0C28} - d:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/7.4.0.102/en/go/help.faq.installer?LastError=1638
                  O23 - Service R2: AMD External Events Utility - C:\WINDOWS\system32\atiesrxx.exe
                  O23 - Service R2: Conexant Audio Message Service - (CxAudMsg) - C:\WINDOWS\system32\CxAudMsg64.exe
                  O23 - Service R2: Elan Service - (ETDService) - C:\Program Files\Elantech\ETDService.exe
                  O23 - Service R2: Hotspot Shield Service - (hshld) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
                  O23 - Service R2: Intel(R) Capability Licensing Service Interface - C:\Program Files\Intel\iCLS Client\HeciServer.exe
                  O23 - Service R2: Intel(R) Dynamic Application Loader Host Interface Service - (jhi_service) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
                  O23 - Service R2: Intel(R) HD Graphics Control Panel Service - (igfxCUIService2.0.0.0) - C:\WINDOWS\system32\igfxCUIService.exe
                  O23 - Service R2: Sandboxie Service - (SbieSvc) - d:\Program Files\Sandboxie\SbieSvc.exe
                  O23 - Service R2: System Interface Foundation Service - (ImControllerService) - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
                  O23 - Service R2: Windows Defender Antivirus Service - (WinDefend) - C:\Program Files\Windows Defender\MsMpEng.exe
                  O23 - Service R3: Windows Defender Antivirus Network Inspection Service - (WdNisSvc) - C:\Program Files\Windows Defender\NisSrv.exe
                  O23 - Service S2: Conexant SmartAudio service - (SAService) - C:\WINDOWS\SysWow64\SAsrv.exe
                  O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                  O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
                  O23 - Service S3: FLEXnet Licensing Service - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
                  O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
                  O23 - Service S3: Intel(R) Capability Licensing Service TCP IP Interface - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
                  O23 - Service S3: Intel(R) Content Protection HECI Service - (cphs) - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
                  O23 - Service S3: LSCWinService - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
                  O23 - Service S3: Malwarebytes Service - (MBAMService) - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
                  O23 - Service S3: SwitchBoard - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
                  
                  –
                  End of file - Time spent: 33 sec. - 40648 bytes, CRC32: FFFFFFFF. Sign: ⲛ넛

                  Comment

                  • Malnutrition
                    PCHF Moderator
                    • Jul 2016
                    • 7041

                    #10
                    Uninstall the programs below with Geek Uninstaller.

                    µTorrent (HKCU...\uTorrent) (Version: 3.5.0.43900 - BitTorrent Inc.)
                    Hotspot Shield 7.20.5 (HKLM-x32...{429c8d3a-6089-4020-a3be-bf075ed5d5aa}) (Version: 7.20.5.9941 - AnchorFree Inc.)
                    IDM Crack 6.28 build 9 (HKLM-x32...\IDM Crack 6.28 build 9) (Version: build 14 - Crackingpatching.com Team)
                    KMPFaster (HKLM-x32...\simplitec POWER SUITE_is1) (Version: 2.3.2.902 - simplitec GmbH)
                    Lenovo Solution Center (HKLM...{49277B39-D2E8-4342-9CE8-FC080C3FA344}) (Version: 2.8.007.00 - Lenovo Group Limited)
                    PeerBlock 1.2 (r693) (HKLM...{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
                    Samsung Kies3 /B (Version: 3.2.16044.2 - Samsung Electronics Co., Ltd.)
                    YTD Video Downloader 5.8.2 /B (Version: 5.8.2 - GreenTree Applications SRL)

                    Reset Host File

                    [ul]
                    [li]Click here to download RstHosts v2.0[/li][li]Save the file to your desktop.[/li][li]Right Click and Run as Administrator.[/li][li]Click on Restaurer, then click OK at the prompt.[/li][li]This will restore the default host file.[/li][li]Next Click on Creer Un Rapport.[/li][li]This will open a logfile, post that in your next reply.[/li][/ul]

                    Update your old programs with Patch MY PC @gus has written a nice guide to show how the program works.

                    Hijack This Fix.

                    Start HijackThis , Right Click Run as Admin.
                    Close all other open programs prior to running this tool!!
                    Click System Scan Only.
                    Then check mark the items listed below.

                    O4 - HKCU..\StartupApproved\Run: [CCleaner Monitoring] (2016/04/26)C:\Program Files\CCleaner\CCleaner64.exe /MONITOR
                    O4 - HKCU..\StartupApproved\Run: [IDMan] (2014/08/18)D:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
                    O4 - HKCU..\StartupApproved\Run: [PeerBlock] (2016/10/13)d:\Program Files\PeerBlock\peerblock.exe
                    O4 - HKCU..\StartupApproved\Run: [Skype] (2014/08/18)C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun
                    O4 - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe
                    O4 - HKLM..\Run: [Energy Manager] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
                    O4 - HKLM..\Run: [LenovoUtility] C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSD Package\x64\utility.exe
                    O4 - HKLM..\StartupApproved\Run32: [AdobeCS6ServiceManager] (2014/08/18)C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.ex e -launchedbylogin
                    O4 - HKLM..\StartupApproved\Run32: [BCSSync] (2017/02/18)D:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices
                    O4 - HKLM..\StartupApproved\Run32: [PowerDVD14Agent] (2015/06/28)C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
                    O4 - HKLM..\StartupApproved\Run32: [Raptr] (2017/02/18)C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup
                    O4 - HKLM..\StartupApproved\Run32: [SunJavaUpdateSched] (2014/08/18)C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
                    O4 - HKLM..\StartupApproved\Run32: [SwitchBoard] (2014/08/18)C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
                    O4 - HKLM..\StartupApproved\Run: [ForteConfig] (2017/02/18)C:\Program Files\Conexant\ForteConfig\fmapp.exe
                    O4 - HKLM..\StartupApproved\Run: [IgfxTray] (2014/08/18)C:\Windows\system32\igfxtray.exe
                    O4 - HKLM..\StartupApproved\Run: [Lenovo Utility] (2016/04/25)C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
                    O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
                    O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup
                    O18 - Protocol: WSISAllmytubechrome - {4724F5AF-4E6D-41CA- - (no file)
                    O22 - Task (Ready): Adobe Flash Player PPAPI Notifier - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_ 0_0_137_pepper.exe -check pepperplugin
                    O22 - Task (Ready): Adobe Flash Player Updater - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
                    O22 - Task (Ready): OneDrive Standalone Update Task-S-1-5-21-900945925-988278395-3478122750-1001 - C:\Users\USER\AppData\Local\Microsoft\OneDrive\One DriveStandaloneUpdater.exe
                    O22 - Task (Ready): StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
                    O22 - Task (Ready): \Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance - C:\WINDOWS\system32\sc.exe START ImControllerService
                    O22 - Task (Ready): \Lenovo\ImController\Plugins\LenovoSystemUpdatePlu gin_WeeklyTask - C:\WINDOWS\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
                    O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\1fab31b4-f13e-45d1-a093-e2843a4a2cc5 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.Im Controller.exe /timebasedeventtrigger 1fab31b4-f13e-45d1-a093-e2843a4a2cc5
                    O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\5d272505-f594-48c0-a473-aef997c09382 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.Im Controller.exe /timebasedeventtrigger 5d272505-f594-48c0-a473-aef997c09382
                    O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\a64f1ced-f198-47f2-8caa-321acb18e1d6 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.Im Controller.exe /timebasedeventtrigger a64f1ced-f198-47f2-8caa-321acb18e1d6
                    O22 - Task (Ready): \Lenovo\ImController\TimeBasedEvents\c585190e-226d-4d00-b112-e024dec1ed37 - C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.Im Controller.exe /timebasedeventtrigger c585190e-226d-4d00-b112-e024dec1ed37
                    O22 - Task (Ready): \Lenovo\LSC\LSCHardwareScan - C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe -diag HWScan
                    O22 - Task (Ready): \Lenovo\LSC\Lenovo Solution Center Notifications - C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe /show
                    O22 - Task (Ready): \Lenovo\Lenovo Customer Feedback Program 64 35 - C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
                    O22 - Task (Ready): \Lenovo\Lenovo Solution Center Launcher - C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe Actions UpdateStatus
                    O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\WINDOWS\system32\compattelrunner.exe
                    O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\WINDOWS\system32\compattelrunner.exe -maintenance
                    O22 - Task (Ready): \WiseCleaner\WDRSkipUAC - d:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe $UAC
                    O22 - Task (Ready): {1E6113B1-6320-42D6-98F3-9B2BBA5E0C28} - d:\program files (x86)\mozilla firefox\firefox.exe http://ui.skype.com/ui/0/7.4.0.102/e...LastError=1638
                    O23 - Service R2: Hotspot Shield Service - (hshld) - C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe

                    Now click on fix checked.
                    After the fix is complete, then reboot your machine.


                    Create and run batch file.

                    Open a notepad and copy the entire content of the code box below.
                    Paste the txt into the notepad. Save the file to your desktop as InternetFlush.bat
                    Now you will right click the on InternetFlush.bat and run as administrator.
                    Note: If you are using a third party firewall – you will want to leave out the top two lines of the script.
                    At the end of the batch file there will be a prompt to
                    Warning: This batch file will reboot your machine when complete! Save all work prior to running!!
                    Code:
                    netsh advfirewall reset
                    netsh advfirewall set allprofiles state ON
                    ipconfig /flushdns
                    netsh winsock reset catalog
                    netsh int ip reset c:\resetlog.txt
                    ipconfig /release
                    ipconfig /renew
                    netsh int ipv4 reset
                    netsh int ipv6 reset
                    bitsadmin /reset /allusers
                    reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
                    reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
                    netsh interface ipv6 6to4 set state state=disabled undoonstop=disabled
                    netsh interface ipv6 isatap set state state=disabled
                    netsh interface teredo set state disabled
                    netsh interface tcp set global autotuning=disabled
                    reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 0xFFFFFFFF
                    for /F "tokens=*" %%a in ('wevtutil.exe el') DO wevtutil.exe cl "%%a"
                    shutdown -r
                    Adware Cleaner Scan.

                    Please download AdwCleaner by Xplode onto your desktop.

                    [ul]
                    [li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

                    After Adware Cleaner reboot the machine, please tell me what issues remain,.

                    Comment

                    • Malnutrition
                      PCHF Moderator
                      • Jul 2016
                      • 7041

                      #11
                      Once you have completed the above instructions, I highly suggest that you run a checkdisk on your machine. There are some errors that indicate that you need to do so ASAP.

                      HTML Code:
                      Error: (08/03/2017 12:10:09 PM) (Source: Ntfs) (User: NT AUTHORITY)
                      Description: A corruption was discovered in the file system structure on volume C:.
                      You may want to run this overnight, as it may take a long time to run. If checkdisk seems to stall, just allow it to run. This scan may take several hours. Prior to running the check disk, please let me know how things are with your machine.

                      Run chkdsk /f /r from elevated command prompt.

                      [MEDIA=youtube]4feZG3LebOg[/MEDIA]

                      Comment

                      • maxim123
                        PCHF Member
                        • Aug 2017
                        • 463

                        #12
                        reset host logfile:

                        Code:
                        -|x| RstHosts v2.0 - Rapport créé le 03/08/2017 à 15:24:42
                        -|x| Système d’exploitation : Windows 10 Pro (64 bits)
                        -|x| Nom d’utilisateur : Max - ADMIN (Administrateur)
                        
                        -|x|- Informations -|x|-
                        
                        Emplacement : C:\WINDOWS\System32\drivers\etc\hosts
                        Attribut(s) : RASH
                        Propriétaire : Administrators - BUILTIN
                        Taille : 89 bytes
                        Date de création : 26/03/2015 - 08:15:53
                        Date de modification : 03/08/2017 - 15:24:30
                        Date de dernier accès : 03/08/2017 - 15:24:30
                        
                        -|x|- Contenu du fichier -|x|-
                        [HEADING=1]Fichier Hosts créé par RstHosts[/HEADING]
                        127.0.0.1 localhost
                        ::1 localhost
                        
                        -|x|- E.O.F - C:\RstHosts.txt - 597 bytes -|x|-

                        Comment

                        • maxim123
                          PCHF Member
                          • Aug 2017
                          • 463

                          #13
                          adwcleaner report

                          Code:
                          # AdwCleaner 7.0.1.0 - Logfile created on Thu Aug 03 11:58:50 2017
                          [HEADING=1]Updated on 2017/05/08 by Malwarebytes[/HEADING]
                          [HEADING=1]Database: 08-02-2017.1[/HEADING]
                          [HEADING=1]Running on Windows 10 Pro (X64)[/HEADING]
                          [HEADING=1]Mode: scan[/HEADING]
                          [HEADING=1]Support: https://www.malwarebytes.com/support[/HEADING]
                          ***** [ Services ] *****
                          
                          No malicious services found.
                          
                          ***** [ Folders ] *****
                          
                          PUP.Optional.Legacy, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
                          PUP.Optional.Legacy, C:\ProgramData\ytd video downloader
                          PUP.Optional.Legacy, C:\ProgramData\Application Data\ytd video downloader
                          PUP.Optional.Legacy, C:\Users\All Users\ytd video downloader
                          
                          ***** [ Files ] *****
                          
                          PUP.Optional.Legacy, C:\Users\All Users\Desktop\YTD Video Downloader.lnk
                          PUP.Optional.Legacy, C:\Users\Public\Desktop\YTD Video Downloader.lnk
                          
                          ***** [ DLL ] *****
                          
                          No malicious DLLs found.
                          
                          ***** [ WMI ] *****
                          
                          No malicious WMI found.
                          
                          ***** [ Shortcuts ] *****
                          
                          No malicious shortcuts found.
                          
                          ***** [ Tasks ] *****
                          
                          PUP.Optional.Legacy, WiseCleaner
                          
                          ***** [ Registry ] *****
                          
                          PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
                          PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID{8BF0126F-A5B7-4720-ABB2-2414A0AF5474}
                          PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
                          
                          ***** [ Firefox (and derivatives) ] *****
                          
                          No malicious Firefox entries.
                          
                          ***** [ Chromium (and derivatives) ] *****
                          
                          No malicious Chromium entries.
                          [HR][/HR]
                          C:/AdwCleaner/AdwCleaner[C0].txt - [5637 B] - [2017/2/18 15:57:30]
                          C:/AdwCleaner/AdwCleaner[S0].txt - [5054 B] - [2017/2/18 10:49:52]
                          C:/AdwCleaner/AdwCleaner[S1].txt - [5126 B] - [2017/2/18 15:39:49]
                          
                          ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt ##########

                          Comment

                          • maxim123
                            PCHF Member
                            • Aug 2017
                            • 463

                            #14
                            Hi, everything works fine right now, except being able to log into the admin panel of the router. yesterday, before I created the thread, I had tried some winsock command advice given in the internet. and it gave:
                            the following helper dll cannot be loaded: peerdistsh.dll

                            Comment

                            • Malnutrition
                              PCHF Moderator
                              • Jul 2016
                              • 7041

                              #15
                              How are you trying to log into the router?
                              Are you pasting 192.168.1.1 into your browser and hitting enter?
                              Or 192.168.1.6 and hitting enter?
                              Have you tried all of your browsers to log into the router?
                              Can you please post a new Minitoolbox log; so that I can see what is going on now that some things have been taken care of please.

                              Comment

                              Working...