Solved Major ping issues in online games, no noticeable issues with internet otherwise

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Welcome to our Community
Wanting to join the rest of our members? Feel free to sign up today.
Sign up
Status
Not open for further replies.

SonOfASelkie

PCHF Member
PCHF Member
Dec 13, 2016
4
1
21
Hello there,

Over the weekend my connection to online games dropped dramatically. Everything else (youtube, downloads, streams, webpages, etc.) works just as it used to. So far I have tried
  • Updating drivers
  • Clearing cookies/cache
  • Giving said games exceptions through my firewall
  • Closing other background programs that could be taking data
  • Using task manager to try and find any programs "stealth' stealing my bandwith
  • Playing a different times of day to see if it was an issue with other people in the house
  • Resetting the modem+router
  • Disabling windows peer-to-peer sharing
but none of it has worked. Now I am on Wi-Fi, and am switching to wired sometime in the future but the reason I don't think that is the issue is because I've played with absolutely no ping issues for the past few months on Wi-Fi, this all just started a few days ago.

Wi-Fi Adapter: Intel 7260HMWDTX1
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
Welcome to PCHF Lets get some info from your machine, to get things rolling.

Step 1: Speccy Scan.

  • Please go here and download Speccy.
  • Install and run the program.
  • Upon Completion:
  • Hit File
  • Publish Snap Shot
  • A link will appear, post that link.

Step 2: MiniToolBox Scan


Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go post the result.

Step 3: Autoruns Scan.



Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option.
in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.


Step 4: HijackThis.




1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.

Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

JRT Scan.


Please download Junkware Removal Tool and save it on your desktop.



  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Reset Host File


  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.
 

SonOfASelkie

PCHF Member
PCHF Member
Dec 13, 2016
4
1
21
Speccy - http://speccy.piriform.com/results/R7Lpn0ORzndqfzCJgA4IqgM


MiniToolBox by Farbar Version: 17-06-2016
Ran by Ronan Fitzgerald (administrator) on 12-12-2016 at 22:01:09
Running from "C:\Users\Ronan Fitzgerald\Downloads"
Microsoft Windows 10 Home (X64)
Model: MS-7A11 Manufacturer: MSI
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================

Intel(R) Dual Band Wireless-AC 7260 = Wi-Fi (Connected)
Intel(R) Ethernet Connection (2) I219-V = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : DESKTOP-1KUTVI3
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : hsd1.ma.comcast.net.

Ethernet adapter Ethernet:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Ethernet Connection (2) I219-V
Physical Address. . . . . . . . . : 4C-CC-6A-0E-2C-06
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 7C-5C-F8-C4-9E-A2
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

Connection-specific DNS Suffix . : hsd1.ma.comcast.net.
Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 7260
Physical Address. . . . . . . . . : 7C-5C-F8-C4-9E-A1
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2601:184:4400:90:d02c:10a1:5481:2f62(Preferred)
Temporary IPv6 Address. . . . . . : 2601:184:4400:90:8d3f:4831:b12a:7dd9(Preferred)
Link-local IPv6 Address . . . . . : fe80::d02c:10a1:5481:2f62%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.1.20(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, December 12, 2016 16:47:52
Lease Expires . . . . . . . . . . : Tuesday, December 13, 2016 18:05:40
Default Gateway . . . . . . . . . : fe80::d203:4bff:fed2:ab79%14
10.0.1.1
DHCP Server . . . . . . . . . . . : 10.0.1.1
DHCPv6 IAID . . . . . . . . . . . : 192699640
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3A-76-5E-7C-5C-F8-C4-9E-A1
DNS Servers . . . . . . . . . . . : 2001:4860:4860::8888
2001:4860:4860::8844
8.8.8.8
8.8.4.4
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.hsd1.ma.comcast.net.:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : hsd1.ma.comcast.net.
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:14f9:3c6b:f5ff:feeb(Preferred)
Link-local IPv6 Address . . . . . : fe80::14f9:3c6b:f5ff:feeb%6(Preferred)
Default Gateway . . . . . . . . . :
DHCPv6 IAID . . . . . . . . . . . : 486539264
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-3A-76-5E-7C-5C-F8-C4-9E-A1
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: google-public-dns-a.google.com
Address: 2001:4860:4860::8888

Name: google.com
Addresses: 2607:f8b0:4006:80f::200e
172.217.4.78


Pinging google.com [2607:f8b0:4006:80b::200e] with 32 bytes of data:
Reply from 2607:f8b0:4006:80b::200e: time=20ms
Reply from 2607:f8b0:4006:80b::200e: time=31ms

Ping statistics for 2607:f8b0:4006:80b::200e:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 20ms, Maximum = 31ms, Average = 25ms
Server: google-public-dns-a.google.com
Address: 2001:4860:4860::8888

Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:44:204::a7
2001:4998:58:c02::a9
98.138.253.109
206.190.36.45
98.139.183.24


Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Reply from 2001:4998:44:204::a7: time=56ms
Reply from 2001:4998:44:204::a7: time=66ms

Ping statistics for 2001:4998:44:204::a7:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 56ms, Maximum = 66ms, Average = 61ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...4c cc 6a 0e 2c 06 ......Intel(R) Ethernet Connection (2) I219-V
3...7c 5c f8 c4 9e a2 ......Microsoft Wi-Fi Direct Virtual Adapter
14...7c 5c f8 c4 9e a1 ......Intel(R) Dual Band Wireless-AC 7260
1...........................Software Loopback Interface 1
10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
6...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.0.1.1 10.0.1.20 35
10.0.1.0 255.255.255.0 On-link 10.0.1.20 291
10.0.1.20 255.255.255.255 On-link 10.0.1.20 291
10.0.1.255 255.255.255.255 On-link 10.0.1.20 291
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 10.0.1.20 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 10.0.1.20 291
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
14 51 ::/0 fe80::d203:4bff:fed2:ab79
1 331 ::1/128 On-link
6 331 2001::/32 On-link
6 331 2001:0:4137:9e76:14f9:3c6b:f5ff:feeb/128
On-link
14 51 2601:184:4400:90::/64 On-link
14 291 2601:184:4400:90::/64 fe80::d203:4bff:fed2:ab79
14 291 2601:184:4400:90:8d3f:4831:b12a:7dd9/128
On-link
14 291 2601:184:4400:90:d02c:10a1:5481:2f62/128
On-link
14 291 fe80::/64 On-link
6 331 fe80::/64 On-link
6 331 fe80::14f9:3c6b:f5ff:feeb/128
On-link
14 291 fe80::d02c:10a1:5481:2f62/128
On-link
1 331 ff00::/8 On-link
6 331 ff00::/8 On-link
14 291 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/12/2016 10:00:56 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 10:00:55 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 10:00:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 10:00:14 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 10:00:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 09:59:44 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/12/2016 09:44:17 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 09:44:16 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (12/12/2016 07:21:17 PM) (Source: MsiInstaller) (User: DESKTOP-1KUTVI3)
Description: Product: NVIDIA PhysX -- Installation terminated

Error: (12/12/2016 04:56:51 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "51.0.2681.0,language="&#x2a;",type="win32",version="51.0.2681.0"1".
Dependent Assembly 51.0.2681.0,language="&#x2a;",type="win32",version="51.0.2681.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (12/12/2016 08:39:46 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (12/12/2016 08:39:46 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

Error: (12/12/2016 05:57:41 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/12/2016 04:56:22 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/11/2016 09:40:56 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/11/2016 08:35:39 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 8 0x0 0x0

Error: (12/11/2016 08:35:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 2 0xdeaddeed 0xeeec

Error: (12/11/2016 08:35:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.

Code: 1 0xc 0x4

Error: (12/11/2016 06:40:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (12/11/2016 02:18:55 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (12/12/2016 10:00:56 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\amd\cim\bin64\SetACL64.exe

Error: (12/12/2016 10:00:55 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1

Error: (12/12/2016 10:00:15 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\amd\cim\bin64\SetACL64.exe

Error: (12/12/2016 10:00:14 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1

Error: (12/12/2016 10:00:13 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\amd\cim\bin64\SetACL64.exe

Error: (12/12/2016 09:59:44 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/12/2016 09:44:17 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files\amd\cim\bin64\SetACL64.exe

Error: (12/12/2016 09:44:16 PM) (Source: SideBySide)(User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0"C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.ManifestC:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL1

Error: (12/12/2016 07:21:17 PM) (Source: MsiInstaller)(User: DESKTOP-1KUTVI3)
Description: Product: NVIDIA PhysX -- Installation terminated(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/12/2016 04:56:51 PM) (Source: SideBySide)(User: )
Description: 51.0.2681.0,language="&#x2a;",type="win32",version="51.0.2681.0"C:\Users\Ronan Fitzgerald\AppData\Local\chromium\Application\chrome.exe


CodeIntegrity Errors:
===================================
Date: 2016-12-11 16:42:24.896
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2016-12-11 16:42:24.849
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-12-11 16:42:24.848
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-12-10 17:49:13.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.

Date: 2016-12-10 17:49:13.853
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-12-10 17:49:13.852
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-11-29 18:28:01.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.

Date: 2016-11-29 18:28:01.478
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-11-23 14:32:01.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\PlaysTV\ltc_help64-118416.dll that did not meet the Store signing level requirements.

Date: 2016-11-23 14:31:49.055
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Raptr Inc\Raptr\ltc_help64-116716.dll that did not meet the Store signing level requirements.


=========================== Installed Programs ============================

. . . (HKLM\...\{148F44E1-3F4A-4A55-A463-9B256CBCC37A}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{539E57B0-4D81-4095-ACF3-D2C86FBBEDD6}) (Version: 2.6.2.3 - Intel) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{345F3F90-0505-4EDF-B7A9-5E3AC1AC6CE4}) (Version: 15.2.1 - Hewlett-Packard) Hidden
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.73 - Hulubulu Software)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Application Profiles (HKLM-x32\...\{77A795C8-E532-4B09-5C58-7FFFC3CC9171}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AutoHotkey 1.1.24.01 (HKLM\...\AutoHotkey) (Version: 1.1.24.01 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM\...\Steam App 8870) (Version: - Irrational Games)
Borderlands 2 (HKLM\...\Steam App 49520) (Version: - Gearbox Software)
Catalyst Control Center Next Localization BR (HKLM\...\{C402C2F5-0B95-5471-4222-65DF5990944B}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{865C66DE-2F96-0AB1-08BE-B9F383243908}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{1BCFB20E-BA45-D946-EF8D-3EAC2CA566C5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{3CCD7507-7F42-BADB-BD22-0064CF9C1EF2}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1BE2EDCF-552B-D641-AA4B-9333C376AEAF}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{101EBA1D-F8F0-1E97-D2FD-68917DC1A7AC}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{719B690B-D0DC-E4DE-30EC-F4A1EE895AAE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{8D17B022-9CA1-C7CA-A4D6-985E160FD686}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{BE20EFC0-79CB-6273-BEC6-17C1B2F949C5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{C9BCA81B-16E7-EC73-45BA-8180B4A476C7}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{C2088603-B655-ED5B-BBE0-5CEFE17B8DEE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{5F8DCCF0-AD91-9DDA-59B3-5E25898415CD}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{5D247D18-F5FC-1976-E2A8-35BBB9F6DD31}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{101534C4-8ABB-3C5F-4C35-3681D1EDDAE3}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{1E1FEFF2-5AA0-DB57-BDD5-D1778ACA12BE}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{181093C9-7497-B4A8-BF51-7C59786DD43D}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{B99E3435-0B06-210C-B1B8-5954D5ADF936}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{EF3FA700-D95B-FEEA-A479-222E2FFEBD07}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{3E4EC972-F3AD-DD8D-2BC8-4BCA6A52F87F}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3FFDB58D-66AA-0A6E-6C07-366BF048E7D3}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{E60E7ABF-D1B6-C976-3073-02D79ECD2DC5}) (Version: 2016.1204.1136.20853 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine)
Corsair Link 4 (HKLM-x32\...\{ca37ff55-4f68-48ab-b12f-1c33e36c1410}) (Version: 4.2.4.25 - Corsair Components, Inc.)
Corsair Link 4 (HKLM-x32\...\{CDAB94CB-C456-4BA6-B9CC-C6305DE469D4}) (Version: 4.2.4.25 - Corsair Components, Inc.) Hidden
Corsair Link(TM) USB Dongle (Driver Removal) (HKLM-x32\...\SIUSBXP&1B1C&1C00) (Version: - Corsair Memory, Inc.)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.77 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKCU\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Dishonored (HKLM\...\Steam App 205100) (Version: - Arkane Studios)
Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.47.146 - OSToto Co., Ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 15.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
DropIt (v8.2) (HKLM\...\DropIt_is1) (Version: 8.2 - Lupo PenSuite Team)
f.lux (HKCU\...\Flux) (Version: - )
GeoGebra 5 (HKLM-x32\...\GeoGebra 5) (Version: 5.0.275.0 - International GeoGebra Institute)
Git version 2.9.3 (HKLM\...\Git_is1) (Version: 2.9.3 - The Git Development Community)
GitHub (HKCU\...\5f7eb300e2ea4ebf) (Version: 3.3.1.0 - GitHub, Inc.)
GitKraken (HKCU\...\gitkraken) (Version: 1.7.1 - Axosoft, LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.31.5 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{281508ba-d9c6-4f23-9570-48a516f37c4e}) (Version: 2.6.2.3 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 101 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180101}) (Version: 8.0.1010.13 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.7466.2038 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.6 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7426.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.7466.2038 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version: - Blizzard Entertainment)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.16.8-r118433-release - Plays.tv, LLC)
Python 3.5.2 (32-bit) (HKCU\...\{cf72a2ab-2f1d-49fd-a0d7-1065e6357e1e}) (Version: 3.5.2150.0 - Python Software Foundation)
Python 3.5.2 Add to Path (32-bit) (HKLM-x32\...\{7E08C4EE-B1C7-4138-8227-7CD3837636AA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Core Interpreter (32-bit) (HKLM-x32\...\{EB0611B2-7F10-4D97-BCF2-DCAAB1199498}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Development Libraries (32-bit) (HKLM-x32\...\{5DB2183B-62D3-407F-BBC1-EAD2F36283FA}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Documentation (32-bit) (HKLM-x32\...\{1FBA5182-78DD-4940-9F06-96E5042B7061}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Executables (32-bit) (HKLM-x32\...\{33B10015-A9B1-4210-B50A-26C6443979B0}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 pip Bootstrap (32-bit) (HKLM-x32\...\{9ADF9987-3327-48C6-91B3-B10900366491}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Standard Library (32-bit) (HKLM-x32\...\{FCBB04F4-D2CF-4F55-BE92-B3898696B318}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C1153533-FDC4-4922-892D-B71810F69566}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Test Suite (32-bit) (HKLM-x32\...\{9D50A6D7-410A-4469-87B7-35FA84CBD479}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.5.2 Utility Scripts (32-bit) (HKLM-x32\...\{E6DEBF43-7ACF-4E88-9BBF-9B5945683281}) (Version: 3.5.2150.0 - Python Software Foundation) Hidden
Python 3.6.0a3 (32-bit) (HKCU\...\{46ba3391-0374-4f4b-832e-3579445dec5f}) (Version: 3.6.103.0 - Python Software Foundation)
Python 3.6.0a3 Core Interpreter (32-bit) (HKLM-x32\...\{68980F70-C618-49DE-BFDB-12E6292268DE}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Development Libraries (32-bit) (HKLM-x32\...\{B19C8432-FFC5-45EB-A2AE-B26C2314D729}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Documentation (32-bit) (HKLM-x32\...\{7FBC00B7-E86F-44F9-89F9-60068307654B}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Executables (32-bit) (HKLM-x32\...\{C56B7E25-3E07-430C-9AD5-44D91777F7C9}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 pip Bootstrap (32-bit) (HKLM-x32\...\{3DE60CA3-3C54-4810-845C-704DE19D2DB1}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Standard Library (32-bit) (HKLM-x32\...\{EEE7C572-14EC-4C54-B09A-D3CA0F10D476}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{84B70DE2-6DFC-4DB5-B365-894FE8E3A8DA}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Test Suite (32-bit) (HKLM-x32\...\{F3CACBAF-C7E7-45B0-A342-D6B5CCDCCF04}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python 3.6.0a3 Utility Scripts (32-bit) (HKLM-x32\...\{4B26FCD6-051B-4176-9D2A-3F36102293D1}) (Version: 3.6.103.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{963ECCDD-F09F-4C24-9367-8B5D748AA7C8}) (Version: 3.5.2121.0 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2620 - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-2) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-4) (Version: 1.0.26.0 - LunarG, Inc.)
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB (10/30/2015 3.6) (HKLM\...\689CB8E4310D795D383E65C05A8F13A05D92E771) (Version: 10/30/2015 3.6 - Corsair Components, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
XnView 2.36 (HKLM-x32\...\XnView_is1) (Version: 2.36 - Gougelet Pierre-e)
XSplit Gamecaster (HKLM-x32\...\{D3C9DBAA-5395-4971-A962-553C7DBEA423}) (Version: 2.8.1605.2355 - SplitmediaLabs)
Zoom (HKCU\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.)

========================= Devices: ================================

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Device ID: ACPI\PNP0303\0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Device ID: ACPI\PNP0F03\0
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


**** End of log ****

Autoruns - Attached



Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:04:16, on 12/12/2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Ronan Fitzgerald\AppData\Local\Discord\app-0.0.296\Discord.exe
C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Ronan Fitzgerald\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Ronan Fitzgerald\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe
C:\ProgramData\Battle.net\Agent\Agent.5331\Agent.exe
C:\Users\Ronan Fitzgerald\AppData\Local\Discord\app-0.0.296\Discord.exe
C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net.exe
C:\Users\Ronan Fitzgerald\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
C:\PROGRA~2\RAPTRI~1\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\PROGRA~2\RAPTRI~1\PlaysTV\QtWebEngineProcess.exe
D:\Ronan Fitzgerald\Autorun\Autoruns.exe
C:\Users\Ronan Fitzgerald\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-68fa53be
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-68fa53be
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/SKY2_FRPage
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Raptr] C:\PROGRA~2\RAPTRI~1\Raptr\raptrstub.exe --startup
O4 - HKLM\..\Run: [Corsair Utility Engine] "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe" --autorun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Ronan Fitzgerald\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Ronan Fitzgerald\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [CorsairLink4] C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe -startup
O4 - HKCU\..\Run: [Discord] C:\Users\Ronan Fitzgerald\AppData\Local\Discord\app-0.0.296\Discord.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [AudioSwitcher] "C:\Users\Ronan Fitzgerald\AppData\Local\Temp\Temp1_AudioSwitcher (1).zip\AudioSwitcher.exe"
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted
O4 - HKCU\..\Run: [f.lux] "C:\Users\Ronan Fitzgerald\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify] "C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\Spotify.exe" -autostart
O4 - HKCU\..\Run: [Chromium] "c:\users\ronan fitzgerald\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{e7374b7f-d49d-48ed-9880-b8bcb45eb213}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: Corsair Link 4 (CLink4Service) - Corsair Components, Inc. - C:\Program Files (x86)\CorsairLink4\CorsairLink4.Service.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Unknown owner - C:\WINDOWS\system32\DbxSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Plays.tv Update Service (PlaysService) (PlaysService) - Copyright (c) 2016 Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) - Reimage® - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 14013 bytes



Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Home x64
Ran by Ronan Fitzgerald (Administrator) on Mon 12/12/2016 at 22:05:55.08
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 19

Failed to delete: C:\Program Files\reimage (Folder)
Successfully deleted: C:\ProgramData\reimage protector (Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\{7DE34B58-58B1-262E-3387-01FCEF55FCC2} (Empty Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod (Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\klbibkeccnjlkjkiokjodocebajanakg (Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bmnlcjabgnpnenekpadlanbbkooimhnj (Folder)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage-journal (File)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage (File)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage-journal (File)
Successfully deleted: C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_klbibkeccnjlkjkiokjodocebajanakg_0.localstorage (File)
Successfully deleted: C:\WINDOWS\reimage.ini (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\ReimageUpdater (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-S-1-5-21-2047515599-39716083-3749751434-1001 (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\update-sys (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-S-1-5-21-2047515599-39716083-3749751434-1001.job (Task)
Successfully deleted: C:\WINDOWS\Tasks\update-sys.job (Task)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERTALENT_SETUP.EXE-DA7DDC9C.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERUPDATEUI.EXE-A933B2EF.pf (File)



Registry: 1

Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\ReimageRealTimeProtector (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 12/12/2016 at 22:12:32.89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Reset Host File
-|x| RstHosts v2.0 - Rapport créé le 12/12/2016 à 22:26:33

-|x| Système d'exploitation : Windows 10 Home (64 bits)
-|x| Nom d'utilisateur : Ronan Fitzgerald - DESKTOP-1KUTVI3 (Administrateur)

-|x|- Informations -|x|-

Emplacement : C:\WINDOWS\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 30/10/2015 - 02:24:38
Date de modification : 12/12/2016 - 22:26:29
Date de dernier accès : 12/12/2016 - 22:26:29

-|x|- Contenu du fichier -|x|-

# Fichier Hosts créé par RstHosts

127.0.0.1 localhost
::1 localhost

-|x|- E.O.F - C:\RstHosts.txt - 621 bytes -|x|-


Will post the Adware Cleaner Scan in a second, figured I'd post this before my computer had to reboot.
 

Attachments

Last edited by a moderator:

SonOfASelkie

PCHF Member
PCHF Member
Dec 13, 2016
4
1
21
# AdwCleaner v6.040 - Logfile created 12/12/2016 at 22:28:50
# Updated on 02/12/2016 by Malwarebytes
# Database : 2016-12-11.2 [Local]
# Operating System : Windows 10 Home (X64)
# Username : Ronan Fitzgerald - DESKTOP-1KUTVI3
# Running from : C:\Users\Ronan Fitzgerald\Downloads\adwcleaner_6.040.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

[-] Service deleted: ReimageRealTimeProtector


***** [ Folders ] *****

[-] Folder deleted: C:\Program Files\Reimage
[#] Folder deleted on reboot: C:\Program Files\reimage


***** [ Files ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Key deleted: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\PRODUCTSETUP
[-] Key deleted: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\Reimage
[-] Key deleted: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[-] Key deleted: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\csastats
[#] Key deleted on reboot: HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: HKCU\Software\Reimage
[#] Key deleted on reboot: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Key deleted on reboot: HKCU\Software\csastats
[#] Key deleted on reboot: [x64] HKCU\Software\PRODUCTSETUP
[#] Key deleted on reboot: [x64] HKCU\Software\Reimage
[#] Key deleted on reboot: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.
[#] Key deleted on reboot: [x64] HKCU\Software\csastats
[-] Key deleted: [x64] HKLM\SOFTWARE\Reimage
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
[-] Key deleted: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKU\S-1-5-21-2047515599-39716083-3749751434-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Data restored: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key deleted: HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[#] Key deleted on reboot: [x64] HKCU\Software\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej
[-] Key deleted: [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pilplloabdedfmialnfchjomjmpjcoej


***** [ Web browsers ] *****

[-] [C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: fcfenmboojpjinhpgggodefccipikbpd
[-] [C:\Users\Ronan Fitzgerald\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4991 Bytes] - [12/12/2016 22:28:50]
C:\AdwCleaner\AdwCleaner[S0].txt - [4967 Bytes] - [12/12/2016 22:05:51]
C:\AdwCleaner\AdwCleaner[S1].txt - [4853 Bytes] - [12/12/2016 22:28:16]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5210 Bytes] ##########
 
Last edited by a moderator:

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
Step 1: Removal Of Useless Programs.

Remove these items with Geek Uninstaller.

Driver Talent (HKLM-x32\...\{29FE44D7-BC89-4188-8B0E-F6BA073C15A5}_is1) (Version: 6.4.47.146 - OSToto Co., Ltd.)
Reimage Protector (HKLM\...\Reimage Protector) (Version: - Reimage)

Step 2: Fix with HijackThis!

Close all other programs!

Right Click Hijack this, run as administrator.
Click do a system scan only.
Place a tick next to the items below.

O4 - HKLM\..\Run: [Lightshot] C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe
O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup
O4 - HKLM\..\Run: [Corsair Utility Engine] "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe" --autorun
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [BingSvc] C:\Users\Ronan Fitzgerald\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [Discord] C:\Users\Ronan Fitzgerald\AppData\Local\Discord\app-0.0.296\Discord.exe
O4 - HKCU\..\Run: [AudioSwitcher] "C:\Users\Ronan Fitzgerald\AppData\Local\Temp\Temp1_AudioSwitcher (1).zip\AudioSwitcher.exe"
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe" --autostarted
O4 - HKCU\..\Run: [f.lux] "C:\Users\Ronan Fitzgerald\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
O4 - HKCU\..\Run: [Spotify] "C:\Users\Ronan Fitzgerald\AppData\Roaming\Spotify\Spotify.exe" -autostart
O4 - HKCU\..\Run: [Chromium] "c:\users\ronan fitzgerald\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe

Click fix checked.
Accept the prompt.
Reboot the machine after.

Step 3: Fix with Autoruns.



Open Autoruns as administrator and under the "Task Scheduler" tab and uncheck these items.

+ "\CCleanerSkipUAC" "CCleaner" "Piriform Ltd" "c:\program files\ccleaner\ccleaner.exe" "11/15/2016 14:34" ""
+ "\Microsoft\Office\Office Automatic Updates" "Microsoft Office Click-to-Run Client (SxS)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe" "10/30/2016 14:39" ""
+ "\Microsoft\Office\Office ClickToRun Service Monitor" "Microsoft Office Click-to-Run Client (SxS)" "Microsoft Corporation" "c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe" "10/30/2016 14:39" ""
+ "\Microsoft\Office\Office Subscription Maintenance" "Office Subscription Licensing Heartbeat" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\vfs\programfilescommonx86\microsoft shared\office16\olicenseheartbeat.exe" "10/29/2016 08:36" ""
+ "\Microsoft\Office\OfficeTelemetryAgentFallBack2016" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\msoia.exe" "10/29/2016 08:49" ""
+ "\Microsoft\Office\OfficeTelemetryAgentLogOn2016" "Office Telemetry Agent" "Microsoft Corporation" "c:\program files (x86)\microsoft office\root\office16\msoia.exe" "10/29/2016 08:49" ""
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task" "Windows Live Social Object Extractor Engine" "Microsoft Corporation" "c:\program files (x86)\windows live\soxe\wlsoxe.dll" "3/31/2014 23:28" ""
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo" "" "" "c:\windows\system32\gathernetworkinfo.vbs" "7/16/2016 06:42" ""
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary" "Windows Media Player Network Sharing Service Configuration Application" "Microsoft Corporation" "c:\program files\windows media player\wmpnscfg.exe" "7/15/2016 21:25" ""
+ "\OneDrive Standalone Update Task" "Standalone Updater" "Microsoft Corporation" "c:\users\ronan fitzgerald\appdata\local\microsoft\onedrive\17.3.6517.0809\onedrivestandaloneupdater.exe" "8/9/2016 13:20" ""
+ "\ReimageUpdater" "Reimage Real Time Protection" "Reimage®" "c:\program files\reimage\reimage protector\reiguard.exe" "11/6/2016 05:57" ""
+ "\StartCN" "Radeon Settings: Command Line Interface" "Advanced Micro Devices, Inc." "c:\program files\amd\cnext\cnext\cncmd.exe" "12/4/2016 11:34" ""
+ "\update-S-1-5-21-2047515599-39716083-3749751434-1001" "Starter Module" "" "c:\program files (x86)\skillbrains\updater\updater.exe" "3/25/2014 02:26" ""

Step 4: Disable useless items.

Download easy service optmizer, save it to your desktop and unzip it there. Right click it and run as admin, then select tweaked at the bottom. Then click on the rocket, this will turn off a lot of useless items.




You will however need to change one setting. Right Click on Wlansvc — WLAN AutoConfig, then select start service, the edit service. Make sure it is automatic across the board, as per the picture.



Step 5: Run Batch File.


Download and unzip internet Flush.zip to your desktop right click it run as Administrator.
Reboot machine after running this tool.

Step 6: Disable Tunnel Adapters.


Now disable tunnel adapters with this tool.

Step 7: Set A Strong DNS Server


Set your DNS to Google or Open DNS with this tool.

Step 8: Report On Issue.

Reboot the machine once more and then post a fresh MiniToolBox log and tell me how the machine is running.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
I want to go ahead and get a couple more logs from you please....

ZHP Cleaner Scan.
We need you to run ZHPCleaner to get a log, can you please go HERE to download and save it to your desktop. Once downloaded right click the desktop icon
and click "Run as administrator" from the menu. Accept the programs terms and conditions, then select "Scanner" from the main interface. It is safe to ignore any security warnings received when installing or running this software.



ZHPCleaner may close your browser so do not be concerned. Scanning will begin and on completion may show a dialogue box as shown below, if so simply close it.



The main interface will re-open and this time click "Repair"



The main repair options dialogue box will open and any detected infections will be listed under the red tabs and be selected by default. Click "Repair" and ZHPCleaner will place the infections in Quarantine.



If ZHPCleaner asks to reboot please allow it. Upon reboot if necessary, or even if not required there will be log file called ZHPCleaner.txt on your desktop.

Please Copy and Paste the contents of this file in your next post:)

Adware Removal Tool Scan.

Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.



Hit Ok.



Hit next make sure to leave all items checked, for removal.



The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.

ADS SCAN.

Download ADS to your desktop.
Right Click Run As Administrator.
Click on Listing.

A file named Services_List Will appear on your desktop.
Please copy the content of that, and paste it in your next reply.


Report back to me how your games are running, I am about to head out for the night. :)
 

SonOfASelkie

PCHF Member
PCHF Member
Dec 13, 2016
4
1
21
That fixed it! (The 2nd message you posted, after I had posted my results). If it comes back I'll try the stuff in the third message - thanks so much for your help!
 
  • Like
Reactions: Malnutrition

Malnutrition

Malnurished Mod
Moderator
Security Team
Jul 22, 2016
3,395
551
That fixed it! (The 2nd message you posted, after I had posted my results). If it comes back I'll try the stuff in the third message - thanks so much for your help!
I'd rather you finish actually, perhaps when you have time? There still may be some bad files on your machine. I will mark it solved for now, but come back when you want and finish this out.

Please spread the word about the forum, where you get fast help that works!! :)
 
  • Like
Reactions: jmarket
Status
Not open for further replies.