Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Random pop up tabs annoying

random tabs new windows

  • Please log in to reply

#1
Nokx

Nokx

    New Member

  • Member
  • Pip
  • 2 posts

I keep getting random windows that pop up. random ads, it is extremely annoying when it kicks me off of whatever i am doing. would really appreciate the help. 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
Ran by Kyle Hughes (administrator) on HUGHES (26-10-2017 16:40:53)
Running from C:\Users\Kyle Hughes\Desktop
Loaded Profiles: Kyle Hughes (Available Profiles: Kyle Hughes)
Platform: Windows 8.1 Pro (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Windows\Temp\g9F7.tmp.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Realtek) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe
() C:\Windows\runSW.exe
(Realtek) C:\Windows\SwUSB.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtWLan.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
() C:\Program Files\d23f1c7520e40a4e8e02b11c68ae911c\1cd0a49798dba0ab20d773b3570cfead.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files\Windows NT\ANKMBKEVEV\FCCWUHBXJW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer, Inc.) C:\Users\Kyle Hughes\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Jetico ltd) C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\AnonymizerLauncher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
() C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Elgato Sound Capture] => C:\Program Files\Elgato\SoundCapture\SoundCapture.exe [1234944 2017-02-15] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\Run: [FCCWUHBXJW.exe] => C:\Program Files\Windows NT\ANKMBKEVEV\FCCWUHBXJW.exe [297984 2017-10-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2017-10-26]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe (WinZip)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2017-10-26]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files (x86)\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2017-03-11]
ShortcutTarget: Curse.lnk -> C:\Users\Kyle Hughes\AppData\Roaming\Curse Client\Bin\Curse.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{28FF218B-3C98-4E06-813C-EA3B3E592E12}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FFE21BC0-A6C6-4DE9-B818-2B82D1FD1054}: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-4274163581-765327985-3183266770-1001 -> {B7E6B961-0016-4B8D-88FC-45C37F88C380} URL = hxxps://search.yahoo.com/search?p={searchTerms}&intl=us&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-11] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-11] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Users\Kyle Hughes\Downloads\Java\bin\ssv.dll [2017-03-11] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Users\Kyle Hughes\Downloads\Java\bin\jp2ssv.dll [2017-03-11] (Oracle Corporation)
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Users\Kyle Hughes\Downloads\Java\bin\dtplugin\npDeployJava1.dll [2017-03-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Users\Kyle Hughes\Downloads\Java\bin\plugin2\npjp2.dll [2017-03-11] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default [2017-10-26]
CHR Extension: (Slides) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-24]
CHR Extension: (Docs) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Google Drive) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-02-13]
CHR Extension: (YouTube) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-13]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-20]
CHR Extension: (Sheets) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-24]
CHR Extension: (Google Docs Offline) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-14]
CHR Extension: (Trustnav safe search) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjdbeiflalimgifllheflljdconlbig [2017-10-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-24]
CHR Extension: (Gmail) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-02-13]
CHR Extension: (Chrome Media Router) - C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-26]
CHR HKLM-x32\...\Chrome\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1522184 2017-04-20] ()
S2 cowerService_1927703; C:\ProgramData\cowerService\cowerService_1927703.exe [1236168 2017-10-26] ()
R2 d23f1c7520e40a4e8e02b11c68ae911c; C:\Program Files\d23f1c7520e40a4e8e02b11c68ae911c\1cd0a49798dba0ab20d773b3570cfead.exe [1316352 2017-10-25] () [File not signed] <==== ATTENTION
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [409128 2017-03-20] (EasyAntiCheat Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3418024 2017-06-29] (LogMeIn Inc.)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-02-23] (Hi-Rez Studios) [File not signed]
S3 HnGSteamService; C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngservice.exe [777512 2017-10-24] (Reto-Moto ApS)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-05-27] (LogMeIn, Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-27] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 RealtekWlanU; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RtlService.exe [48856 2014-05-19] (Realtek)
S2 RTLDHCPService; C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe [262360 2014-04-23] (Realtek)
R2 RunSwUSB; C:\Windows\runSW.exe [44760 2014-12-12] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 334c71023b27b547fafff64a3ca5a682; C:\Windows\system32\drivers\334c71023b27b547fafff64a3ca5a682.sys [109144 2017-10-25] (YY2S4Q) <==== ATTENTION
R3 ElgatoVAD; C:\Windows\system32\DRIVERS\ElgatoVAD.sys [29848 2016-09-20] (Elgato Systems GmbH)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R3 iaLPSS2_GPIO2; C:\Windows\system32\DRIVERS\iaLPSS2_GPIO2.sys [88376 2016-09-20] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [43720 2015-08-13] (Razer Inc)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-16] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-10-07] (Razer, Inc.)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [44232 2015-08-13] (Razer Inc)
S3 sshid; C:\Windows\System32\drivers\sshid.sys [45936 2017-08-15] (SteelSeries ApS)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] () [File not signed]
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-26 17:25 - 2017-10-26 17:25 - 000000000 _____ C:\Recovery.txt
2017-10-26 16:40 - 2017-10-26 16:41 - 000016103 _____ C:\Users\Kyle Hughes\Desktop\FRST.txt
2017-10-26 16:37 - 2017-10-26 16:40 - 000000000 ____D C:\FRST
2017-10-26 16:36 - 2017-10-26 16:36 - 002403328 _____ (Farbar) C:\Users\Kyle Hughes\Desktop\FRST64.exe
2017-10-26 16:20 - 2017-10-26 16:31 - 000000008 _____ C:\ProgramData\xit.3bud
2017-10-26 15:38 - 2017-10-26 15:38 - 000002390 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Update Notifier.lnk
2017-10-26 15:38 - 2017-10-26 15:38 - 000002367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip Background Tools.lnk
2017-10-26 15:38 - 2017-10-26 15:38 - 000002337 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2017-10-26 15:38 - 2017-10-26 15:38 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\WinZip
2017-10-26 15:38 - 2017-10-26 15:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-10-26 15:37 - 2017-10-26 15:38 - 000000000 ____D C:\ProgramData\WinZip
2017-10-26 15:37 - 2017-10-26 15:37 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.0
2017-10-26 15:37 - 2017-10-26 15:37 - 000000000 ____D C:\Program Files (x86)\WinZip
2017-10-26 15:36 - 2017-10-26 15:36 - 002849376 _____ (BitTorrent Inc.) C:\Users\Kyle Hughes\Downloads\uTorrent.exe
2017-10-26 15:28 - 2017-10-26 16:37 - 000001264 _____ C:\Users\Kyle Hughes\Desktop\Google Chrome.lnk
2017-10-26 15:26 - 2017-10-26 16:27 - 000031481 _____ C:\Windows\01502a91bdec7e583a1a19c8800cd6b0.ps1
2017-10-26 15:26 - 2017-10-26 16:27 - 000003474 _____ C:\Windows\System32\Tasks\01502a91bdec7e583a1a19c8800cd6b0
2017-10-26 15:25 - 2017-10-26 16:36 - 000000000 ____D C:\Windows\SysWOW64\SSL
2017-10-26 15:25 - 2017-10-26 15:26 - 000000000 ____D C:\Program Files\d23f1c7520e40a4e8e02b11c68ae911c
2017-10-26 15:25 - 2017-10-26 15:25 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Easeware
2017-10-26 15:25 - 2017-10-26 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2017-10-26 15:25 - 2017-10-26 15:25 - 000000000 ____D C:\Program Files\Easeware
2017-10-26 15:22 - 2017-10-26 16:33 - 000016760 _____ C:\Windows\System32\Tasks\2st USB Driver for Cakewalk
2017-10-26 15:21 - 2017-10-26 15:21 - 000000000 ____D C:\ProgramData\cowerService
2017-10-26 15:19 - 2017-10-26 15:21 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\PCBooster
2017-10-26 15:19 - 2017-10-26 15:19 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnonymizerGadget
2017-10-26 15:18 - 2017-10-26 15:19 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\AGData
2017-10-26 15:18 - 2017-10-26 15:18 - 000000000 ____D C:\Program Files (x86)\AnonymizerGadget
2017-10-26 15:16 - 2017-10-26 15:39 - 000000000 ___RD C:\Users\Kyle Hughes\Downloads\Car.Mechanic.Simulator.2015.Gold.Edition - PLAZA
2017-10-26 15:06 - 2017-10-26 15:06 - 000000222 _____ C:\Users\Kyle Hughes\Desktop\Creativerse.url
2017-10-26 14:52 - 2017-10-26 15:37 - 000000000 ____D C:\Users\Kyle Hughes\AppData\LocalLow\uTorrent
2017-10-25 17:32 - 2017-10-25 17:32 - 000424960 _____ C:\Windows\d29375dbe93f30bdf95a6bf38bb8c5e6.exe
2017-10-25 17:32 - 2017-10-25 17:32 - 000109144 _____ (YY2S4Q) C:\Windows\system32\Drivers\334c71023b27b547fafff64a3ca5a682.sys
2017-10-25 17:32 - 2017-10-25 17:32 - 000039812 _____ C:\Windows\uninstaller.dat
2017-10-25 14:43 - 2017-10-25 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2017-10-25 14:43 - 2017-10-25 14:43 - 000000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2017-10-24 18:20 - 2017-10-24 18:20 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\Targem
2017-10-24 17:40 - 2017-10-24 18:19 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crossout
2017-10-24 14:20 - 2017-10-24 14:20 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-10-24 14:09 - 2017-10-24 18:18 - 000000222 _____ C:\Users\Kyle Hughes\Desktop\Crossout.url
2017-10-24 14:03 - 2017-10-26 16:14 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\uTorrent
2017-10-24 14:03 - 2017-10-26 15:36 - 000000881 _____ C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-10-24 13:43 - 2017-10-24 13:43 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
2017-10-24 13:20 - 2017-10-24 13:20 - 000002144 _____ C:\Users\Public\Desktop\REALTEK USB Wireless LAN Utility.lnk
2017-10-24 13:20 - 2017-10-24 13:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK USB Wireless LAN Utility
2017-10-24 13:20 - 2016-02-23 17:18 - 001146072 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2017-10-24 13:19 - 2017-10-24 13:19 - 000000000 ____D C:\Program Files (x86)\REALTEK
2017-10-24 13:19 - 2015-08-12 18:25 - 000454360 _____ (Realtek) C:\Windows\SwUSB.exe
2017-10-24 13:19 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
2017-10-24 13:19 - 2010-12-01 09:31 - 000451072 _____ C:\Windows\SysWOW64\ISSRemoveSP.exe
2017-10-24 13:19 - 2009-03-31 14:31 - 000380928 _____ (Realtek) C:\Windows\RtlUI2.exe
2017-10-24 13:19 - 2009-01-05 20:31 - 000000901 _____ C:\Windows\RtlUI2.exe.manifest
2017-10-24 13:19 - 2007-04-26 14:05 - 000100000 _____ C:\Windows\SysWOW64\EAPPkt9x.VXD
2017-10-24 13:19 - 2001-09-26 11:03 - 000012981 _____ C:\Windows\SysWOW64\REALPKT.VXD
2017-10-24 13:16 - 2017-10-24 13:18 - 058155558 _____ C:\Users\Kyle Hughes\Downloads\RNX-N150UBEv3_Windows.zip
2017-10-10 16:56 - 2017-10-10 16:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-10-10 16:56 - 2017-06-27 13:27 - 000135616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-10-10 16:56 - 2017-03-10 14:17 - 000536864 _____ C:\Windows\system32\vulkan-1.dll
2017-10-10 16:56 - 2017-03-10 14:17 - 000525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-10-10 16:56 - 2017-03-10 14:17 - 000254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-10-10 16:56 - 2017-03-10 14:17 - 000233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-10-10 16:54 - 2017-06-27 15:38 - 040239736 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 035798136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 035314296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 028922488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 017806048 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 015437248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-10-10 16:54 - 2017-06-27 15:38 - 013559376 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 012337112 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 012132272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 011501960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 010381336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 009982456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 003803256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 003359168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 001988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438476.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 001597888 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438476.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 001066616 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 001004480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000972736 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000924280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000895784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000689808 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000578056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000512672 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000499320 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000429920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-10-10 16:54 - 2017-06-27 15:38 - 000171384 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000149224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-10-10 16:54 - 2017-06-27 15:38 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-10-10 16:54 - 2017-06-27 15:38 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2017-10-10 16:50 - 2017-06-21 00:07 - 000179320 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2017-10-10 16:50 - 2017-06-21 00:07 - 000146552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2017-10-10 16:50 - 2017-06-21 00:07 - 000048248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-10-26 16:37 - 2017-02-13 19:57 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-10-26 16:37 - 2017-02-13 19:57 - 000002233 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-10-26 16:32 - 2017-04-19 18:55 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Skype
2017-10-26 16:31 - 2017-03-11 20:57 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\LogMeIn Hamachi
2017-10-26 16:31 - 2017-02-18 01:40 - 000000000 ____D C:\ProgramData\NVIDIA
2017-10-26 16:30 - 2017-02-13 19:58 - 000000000 ____D C:\Program Files (x86)\Steam
2017-10-26 16:27 - 2017-03-20 16:56 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-10-26 16:26 - 2013-08-22 07:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-26 16:21 - 2017-02-27 18:36 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\Warframe
2017-10-26 16:21 - 2017-02-14 11:52 - 000000000 __SHD C:\Users\Kyle Hughes\AppData\LocalLow\EmieSiteList
2017-10-26 16:21 - 2017-02-13 19:56 - 000000000 __SHD C:\Users\Kyle Hughes\AppData\LocalLow\EmieUserList
2017-10-26 16:20 - 2017-02-14 11:50 - 000001054 _____ C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-10-26 16:13 - 2017-02-14 11:50 - 000000000 ____D C:\Users\Kyle Hughes
2017-10-26 15:44 - 2017-03-08 14:40 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\CrashDumps
2017-10-26 15:25 - 2017-02-14 11:50 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Adobe
2017-10-26 15:24 - 2017-02-13 19:59 - 000126976 ___SH C:\Users\Kyle Hughes\Downloads\Thumbs.db
2017-10-26 15:20 - 2013-08-22 08:36 - 000000000 ____D C:\Program Files\Windows NT
2017-10-26 15:06 - 2017-02-13 20:01 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-10-26 14:55 - 2017-02-14 11:52 - 000003942 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{2B31BD9D-1651-447E-9836-8714768AB8D0}
2017-10-25 14:46 - 2017-02-14 23:30 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\discord
2017-10-25 14:45 - 2017-05-27 15:20 - 000000000 ____D C:\Users\Default\AppData\Local\LogMeIn Hamachi
2017-10-25 14:45 - 2017-05-27 15:20 - 000000000 ____D C:\Users\Default User\AppData\Local\LogMeIn Hamachi
2017-10-25 14:43 - 2017-05-27 15:18 - 000000153 _____ C:\Users\Default\BullseyeCoverageError.txt
2017-10-25 14:43 - 2017-03-11 20:56 - 000000938 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2017-10-24 18:20 - 2017-02-15 22:18 - 000000000 ____D C:\Users\Kyle Hughes\Documents\My Games
2017-10-24 18:12 - 2017-05-27 15:20 - 000000176 _____ C:\Users\Kyle Hughes\BullseyeCoverageError.txt
2017-10-24 17:46 - 2013-08-22 08:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-24 17:46 - 2013-08-22 08:36 - 000000000 ____D C:\Windows\AppReadiness
2017-10-24 14:27 - 2017-02-19 11:55 - 000000000 ____D C:\Windows\system32\MRT
2017-10-24 14:20 - 2017-02-19 11:55 - 126925120 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-10-24 13:43 - 2017-02-14 23:30 - 000002234 _____ C:\Users\Kyle Hughes\Desktop\Discord.lnk
2017-10-24 13:43 - 2017-02-14 23:30 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\Discord
2017-10-24 13:20 - 2013-08-22 06:36 - 000000000 ____D C:\Windows\Inf
2017-10-24 13:19 - 2017-03-20 16:56 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-10-24 13:11 - 2017-02-18 01:43 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Local\NVIDIA Corporation
2017-10-10 16:56 - 2017-03-29 16:11 - 000000000 ____D C:\Windows\LastGood
2017-10-10 16:56 - 2017-02-18 01:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-10-10 16:56 - 2017-02-18 01:40 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-10-10 16:55 - 2017-02-18 01:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-10-10 16:50 - 2017-02-18 01:43 - 000001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-10-10 16:50 - 2017-02-18 01:40 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-10-10 16:49 - 2017-02-14 21:08 - 000001209 _____ C:\Users\Kyle Hughes\Desktop\nativelog.txt
2017-10-10 16:43 - 2017-02-14 20:45 - 000000000 ____D C:\Users\Kyle Hughes\AppData\Roaming\.minecraft
 
==================== Files in the root of some directories =======
 
2017-03-27 13:09 - 2017-03-27 13:09 - 000000000 _____ () C:\Users\Kyle Hughes\AppData\Local\{A7FDEFA1-0062-48AC-9971-6EA196407038}
2017-10-26 16:20 - 2017-10-26 16:31 - 000000008 _____ () C:\ProgramData\xit.3bud
 
Some files in TEMP:
====================
2017-10-26 15:25 - 2017-10-26 15:25 - 004029848 _____ (Easeware                                                    ) C:\Users\Kyle Hughes\AppData\Local\Temp\2E24.tmp.exe
2017-10-26 15:20 - 2017-10-26 15:20 - 000933888 _____ (te ) C:\Users\Kyle Hughes\AppData\Local\Temp\browser_air_setup.exe
2017-05-27 15:20 - 2017-05-27 15:20 - 000010520 _____ () C:\Users\Kyle Hughes\AppData\Local\Temp\BullseyeCoverage-x86-3.dll
2017-10-26 15:18 - 2017-10-26 15:25 - 000024576 _____ (Philadelphia, NJ 19103) C:\Users\Kyle Hughes\AppData\Local\Temp\capi.exe
2017-10-26 15:19 - 2017-10-26 15:19 - 000943016 _____ (Install) C:\Users\Kyle Hughes\AppData\Local\Temp\component.exe
2017-10-26 15:18 - 2017-10-26 15:18 - 000020480 _____ (Fremont, CA 94539) C:\Users\Kyle Hughes\AppData\Local\Temp\cuinsta.exe
2017-10-26 16:33 - 2017-10-26 16:33 - 000392704 _____ () C:\Users\Kyle Hughes\AppData\Local\Temp\F60F.tmp.exe
2017-10-26 15:18 - 2017-10-26 15:25 - 003287769 _____ () C:\Users\Kyle Hughes\AppData\Local\Temp\golm.exe
2017-10-26 15:18 - 2017-10-26 15:18 - 000943016 _____ (Install) C:\Users\Kyle Hughes\AppData\Local\Temp\instalelerxvid.exe
2017-03-22 15:01 - 2017-03-22 15:01 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Kyle Hughes\AppData\Local\Temp\jansi-64-2325962925217487581.dll
2017-03-21 16:36 - 2017-03-21 16:36 - 000019968 _____ (Red Hat®, Inc.) C:\Users\Kyle Hughes\AppData\Local\Temp\jansi-64-5765598864897287156.dll
2017-03-11 22:23 - 2017-03-16 15:56 - 000754352 _____ (NVIDIA Corporation) C:\Users\Kyle Hughes\AppData\Local\Temp\nvSCPAPI.dll
2017-02-18 01:41 - 2017-03-16 15:56 - 000867968 _____ (NVIDIA Corporation) C:\Users\Kyle Hughes\AppData\Local\Temp\nvSCPAPI64.dll
2017-03-11 22:21 - 2017-03-16 15:56 - 000352704 _____ (NVIDIA Corporation) C:\Users\Kyle Hughes\AppData\Local\Temp\nvStInst.exe
2017-10-26 15:21 - 2017-10-26 15:21 - 004369560 _____ (OneSystemCare                                               ) C:\Users\Kyle Hughes\AppData\Local\Temp\OneSystemCare.exe
2017-10-26 15:18 - 2017-10-26 15:25 - 001792071 _____ () C:\Users\Kyle Hughes\AppData\Local\Temp\pi.exe
2017-10-26 15:20 - 2017-10-26 15:20 - 000395411 _____ (                                                            ) C:\Users\Kyle Hughes\AppData\Local\Temp\Setup (1).exe
2017-10-26 15:22 - 2017-10-26 15:22 - 002351086 _____ (Ads Medi Inc.                                               ) C:\Users\Kyle Hughes\AppData\Local\Temp\setup.exe
2017-10-26 15:19 - 2017-10-26 15:19 - 000886090 _____ (                                                            ) C:\Users\Kyle Hughes\AppData\Local\Temp\SetupTextToTalk.exe
2017-10-26 15:21 - 2017-10-26 15:21 - 001236168 _____ () C:\Users\Kyle Hughes\AppData\Local\Temp\stepway.exe
2017-10-26 15:21 - 2017-10-26 15:21 - 000839895 _____ (VideoBox                                                    ) C:\Users\Kyle Hughes\AppData\Local\Temp\vbd.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-10-24 14:20
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
Ran by Kyle Hughes (26-10-2017 16:42:17)
Running from C:\Users\Kyle Hughes\Desktop
Windows 8.1 Pro (Update) (X64) (2017-02-14 18:50:22)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4274163581-765327985-3183266770-500 - Administrator - Disabled)
Guest (S-1-5-21-4274163581-765327985-3183266770-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4274163581-765327985-3183266770-1003 - Limited - Enabled)
Kyle Hughes (S-1-5-21-4274163581-765327985-3183266770-1001 - Administrator - Enabled) => C:\Users\Kyle Hughes
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.)
AnonymizerGadget (HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\AnonymizerGadget) (Version: 1 - Jetico lim) <==== ATTENTION
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
Crossout Launcher 1.0.3.22 (HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\CrossOutLauncher_is1) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
Discord (HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\Discord) (Version: 0.0.298 - Discord Inc.)
Driver Easy 5.5.4 (HKLM\...\DriverEasy_is1) (Version: 5.5.4 - Easeware)
Elgato Game Capture HD (HKLM\...\{D8521193-8A1C-46F8-A372-F8391886D2E8}) (Version: 3.50.114.2114 - Elgato Systems GmbH)
Game Capture HD v1.0.0.1 (HKLM-x32\...\Software_Elgato_Game Capture HD) (Version: 1.0.0.1 - Elgato Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LogMeIn Hamachi (HKLM-x32\...\{BE82D2D7-6CA2-43B3-8C22-CCF6405806E7}) (Version: 2.2.0.579 - LogMeIn, Inc.) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.579 - LogMeIn, Inc.)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 384.76 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.302 - Razer Inc.)
REALTEK Wireless LAN Driver and Utility (HKLM-x32\...\{9C049509-055C-4CFF-A116-1D12312225EB}) (Version: 1.00.0283 - )
SearchAwesome (HKLM\...\d23f1c7520e40a4e8e02b11c68ae911c) (Version: 13.14.1.62 (i1.0) - SearchAwesome) <==== ATTENTION
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WinZip 21.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410C}) (Version: 21.0.12288 - WinZip Computing, S.L. )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-02-13] (WinZip Computing, S.L.)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-02-13] (WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-27] (NVIDIA Corporation)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2017-02-13] (WinZip Computing, S.L.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2C3DF8A9-6D72-48D9-8B82-DAB491F5D3EC} - System32\Tasks\2st USB Driver for Cakewalk => C:\Windows\system32\rundll32.exe "C:\Program Files\2st USB Driver for Cakewalk\2st USB Driver for Cakewalk.dll",SbcnPu <==== ATTENTION
Task: {5FF5F25E-B4AE-4BD8-9357-370F0E9C2CEE} - System32\Tasks\01502a91bdec7e583a1a19c8800cd6b0 => powershell.exe -NoProfile -NoLogo -NonInteractive -ExecutionPolicy Bypass -File "C:\Windows\01502a91bdec7e583a1a19c8800cd6b0.ps1" <==== ATTENTION
Task: {6ACA5BBB-6837-4DA2-AA79-B8B483C2B4D7} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {8C4AAC23-53B0-4B18-AD46-8CA97D85871B} - System32\Tasks\Microsoft\Windows\Multimedia\Manager => C:\Users\Kyle Hughes\AppData\Roaming\Adobe\Manager.exe [2017-10-26] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Kyle Hughes\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Kyle Hughes\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-10-26 15:22 - 2015-06-01 06:59 - 002310144 _____ () C:\Program Files\2st USB Driver for Cakewalk\2st USB Driver for Cakewalk.dll
2017-10-26 16:00 - 2017-10-26 16:26 - 000570368 _____ () C:\Windows\TEMP\g9F7.tmp.exe
2017-02-18 01:42 - 2017-06-21 00:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 15:20 - 2016-09-24 15:21 - 000189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2017-10-24 13:19 - 2014-12-12 17:24 - 000044760 _____ () C:\Windows\runSW.exe
2017-10-25 17:32 - 2017-10-25 17:32 - 001316352 _____ () C:\Program Files\d23f1c7520e40a4e8e02b11c68ae911c\1cd0a49798dba0ab20d773b3570cfead.exe
2017-02-15 13:23 - 2017-02-15 13:23 - 001234944 _____ () C:\Program Files\Elgato\SoundCapture\SoundCapture.exe
2017-10-26 15:20 - 2017-10-26 15:20 - 000297984 _____ () C:\Program Files\Windows NT\ANKMBKEVEV\FCCWUHBXJW.exe
2017-01-18 20:22 - 2017-01-18 20:22 - 000298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2017-10-24 18:38 - 2017-09-21 00:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-10-24 18:38 - 2017-09-21 00:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 002650760 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\proxycheck.exe
2017-10-25 14:59 - 2017-10-23 12:14 - 031229440 _____ () C:\Users\Kyle Hughes\AppData\Local\Google\Chrome\User Data\PepperFlash\27.0.0.183\pepflashplayer.dll
2017-10-24 13:19 - 2013-02-27 17:17 - 000221184 _____ () C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\EnumDevLib.dll
2017-02-18 01:42 - 2017-06-21 00:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-02-13 19:58 - 2017-09-09 12:25 - 000688416 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-02-13 19:58 - 2016-08-31 18:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-02-13 19:58 - 2017-10-24 22:00 - 002546976 _____ () C:\Program Files (x86)\Steam\video.dll
2017-02-13 19:58 - 2016-08-31 18:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-02-13 19:58 - 2016-08-31 18:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-02-13 19:58 - 2016-01-27 00:49 - 002549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-02-13 19:58 - 2016-01-27 00:49 - 000491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-02-13 19:58 - 2016-01-27 00:49 - 000332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-02-13 19:58 - 2016-01-27 00:49 - 000442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-02-13 19:58 - 2016-01-27 00:49 - 000485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-02-13 19:58 - 2017-10-24 22:00 - 000901408 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-02-13 19:58 - 2016-07-04 15:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-06-20 11:28 - 2017-06-20 11:28 - 001997792 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-01-16 04:40 - 2017-01-16 04:40 - 000143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2017-02-18 01:42 - 2017-06-21 00:06 - 066837112 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-04-02 17:54 - 2016-10-08 00:13 - 050656768 _____ () C:\Users\Kyle Hughes\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2017-02-13 19:59 - 2017-08-16 15:28 - 073130272 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-20 21:19 - 2017-09-06 19:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-02-13 19:58 - 2015-09-24 16:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2017-04-02 17:54 - 2016-10-08 00:13 - 001874944 _____ () C:\Users\Kyle Hughes\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2017-04-02 17:54 - 2016-10-08 00:13 - 000075264 _____ () C:\Users\Kyle Hughes\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 009656456 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\AnonymizerGadget.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 000353928 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\Ceflur.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 071853056 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\libcef.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 002918912 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\libglesv2.dll
2017-10-26 15:19 - 2017-10-26 15:19 - 000080384 _____ () C:\Users\Kyle Hughes\AppData\Roaming\AGData\bin\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Kyle Hughes:Heroes & Generals [38]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2017-10-26 15:20 - 000001832 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com
127.0.0.1 downloadmyhost.com
127.0.0.1 lapapahoster.com
127.0.0.1 bratitlamio.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.wizzuniquify.com
127.0.0.1 wizzmonetize.com
127.0.0.1 laserveradedomaina.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4274163581-765327985-3183266770-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kyle Hughes\Desktop\irl-1920x1080.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk"
HKLM\...\StartupApproved\Run32: => "AnonymizerGadget"
HKU\S-1-5-21-4274163581-765327985-3183266770-1001\...\StartupApproved\Run: => "uTorrent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C3568A7C-E141-4544-A402-4A69EBF2BCEF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A3430D6-CFE0-44D6-9E0D-D199003138FE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E775B5A1-7B6D-4D89-AD19-57C323974B7F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{B2682E8C-B722-498F-BAAF-BF795ABC898D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{13A50A7D-09D5-40CE-BDDF-BFB8ABA15BDC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{5998A4D8-6ED0-4ED0-845B-8AB5B298F9A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{B8A81D0F-B88B-454C-AE8F-686307C9D88C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{BB7DE81B-EDC0-49DF-A17F-8EFAF90113DA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{343EFC71-EA6E-4125-902E-7835F46EC9F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{DF29499A-742F-4A99-9DBB-11FC94610075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E0D42620-80D1-4C51-90FA-9C79487F3370}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6663F154-2937-48EF-9E4E-9B65F8BB64B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1981616D-31EE-4E30-8A21-460D3F6DD4EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{5610A985-4971-447C-A42B-FED6446EBF32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{82A8E9AC-E99B-430E-A905-F4097C6CD149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0905DCFC-D4C3-40A0-A28D-8A6F245BE8DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{EFFE4C56-D92A-4038-8072-770EB636755F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [TCP Query User{3BBC6B2A-3E9C-4EB6-A450-B61C8A0B6A16}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{CAE24F5C-97F5-4DB2-86DF-2BBF109FF6F7}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{F7D30147-BD9B-4BA3-94F0-213BC4B51FBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3A0C5873-C55B-41B5-9E13-550BE4465780}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{85E8C96F-8EEF-4942-8617-A8AE9A31F012}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [{26D80111-44D5-4F70-B414-B54B859F48B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe
FirewallRules: [TCP Query User{E37FA136-9712-42BF-B72B-CC470F637E13}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{A9F739FC-24DA-4DAE-AC62-00521D941C3D}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{E134C144-56FC-4BA3-B913-479B3E0A74B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{1D582301-F447-4264-A33A-7B2A7C3D46D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe
FirewallRules: [{5C5C6973-0971-4806-978A-1543218423D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{F83045F7-10A3-4ED0-A342-F1513EE5C593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{D4864FF0-416E-4F7F-BE55-0D9D8911D6CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [{9C93B972-C39D-4A45-8B5A-31E8641CED8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe
FirewallRules: [TCP Query User{176B4B7A-1431-4C2A-B8E1-A462CD6631C4}C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{85D9AD89-6747-4411-BB7F-8BA887B46E83}C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{2D6B145B-B5C9-48C0-95CF-CC8C4832FBD4}] => (Block) C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{57D41C95-A32E-45D6-A054-2EC6659788B1}] => (Block) C:\users\kyle hughes\documents\curse\minecraft\install\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{EA1E8858-AB97-4BB5-BBD3-368C1A73AA58}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [{1A0E5122-08A7-4ACD-92BE-9831974D15D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cry of Fear\CoFLaunchApp.exe
FirewallRules: [TCP Query User{6F260C02-FE8E-4E81-B32C-D9071CC08A02}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [UDP Query User{E4EF529D-85CE-4791-9FF4-B999FA7C16E7}C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{E9D6914C-1E39-4A4F-8CD8-2B1799CBB311}] => (Block) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{CA1A7FED-C08D-44BA-9B4D-7751763EBBEE}] => (Block) C:\program files (x86)\steam\steamapps\common\cry of fear\cof.exe
FirewallRules: [{90A68FD3-1762-475D-BB27-F95F8C858337}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2BB33A36-ED25-43BC-B994-AF395154EF96}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{E35D1E95-D4EC-4451-B9E6-148F38881829}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [UDP Query User{A8389E7C-2D5F-4800-A560-4543D0D106DB}C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{9FC922F9-E732-416D-994D-4FE3873D5463}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{E45CF891-5F12-44C1-B7E9-247701DB62C1}] => (Block) C:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe
FirewallRules: [{8CFF3A8E-AAB8-404C-B0A1-D1F148101CAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{D5A84361-F4D9-4D00-98CC-839B91A48565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{70F47FCF-408F-4338-AB63-4D03132B0E5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{E2DF4B53-366F-4C00-B6B3-C13C56BF1C93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{348EB772-07A7-4DCC-9489-3592EB00A3F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\Patcher.exe
FirewallRules: [{2B03531D-4350-4FCB-A1D6-FCC46931C45F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\Patcher.exe
FirewallRules: [{AFF1CB6B-AFCC-4417-A8FC-0F670C1F309E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\system\BlackShot.exe
FirewallRules: [{F4E7D8A4-F9B8-4E5C-9026-5E790B925A55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BlackShot\system\BlackShot.exe
FirewallRules: [TCP Query User{D2DA7BD4-9580-4801-94BC-3BFA0B054F00}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{9C2FA032-DD0D-4F56-B7F6-28CDC431F8CF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D03AAFB9-3062-448C-A1B4-A9F3B31132D0}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7B91CC4B-40E7-41BC-AF61-BDF50BD60BD9}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A7259093-6EFE-408E-BEEF-306A63925549}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{560EA8C5-9D9A-4FF4-B3D0-E198D906157D}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{8E662E19-03A7-4F4B-8DF0-B01C05952F31}] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{B5B6DAA4-E55E-4081-8608-A703B4A9D47D}] => (Block) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{2BD86278-EAF2-4497-94A9-F143BD8D2257}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{08B7014A-9B26-4CDD-A3DD-BE0D3E104CD3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Saints Row 2\SR2_pc.exe
FirewallRules: [{A6F070D1-6E7C-4F21-BCB0-3A85CCE48CA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{5BEEF40D-28FB-432F-9A12-DC9F1053D05B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C1B20E0B-3E7B-4DB2-8A31-80007A256829}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{FDC35B6E-D1C3-49B8-A8B9-42EE7D734EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{265762C9-59FC-4A9D-A016-33F11781BEEF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{732A9A0C-E305-4B6B-91D4-640BDB06AB9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{19D4B4B5-E455-4BA5-A58B-DE638265ED19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7A545A81-3E28-4E5B-B6FA-BD0DD8D7EC82}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{F3CC3DFF-D589-4D46-B9EC-D089B3AB4043}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{AE653DF7-B8B8-477A-B185-354EA27FEB19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C166DAD7-F394-4FFF-9F50-9C928D0CA560}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{47006270-BC64-4059-A658-7233A60BA985}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{A005F8B5-03EB-4423-BDC7-B96B0634CC85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{486439FA-6A25-4694-9A98-32FC67EF0F36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dirty Bomb\DirtyBombLauncher.exe
FirewallRules: [{32BDF25C-F661-451D-BCD1-42A36F54FC14}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{E75DFB59-07A4-41D5-92C8-F716D2DE7B32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{790217EF-AEA0-4C30-82D5-6DE0B9358B30}] => (Allow) LPort=53
FirewallRules: [{47651B60-6CC4-4BFA-8768-6F49DDD9EB91}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\Rtldhcp.exe
FirewallRules: [{B300B38D-8A56-43C3-B115-29B270675236}] => (Allow) C:\PROGRA~2\REALTEK\USBWIR~1\RtWlan.exe
FirewallRules: [{0AF03D43-699E-4ACE-B363-8440CF0A8CAC}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{6977EA34-6E68-4579-9525-857DC03F6991}] => (Allow) LPort=1542
FirewallRules: [{541CC1D0-FA04-4771-9C9A-0FE7F7C768D4}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{DB381EA8-E628-4FE7-A800-EB90EE8FF5EE}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{38723406-6C62-45E4-ABEB-AC84D6D3B3FA}] => (Allow) LPort=1542
FirewallRules: [{3F28D954-9F2E-4021-9DAF-11994EAA3EE7}] => (Allow) LPort=53
FirewallRules: [{647F80B4-85D8-4C4F-A1B8-2525C20F389B}] => (Allow) C:\Program Files (x86)\REALTEK\USB Wireless LAN Utility\RTLDHCP.exe
FirewallRules: [{0117014F-B2C7-4C36-A818-C2C1190D6157}] => (Allow) C:\Users\Kyle Hughes\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{57169511-A9A7-4206-98D6-F9269A6C0B37}] => (Allow) C:\Users\Kyle Hughes\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{54395A44-D766-40BB-BE8B-6D7C6A851FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe
FirewallRules: [{BA256AB7-54EA-4371-99E8-612515DF4D10}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crossout\launcher.exe
FirewallRules: [{7D043FD8-86F2-41A5-B057-25BB377D508B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{E124C3B8-51D2-4EAB-B76A-33D9D8CE105D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{5964F5C9-1F72-4B5D-8E30-44F50B20B4EC}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C21E4B9D-D86B-42A7-ABBB-39778ADA1180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{36A24CBE-F4DE-4DF1-A24E-09595FC00B13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Creativerse\Creativerse.exe
FirewallRules: [{F40F6C6C-8782-464D-8440-4D0EEA6A5139}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{C160F5E4-96DB-4226-9375-83FA37EC31A1}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
FirewallRules: [{4239036A-8807-40E9-B443-DD27787A3379}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{9905BE4B-1C16-47F4-B370-0A9FA07985A9}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{48737DE9-BE21-44B6-A25B-EBA08785E76E}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{0D95434D-3EE2-4D58-A00F-D40D5C56269C}] => (Allow) C:\Windows\System32\rundll32.exe
 
==================== Restore Points =========================
 
22-07-2017 13:10:25 Scheduled Checkpoint
10-10-2017 18:00:39 Scheduled Checkpoint
24-10-2017 13:19:52 Installed REALTEK USB Wireless LAN Driver and Utility
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/26/2017 03:44:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 304ced8c-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:44:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 30127bde-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:44:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 2f57d496-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:44:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 2f19416d-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:43:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 07240831-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:43:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 06e723df-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:43:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 06ac158a-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:43:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 065d990f-ba9f-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:29:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 2a7ad994-ba9d-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (10/26/2017 03:28:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: instalelerxvid.exe, version: 6.33.1.6130, time stamp: 0x59d3901c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xe696f6a4
Faulting process id: 0x1aec
Faulting application start time: 0x01d34ea86bb7bf4f
Faulting application path: C:\Users\KYLEHU~1\AppData\Local\Temp\instalelerxvid.exe
Faulting module path: unknown
Report Id: 06fea36f-ba9d-11e7-82d0-4ccc6a927e78
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (10/26/2017 04:34:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The cowerService_1927703 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 04:27:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 04:27:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The d23f1c7520e40a4e8e02b11c68ae911c service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/26/2017 04:27:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the d23f1c7520e40a4e8e02b11c68ae911c service to connect.
 
Error: (10/26/2017 04:23:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The cowerService_1927703 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 04:15:52 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Realtek DHCP Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (10/26/2017 04:15:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The d23f1c7520e40a4e8e02b11c68ae911c service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (10/26/2017 04:15:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the d23f1c7520e40a4e8e02b11c68ae911c service to connect.
 
Error: (10/26/2017 04:14:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:10:12 PM on ‎10/‎26/‎2017 was unexpected.
 
Error: (10/26/2017 04:06:48 PM) (Source: DCOM) (EventID: 10010) (User: Hughes)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2017-03-29 16:07:01.832
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\t_mouse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-29 15:59:50.623
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\t_mouse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-29 15:59:50.258
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\t_mouse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-29 15:54:01.831
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\t_mouse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-29 15:45:04.375
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\t_mouse.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-26 14:25:14.904
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\win32k.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-03-21 16:08:00.150
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\win32k.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 16%
Total physical RAM: 16347.06 MB
Available physical RAM: 13627.7 MB
Total Virtual: 19035.06 MB
Available Virtual: 16278.34 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.96 GB) (Free:702.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,708 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


Unistall the programs listed below

AnonymizerGadget
SearchAwesome



Next

Download AdwCleaner from here. Save the file to the desktop.
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
Close all open windows and browsers.
  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
iO5EZayK.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be moved to Quarantine.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this
adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[C0].txt
Next
  • Please download Junkware Removal Tool to your Desktop.
  • Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
  • Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.

    Next
    • Please download Malwarebytes Anti-Malware to your desktop.
    • Double-click mbam-setup-version.exe and follow the prompts to install the program.
    • Launch Malwarebytes Anti-Malware
    • Then click Finish.
    • If an update is found, you will be prompted to download and install the latest version.
    • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
    • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
    • Reboot your computer if prompted.
    Posting the Malwarebytes log.
    • After the restart once you are back at your desktop, open MBAM once more.
    • Click on the History tab > Application Logs.
    • Double click on the Scan Log which shows the Date and time of the scan just performed.
    • Click 'Export'.
    • Click 'Text file (*.txt)'
    • In the Save File dialog box which appears, click on Desktop.
    • In the File name: box type a name for your scan log.
    • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
    • Click Ok
    • post that saved log to your next reply.
    In your next reply post;
  • The AdwCleaner [C1].txt Log
  • The JRT.txt Log
  • Malwarebytes log






  • 0






Similar Topics


Also tagged with one or more of these keywords: random tabs, new windows

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP