Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Very slow PC

Started by Betrayed , Jun 07 2018 12:28 PM

Please log in to reply

#1
Betrayed

Posted 07 June 2018 - 12:28 PM

Member

Member
119 posts

PC has been very slow recently no idea why.

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01

Ran by Jamie (administrator) on BETRAYED (07-06-2018 19:27:01)

Running from D:\Users\Jamie\Desktop

Loaded Profiles: Jamie (Available Profiles: Jamie)

Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\pcupdateservice.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe

() C:\Program Files (x86)\NordVPN\nordvpn-service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdmonitorapps.exe

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalsystray.exe

(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe

(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe

() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe

(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe

(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe

(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe

(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe

(Spotify Ltd) C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe

(Dassault Systèmes SolidWorks Corp.) D:\Program Files\SOLIDWORKS\sldworks_fs.exe

(Corsair Components, Inc.) D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe

(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe

(Rainmeter) D:\Program Files\Rainmeter\Rainmeter.exe

(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe

() C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe

(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe

(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe

() D:\Program Files\Sublime Text 3\sublime_text.exe

() D:\Program Files\Sublime Text 3\plugin_host.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)

HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-4778-A5FC-0D0F1F219F12}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-47 (the data entry has 36 more characters).

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-25] (Realtek Semiconductor)

HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)

HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc.)

HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [597688 2018-05-15] (Razer Inc.)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3200800 2018-06-01] (Valve Corporation)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Discord] => C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3044848 2017-02-11] (Electronic Arts)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify] => C:\Users\Jamie\AppData\Roaming\Spotify\Spotify.exe [24023440 2018-06-07] (Spotify Ltd)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Jamie\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2115656 2017-10-15] (Gaijin Entertainment)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [5852920 2018-05-02] (NordVPN)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify Web Helper] => C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-06-07] (Spotify Ltd)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OBS Studio.lnk [2016-10-10]

ShortcutTarget: OBS Studio.lnk -> D:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2017-12-08]

ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-06-07]

ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-07-09]

ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

Tcpip\..\Interfaces\{BD584BD8-9D46-4F4B-B346-6A00849ED96C}: [DhcpNameServer] 10.211.254.254 8.8.8.8

Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [NameServer] 8.8.8.8,8.8.4.4

Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ie/?ocid=iehp

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)

FireFox:

========

FF DefaultProfile: dvfgafen.default

FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\dvfgafen.default [2018-06-01]

FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> D:\Program Files\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)

FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)

FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> D:\Program Files\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)

StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:

=======

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.google.ie/"

CHR DefaultSearchKeyword: Default -> google.co.uk

CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default [2018-06-07]

CHR Extension: (Heartbeat) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2017-01-24]

CHR Extension: (Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]

CHR Extension: (Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]

CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]

CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]

CHR Extension: (uBlock Origin) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-05-26]

CHR Extension: (Tampermonkey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-17]

CHR Extension: (Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]

CHR Extension: (LoungeDestroyer) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2018-05-11]

CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]

CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-05-27]

CHR Extension: (Iron Man-Material Design) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nekeenfmlfhgoaojceionblcpbbjmnpk [2016-07-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]

CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]

CHR Extension: (Chrome Media Router) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-01]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)

R2 BdParental; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe [119512 2018-05-17] (Bitdefender)

R2 BdParentalUpdate; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\PCUpdateService.exe [62864 2018-05-17] (Bitdefender)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-06-04] ()

S3 CoordinatorServiceHost; D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2017-02-04] (Dassault Systèmes SolidWorks Corporation)

S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-08] (EasyAntiCheat Ltd)

R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()

S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)

R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)

R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)

R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [430840 2018-05-02] ()

R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)

R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)

S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-05-10] (The OpenVPN Project)

S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-11] (Electronic Arts)

S2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-11] (Electronic Arts)

R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)

R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()

R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)

S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-12-08] (SolidWorks) [File not signed]

R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()

R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)

S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 bddevflt; C:\Windows\System32\DRIVERS\bddevflt.sys [106992 2018-05-17] (BitDefender LLC)

R1 bdfwfpf_pc; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdfwfpf_pc.sys [142232 2018-05-17] (Bitdefender SRL)

R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)

R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [564216 2017-04-25] (Intel Corporation)

S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)

R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)

R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc.)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-07] (Malwarebytes)

R1 MpKsl068e207c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5A8B87F-6392-4BFC-BC73-997A840C6BF6}\MpKsl068e207c.sys [58120 2018-06-07] (Microsoft Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)

R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [56064 2018-05-23] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)

R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)

S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)

R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)

R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)

R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)

R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()

R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)

S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)

R3 tapnordvpn; C:\Windows\system32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)

S3 tapwindscribe0901; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2017-09-13] (The OpenVPN Project)

R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)

R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)

U3 gzflt; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-07 19:26 - 2018-06-07 19:27 - 000000000 ____D C:\FRST

2018-06-07 18:49 - 2018-06-07 18:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2018-06-05 15:34 - 2018-06-05 15:34 - 000000000 ____D C:\ProgramData\LogiShrd

2018-06-05 15:33 - 2018-06-05 15:33 - 000000000 ____D C:\Users\Jamie\AppData\Local\Logitech

2018-06-05 15:31 - 2018-06-05 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech

2018-06-05 15:30 - 2018-06-05 15:31 - 000000000 ____D C:\Program Files\Logitech Gaming Software

2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logitech

2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logishrd

2018-06-05 00:49 - 2018-06-05 00:49 - 000001925 _____ C:\Users\Public\Desktop\NordVPN.lnk

2018-06-05 00:48 - 2018-06-05 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN

2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files\TAP-NordVPN

2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files (x86)\NordVPN

2018-06-04 11:01 - 2018-06-04 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2018-06-04 11:01 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

2018-06-03 15:22 - 2018-06-03 15:22 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsign9f5928a9196dbbd0

2018-06-02 21:32 - 2018-06-02 21:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc261ba133930a345

2018-06-01 13:43 - 2018-06-01 13:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software

2018-06-01 13:42 - 2018-06-01 13:42 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update

2018-06-01 13:42 - 2018-06-01 13:42 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk

2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\ProgramData\AVAST Software

2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software

2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\AVAST Software

2018-06-01 10:32 - 2018-06-01 10:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\BattlEye

2018-05-24 17:14 - 2018-05-24 17:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT

2018-05-24 17:14 - 2018-05-22 21:09 - 000132392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2018-05-24 17:12 - 2018-05-23 19:24 - 040089632 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2018-05-24 17:12 - 2018-05-23 19:24 - 032359864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2018-05-24 17:12 - 2018-05-23 19:24 - 000056064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys

2018-05-24 17:12 - 2018-05-23 19:23 - 040347168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 035250536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 016997632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2018-05-24 17:12 - 2018-05-23 19:23 - 003964960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 003496992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 002013784 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439793.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 001562016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439793.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 001418840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 001216256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 001092000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 000626776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 000517536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2018-05-24 17:12 - 2018-05-23 19:23 - 000134688 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 031276288 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 025990096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 019080776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 017782384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 015192624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 013727792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 011273120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 001157208 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000913664 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000904904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000544472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000462832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000420000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000182784 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000170192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000164944 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000159896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000148512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll

2018-05-24 17:12 - 2018-05-23 19:22 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2018-05-24 17:12 - 2018-05-22 22:52 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2018-05-24 17:12 - 2018-05-22 22:52 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2018-05-23 14:09 - 2018-05-23 14:09 - 000000000 ____D C:\ProgramData\Blizzard Entertainment

2018-05-23 14:08 - 2018-05-27 14:10 - 000000000 ____D C:\Users\Jamie\AppData\Local\Battle.net

2018-05-23 14:08 - 2018-05-25 22:25 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard Entertainment

2018-05-23 14:08 - 2018-05-25 22:12 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Battle.net

2018-05-23 14:08 - 2018-05-23 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2018-05-23 14:07 - 2018-05-27 13:30 - 000000000 ____D C:\Program Files (x86)\Battle.net

2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard

2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\ProgramData\Battle.net

2018-05-19 23:48 - 2018-05-19 23:48 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignfe2295aadf1bbde7

2018-05-18 20:06 - 2018-05-24 17:13 - 000000000 ____D C:\Windows\LastGood.Tmp

2018-05-18 20:06 - 2018-05-08 22:24 - 001990688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439764.dll

2018-05-18 20:06 - 2018-05-08 22:24 - 001467992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439764.dll

2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json

2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\system32\nv-vk64.json

2018-05-17 16:35 - 2018-05-17 16:35 - 000106992 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bddevflt.sys

2018-05-16 19:03 - 2018-05-16 19:03 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc1d1dccad7ed2609

2018-05-14 19:12 - 2018-03-19 19:26 - 000137592 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys

2018-05-14 19:12 - 2018-03-08 22:14 - 000041720 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys

2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer

2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\Program Files (x86)\PKGInstaller

2018-05-11 20:05 - 2018-05-11 20:05 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS 2017

2018-05-09 13:36 - 2018-04-22 09:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2018-05-09 13:36 - 2018-04-22 08:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2018-05-09 13:36 - 2018-04-22 08:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2018-05-09 13:36 - 2018-04-22 07:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2018-05-09 13:36 - 2018-04-22 07:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2018-05-09 13:35 - 2018-04-22 10:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll

2018-05-09 13:35 - 2018-04-22 09:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll

2018-05-09 13:35 - 2018-04-22 08:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2018-05-09 13:35 - 2018-04-22 08:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2018-05-09 13:35 - 2018-04-22 08:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2018-05-09 13:35 - 2018-04-22 08:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2018-05-09 13:35 - 2018-04-22 08:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2018-05-09 13:35 - 2018-04-22 08:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2018-05-09 13:35 - 2018-04-22 07:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll

2018-05-09 13:35 - 2018-04-22 07:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2018-05-09 13:35 - 2018-04-22 07:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2018-05-09 13:35 - 2018-04-22 07:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll

2018-05-09 13:35 - 2018-04-22 07:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2018-05-09 13:35 - 2018-04-22 07:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2018-05-09 13:35 - 2018-04-22 07:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2018-05-09 13:35 - 2018-04-22 07:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll

2018-05-09 13:35 - 2018-04-22 07:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2018-05-09 13:35 - 2018-04-22 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll

2018-05-09 13:35 - 2018-04-22 07:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2018-05-09 13:35 - 2018-04-22 07:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2018-05-09 13:35 - 2018-04-22 07:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2018-05-09 13:35 - 2018-04-22 07:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2018-05-09 13:35 - 2018-04-22 07:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2018-05-09 13:35 - 2018-04-22 07:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2018-05-09 13:35 - 2018-04-22 07:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2018-05-09 13:35 - 2018-04-22 07:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2018-05-09 13:35 - 2018-04-15 17:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx

2018-05-09 13:35 - 2018-04-15 17:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx

2018-05-09 13:35 - 2018-04-11 02:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2018-05-09 13:35 - 2018-04-11 02:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2018-05-09 13:35 - 2018-04-11 02:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2018-05-09 13:35 - 2018-04-10 19:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2018-05-09 13:35 - 2018-04-10 19:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll

2018-05-09 13:35 - 2018-04-10 19:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll

2018-05-09 13:35 - 2018-04-10 18:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll

2018-05-09 13:35 - 2018-04-10 17:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll

2018-05-09 13:35 - 2018-04-07 17:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2018-05-09 13:35 - 2018-04-07 16:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2018-05-09 13:35 - 2018-04-07 16:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2018-05-09 13:35 - 2018-04-07 16:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2018-05-09 13:35 - 2018-04-07 16:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll

2018-05-09 13:35 - 2018-04-07 16:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll

2018-05-09 13:35 - 2018-04-07 16:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll

2018-05-09 13:35 - 2018-04-07 16:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll

2018-05-09 13:35 - 2018-04-06 22:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys

2018-05-09 13:35 - 2018-03-24 16:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2018-05-09 13:35 - 2018-03-24 16:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2018-05-09 13:35 - 2018-03-24 16:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2018-05-09 13:35 - 2018-03-24 16:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2018-05-09 13:35 - 2018-03-24 15:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2018-05-09 13:35 - 2018-03-24 15:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2018-05-09 13:35 - 2018-03-15 23:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2018-05-09 13:35 - 2018-03-10 21:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2018-05-09 13:35 - 2018-03-10 20:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2018-05-09 13:35 - 2018-03-10 18:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys

2018-05-09 13:35 - 2018-03-10 18:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2018-05-09 13:35 - 2018-03-10 18:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2018-05-09 13:35 - 2018-03-10 18:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2018-05-09 13:35 - 2018-03-10 17:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll

2018-05-09 13:35 - 2018-03-10 17:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2018-05-09 13:35 - 2018-03-10 17:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll

2018-05-09 13:35 - 2018-03-10 17:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2018-05-09 13:35 - 2018-03-10 17:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2018-05-09 13:35 - 2018-03-10 17:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2018-05-09 13:35 - 2018-03-10 17:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2018-05-09 13:35 - 2018-03-10 17:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2018-05-09 13:35 - 2018-03-10 17:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2018-05-09 13:35 - 2018-03-10 17:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2018-05-09 13:35 - 2018-03-10 17:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll

2018-05-09 13:35 - 2018-03-10 17:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2018-05-09 13:35 - 2018-03-10 17:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2018-05-09 13:35 - 2018-03-10 17:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2018-05-09 13:35 - 2018-03-10 17:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2018-05-09 13:35 - 2018-03-09 19:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys

2018-05-09 13:35 - 2018-03-03 17:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll

2018-05-09 13:35 - 2018-03-03 17:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll

2018-05-09 13:35 - 2018-03-03 17:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll

2018-05-09 13:35 - 2018-03-03 17:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll

2018-05-09 13:35 - 2018-03-03 17:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll

2018-05-09 13:35 - 2018-03-03 17:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll

2018-05-09 13:35 - 2018-02-14 22:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2018-05-09 13:35 - 2018-02-14 15:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-07 19:18 - 2016-07-09 11:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\TS3Client

2018-06-07 18:56 - 2016-07-09 00:56 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1719391309-1542172637-2612288240-1001

2018-06-07 18:55 - 2014-03-18 16:26 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI

2018-06-07 18:55 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf

2018-06-07 18:53 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA

2018-06-07 18:52 - 2018-03-25 10:07 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\steelseries-engine-3-client

2018-06-07 18:49 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2018-06-07 18:45 - 2016-07-10 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3 Launcher

2018-06-07 18:06 - 2016-10-09 21:54 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\obs-studio

2018-06-07 18:06 - 2016-07-10 11:41 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3

2018-06-07 18:02 - 2016-07-09 13:51 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\vlc

2018-06-07 17:41 - 2016-07-09 00:53 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5300C48B-BF93-4A18-917D-7F8F63F8C0CE}

2018-06-07 14:24 - 2016-07-09 13:11 - 000000000 ____D C:\Users\Jamie\AppData\Local\Spotify

2018-06-07 14:24 - 2016-07-09 13:09 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Spotify

2018-06-06 21:32 - 2016-07-09 10:58 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2018-06-06 11:29 - 2018-03-10 11:17 - 000000000 ___RD C:\Users\Jamie\Creative Cloud Files

2018-06-06 11:29 - 2016-07-22 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Local\Adobe

2018-06-05 18:45 - 2016-07-16 14:05 - 000000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps

2018-06-05 15:32 - 2013-08-22 15:44 - 000457512 _____ C:\Windows\system32\FNTCACHE.DAT

2018-06-05 15:32 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI

2018-06-05 00:50 - 2018-03-30 18:01 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\NordVPN

2018-06-04 11:01 - 2018-03-21 14:39 - 000000000 ____D C:\Program Files\Malwarebytes

2018-06-04 11:01 - 2017-01-09 17:50 - 000000000 ____D C:\ProgramData\Malwarebytes

2018-06-02 02:28 - 2016-07-09 00:50 - 000000000 ____D C:\Users\Jamie

2018-06-02 02:24 - 2016-07-09 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Skype

2018-06-01 20:42 - 2016-12-10 22:45 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Mozilla

2018-06-01 13:42 - 2017-06-22 15:06 - 000000000 ____D C:\Program Files\CCleaner

2018-06-01 12:52 - 2016-07-22 16:50 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\discord

2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps

2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness

2018-05-24 17:19 - 2016-07-09 01:50 - 000000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA

2018-05-24 17:14 - 2018-03-04 14:22 - 000000000 ____D C:\temp

2018-05-24 17:14 - 2016-07-09 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2018-05-24 17:14 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation

2018-05-23 19:24 - 2016-07-09 10:41 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll

2018-05-23 19:23 - 2016-07-09 10:41 - 023298544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2018-05-23 19:22 - 2017-10-25 18:41 - 015691136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2018-05-23 19:22 - 2016-10-21 16:59 - 000505736 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2018-05-23 19:22 - 2016-07-09 10:41 - 020323544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2018-05-23 19:22 - 2016-07-09 10:41 - 004613408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2018-05-23 19:22 - 2016-07-09 10:41 - 004081624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2018-05-22 22:52 - 2015-11-10 02:48 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2018-05-22 22:52 - 2015-11-10 01:13 - 000041598 _____ C:\Windows\system32\nvinfo.pb

2018-05-22 20:58 - 2016-07-09 01:32 - 002612520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2018-05-22 20:57 - 2016-07-09 10:42 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll

2018-05-22 20:57 - 2016-07-09 10:42 - 000083240 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll

2018-05-22 20:57 - 2016-07-09 01:32 - 005947328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2018-05-22 20:57 - 2016-07-09 01:32 - 001767360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll

2018-05-22 20:57 - 2016-07-09 01:32 - 000450960 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2018-05-22 20:57 - 2016-07-09 01:32 - 000124200 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2018-05-22 07:43 - 2016-07-09 01:32 - 008186102 _____ C:\Windows\system32\nvcoproc.bin

2018-05-18 20:07 - 2016-07-09 01:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation

2018-05-18 16:25 - 2016-07-09 10:57 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2018-05-18 16:25 - 2016-07-09 10:57 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\ProgramData\Razer

2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\Program Files (x86)\Razer

2018-05-14 19:09 - 2016-07-09 11:16 - 000000000 ____D C:\Users\Jamie\AppData\Local\Razer

2018-05-14 19:07 - 2017-11-26 21:02 - 000000000 ____D C:\Users\Jamie\AppData\Local\LogMeIn Hamachi

2018-05-14 17:01 - 2017-10-25 17:44 - 000001951 _____ C:\Windows\NvContainerRecovery.bat

2018-05-11 20:05 - 2017-12-08 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS

2018-05-10 18:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache

2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\en-GB

2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\en-GB

2018-05-09 16:03 - 2016-07-17 13:38 - 000000000 ____D C:\Users\Jamie\.junique

2018-05-09 13:41 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp

2018-05-09 13:40 - 2016-07-10 05:15 - 000000000 ____D C:\Windows\system32\MRT

2018-05-09 13:38 - 2017-10-11 14:34 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe

2018-05-09 13:38 - 2016-07-10 05:15 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

2018-05-08 22:25 - 2016-07-09 01:32 - 000551680 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2018-05-08 22:25 - 2016-07-09 01:32 - 000456792 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

==================== Files in the root of some directories =======

2018-02-22 18:24 - 2018-04-29 12:18 - 000000033 _____ () C:\Users\Jamie\AppData\Roaming\AdobeWLCMCache.dat

2016-10-20 21:22 - 2017-02-12 00:45 - 000000301 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Login.ini

2016-07-09 19:08 - 2017-02-12 01:50 - 000001427 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Options.ini

2016-11-08 00:45 - 2016-11-08 00:45 - 000000054 _____ () C:\Users\Jamie\AppData\Roaming\updater.cfg

2018-01-05 20:42 - 2018-01-05 20:42 - 000000600 _____ () C:\Users\Jamie\AppData\Roaming\winscp.rnd

2017-07-20 10:14 - 2017-09-28 18:36 - 000001456 _____ () C:\Users\Jamie\AppData\Local\Adobe Save for Web 13.0 Prefs

2017-12-27 19:55 - 2017-12-27 19:55 - 000000600 _____ () C:\Users\Jamie\AppData\Local\PUTTY.RND

2016-07-09 21:05 - 2016-07-09 21:05 - 000007605 _____ () C:\Users\Jamie\AppData\Local\Resmon.ResmonCfg

2016-07-10 23:42 - 2016-07-10 23:42 - 000000003 _____ () C:\Users\Jamie\AppData\Local\updater.log

2016-07-10 23:42 - 2016-08-06 11:31 - 000000424 _____ () C:\Users\Jamie\AppData\Local\UserProducts.xml

Some files in TEMP:

====================

2018-06-05 18:45 - 2018-06-05 18:45 - 000000000 _____ () C:\Users\Jamie\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll

2018-06-05 18:45 - 2018-06-05 18:45 - 000000017 _____ () C:\Users\Jamie\AppData\Local\Temp\df56b456466e87efef47cf1a2c9e2082.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-06-02 18:55

==================== End of FRST.txt ============================

Addition:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01

Ran by Jamie (07-06-2018 19:27:30)

Running from D:\Users\Jamie\Desktop

Windows 8.1 (Update) (X64) (2016-07-08 23:50:55)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1719391309-1542172637-2612288240-500 - Administrator - Disabled)

Guest (S-1-5-21-1719391309-1542172637-2612288240-501 - Limited - Disabled)

Jamie (S-1-5-21-1719391309-1542172637-2612288240-1001 - Administrator - Enabled) => C:\Users\Jamie

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)

Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)

Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)

Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)

ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)

AutoHotkey 1.1.24.02 (HKLM\...\AutoHotkey) (Version: 1.1.24.02 - Lexikos)

Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)

Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)

Bitdefender Parental Advisor (HKLM\...\Bitdefender Parental Advisor) (Version: 1.2.0.291 - Bitdefender)

Breaking Point (HKLM-x32\...\{D94AC775-62AF-4630-8292-7EB26691AAAE}) (Version: 5.0.2.9 - The Zombie Infection) Hidden

Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)

CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)

Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Discord (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)

DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden

Epic Games Launcher (HKLM-x32\...\{213B426C-5317-4F2D-8395-AC04B70711C4}) (Version: 1.1.133.0 - Epic Games, Inc.)

Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden

Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)

Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)

Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)

Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel® Corporation) Hidden

Intel® Driver Update Utility 2.6 (HKLM-x32\...\{2B710CA5-99F0-4D29-962C-29A7CFF7A989}) (Version: 2.6.0.32 - Intel) Hidden

Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)

Intel® Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel)

Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)

Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)

Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)

Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Kodi (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Kodi) (Version: - XBMC-Foundation)

Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden

Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)

Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.)

Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden

Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)

Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)

Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)

Mozilla Firefox 59.0.3 (x64 en-US) (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)

MultiBit Classic 0.5.19 (HKLM\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)

MultiBit HD 0.3.0 (HKLM\...\6925-4794-5772-4956) (Version: 0.3.0 - Bitcoin Solutions Ltd)

NordVPN (HKLM-x32\...\{7296DD91-4FC7-47BB-B211-912D9E980FC7}) (Version: 6.13.13 - NordVPN) Hidden

NordVPN (HKLM-x32\...\NordVPN 6.13.13) (Version: 6.13.13 - NordVPN)

NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)

NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)

NVIDIA Miracast Virtual Audio 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 397.93 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)

OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.0 - OBS Project)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )

OpenVPN 2.3.11-I601 (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - )

Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)

PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - )

Pidgin (HKLM-x32\...\Pidgin) (Version: 2.11.0 - )

pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)

Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden

Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== ATTENTION

Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)

PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)

Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - )

Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.19.529 - Razer Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8279 - Realtek Semiconductor Corp.)

Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)

Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)

Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)

SOLIDWORKS 2017 SP02 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.120.52 - Dassault Systemes SolidWorks Corp) Hidden

SOLIDWORKS 2017 SP02 (HKLM-x32\...\SolidWorks Installation Manager 20170-40200-1100-100) (Version: 25.2.0.52 - SolidWorks Corporation)

SOLIDWORKS Composer Player 2017 SP02 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden

SOLIDWORKS eDrawings 2017 SP02 (HKLM\...\{061157FB-631D-480A-B8AB-529E455BA74D}) (Version: 17.2.0029 - Dassault Systèmes SolidWorks Corp) Hidden

Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)

Spotify (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

SteelSeries Engine 3.12.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.4 - SteelSeries ApS)

Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)

TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)

TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)

TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)

UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden

Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)

VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)

WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)

XAMPP (HKLM-x32\...\xampp) (Version: 7.1.11-0 - Bitnami)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {06763BA6-162A-4D87-8ED8-08B3878D28B4} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)

Task: {0C13D476-921D-4F35-9512-5C4315087486} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)

Task: {0F2E34F7-DF67-4931-8180-94601F02A3E7} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)

Task: {23662676-604F-4CE4-AE7C-D00D52DFEA81} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)

Task: {26E992B5-1ABB-4578-BAB9-03F714E64610} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)

Task: {35386CF1-51D3-4CDB-AAE6-E4A831819BF8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)

Task: {45D3124E-E400-4CB6-8A58-771FA7E08BE9} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)

Task: {4A5586B0-A962-47A2-A999-59841DB478AB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)

Task: {58BBA558-2959-42FC-9902-821282282918} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)

Task: {6835F2CF-3C45-49FD-9B8C-1E2CB6649452} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)

Task: {7259BD5C-A376-44C6-B17D-45C607A736F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)

Task: {74BFFE8C-382B-4AC2-A021-B884EDAA936A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)

Task: {7893E9C3-9133-4D20-B35F-91A3976B8694} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)

Task: {7A55D264-0586-4C00-90D4-19FA9260642D} - System32\Tasks\AdobeGCInvoker-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)

Task: {8DB43842-0A6D-4138-85EE-E5847D9178EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)

Task: {9156EE9B-FB63-45B3-A21B-97226934652A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)

Task: {A09EF7C6-A025-4B84-B569-C478EAC89AB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)

Task: {AFACBA89-BFF1-4157-B006-B56889770DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)

Task: {BB55845E-C171-498D-A155-3C76D1EE5A30} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)

Task: {BDF43C40-AA3C-45A7-B70C-D9C32D8BBC42} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"

Task: {BFE19B39-EC2B-4708-8BE6-D9322CE361E1} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)

Task: {C47A6178-DF6F-4CBE-8183-97FBBE719CB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)

Task: {C945DA90-4C5E-4A02-B1E1-43D03C942852} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)

Task: {CED85B6F-3F79-4416-B0AC-6EBE301C9D99} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe [2018-06-07] (AVAST Software)

Task: {FB746247-9F64-46DD-A92C-E8D3D4E07A99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2018-05-08 16:29 - 2018-05-08 16:29 - 000992704 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpbr.mdl

2018-05-08 16:29 - 2018-05-08 16:29 - 000543344 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpdsp.mdl

2018-05-08 16:29 - 2018-05-08 16:29 - 003639000 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpf.mdl

2018-05-08 16:29 - 2018-05-08 16:29 - 001527808 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttprbl.mdl

2018-05-02 12:49 - 2018-05-02 12:49 - 000430840 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe

2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll

2017-10-25 17:44 - 2018-03-14 14:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll

2018-03-14 20:13 - 2018-03-14 20:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe

2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe

2018-06-04 11:01 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll

2018-05-07 08:33 - 2018-05-07 08:33 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll

2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll

2018-05-07 08:33 - 2018-05-07 08:33 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll

2018-03-22 21:59 - 2018-03-14 14:04 - 000019904 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll

2016-07-09 11:05 - 2016-06-08 18:07 - 000458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe

2016-07-09 11:05 - 2016-06-08 18:18 - 000709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll

2016-07-09 11:05 - 2016-06-08 18:17 - 000188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll

2017-02-04 02:43 - 2017-02-04 02:43 - 000272280 _____ () D:\Program Files\SOLIDWORKS\sldBodyDiffu.dll

2016-06-23 12:02 - 2018-02-17 22:07 - 000174744 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll

2017-01-12 17:35 - 2018-02-17 22:07 - 000020632 _____ () D:\Program Files\TeamSpeak 3 Client\libEGL.DLL

2017-01-12 17:35 - 2018-02-17 22:07 - 001981592 _____ () D:\Program Files\TeamSpeak 3 Client\libGLESv2.dll

2016-06-23 12:02 - 2018-02-17 22:07 - 000125592 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll

2016-06-23 12:02 - 2018-02-17 22:07 - 000150680 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll

2017-02-15 13:21 - 2017-02-15 13:21 - 000134144 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll

2017-01-12 17:35 - 2017-10-20 19:26 - 006282240 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll

2017-01-12 17:35 - 2016-11-09 19:09 - 000263680 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll

2017-01-12 17:35 - 2018-06-02 14:36 - 004021248 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll

2017-01-12 17:35 - 2017-02-16 20:19 - 000479744 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\soundboard.dll

2017-03-24 17:10 - 2017-07-21 13:03 - 000345880 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll

2018-03-23 21:38 - 2018-06-06 22:52 - 005680568 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe

2016-07-09 11:05 - 2016-06-08 18:12 - 000416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe

2016-07-09 11:05 - 2016-06-08 18:15 - 000130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll

2016-07-09 11:05 - 2016-06-08 18:16 - 000025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll

2016-07-09 11:05 - 2016-06-08 18:16 - 000059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll

2016-07-09 11:05 - 2016-06-08 18:16 - 000194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll

2016-07-09 11:05 - 2016-06-08 18:17 - 000159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll

2016-07-09 11:05 - 2016-06-08 18:17 - 000158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll

2016-07-09 11:05 - 2016-06-08 18:16 - 000050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll

2016-07-09 11:05 - 2016-06-08 18:15 - 000032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll

2018-06-06 21:32 - 2018-06-06 02:25 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libglesv2.dll

2018-06-06 21:32 - 2018-06-06 02:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libegl.dll

2016-10-07 13:18 - 2016-10-07 13:18 - 005971056 _____ () D:\Program Files\Sublime Text 3\sublime_text.exe

2016-10-07 13:18 - 2016-10-07 13:18 - 000672768 _____ () D:\Program Files\Sublime Text 3\plugin_host.exe

2018-04-25 12:08 - 2018-04-25 12:08 - 000254464 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll

2017-10-25 17:44 - 2018-03-14 14:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

2017-10-25 17:45 - 2018-03-14 14:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll

2018-02-26 20:03 - 2018-03-14 14:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll

2018-02-26 20:03 - 2018-03-14 14:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll

2018-03-22 21:59 - 2018-03-14 14:05 - 000019904 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll

2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\SDL2.dll

2016-10-14 08:48 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll

2018-06-02 11:27 - 2018-06-01 20:02 - 002632480 _____ () D:\Program Files (x86)\Steam\video.dll

2016-10-14 08:48 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll

2016-10-14 08:48 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll

2018-03-21 21:50 - 2017-12-20 02:43 - 005137696 _____ () D:\Program Files (x86)\Steam\libavcodec-57.dll

2018-03-21 21:50 - 2017-12-20 02:43 - 000695584 _____ () D:\Program Files (x86)\Steam\libavformat-57.dll

2018-03-21 21:50 - 2017-12-20 02:43 - 000351520 _____ () D:\Program Files (x86)\Steam\libavresample-3.dll

2018-03-21 21:50 - 2017-12-20 02:43 - 000847136 _____ () D:\Program Files (x86)\Steam\libavutil-55.dll

2018-03-21 21:50 - 2017-12-20 02:43 - 000783648 _____ () D:\Program Files (x86)\Steam\libswscale-4.dll

2018-06-02 11:27 - 2018-06-01 20:02 - 000979744 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL

2016-10-14 08:48 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll

2018-05-01 18:14 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\ffmpeg.dll

2018-05-01 18:14 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libglesv2.dll

2018-05-01 18:14 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libegl.dll

2016-03-23 11:04 - 2016-03-23 11:04 - 000091136 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll

2016-03-23 11:02 - 2016-03-23 11:02 - 000224256 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll

2016-03-23 11:02 - 2016-03-23 11:02 - 000200704 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll

2018-05-02 13:31 - 2018-05-23 13:54 - 009820504 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node

2018-05-02 13:31 - 2018-05-02 13:31 - 001530712 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node

2018-05-02 13:31 - 2018-05-02 13:31 - 000512856 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node

2018-05-02 13:31 - 2018-05-03 07:46 - 001578840 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node

2018-05-02 13:31 - 2018-05-02 13:31 - 002722648 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node

2018-05-02 13:31 - 2018-05-02 13:31 - 002760536 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node

2018-05-02 13:31 - 2018-05-02 13:31 - 001249112 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node

2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll

2018-05-17 18:02 - 2018-05-14 20:39 - 083524384 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll

2016-10-14 08:48 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll

2018-05-17 18:02 - 2018-05-14 20:39 - 002253600 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll

2018-05-17 18:02 - 2018-05-14 20:39 - 000109856 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll

2016-03-16 01:54 - 2016-03-16 01:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Public\AppData:CSM [472]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2017-10-25 17:29 - 000000002 _____ C:\Windows\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 8.8.8.8 - 8.8.4.4

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)

Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "OBS Studio.lnk"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Razer Synapse"

HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "BlueStacks Agent"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "SandboxieControl"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "EADM"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NetBalancer"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NordVPN"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{43280E25-5FDA-4220-A4AE-5002A736D28B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B004BAD1-39D2-44EB-B190-2075321C648C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{FB9ED71A-662C-455F-87E9-0A790C95A5EC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{37271229-BE7A-47BC-BFB4-8C54924854FF}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [TCP Query User{05F9763A-ED1A-4A80-9C2E-0F779D2D7450}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{F3BF32E7-1337-46D7-89C5-72D92A81628D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [{B7E95E14-D16D-46B5-8867-574F60FA4F27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{234A17CE-C1FC-40E0-B9C2-8D307AEE884E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

FirewallRules: [{0EF71D9A-6EBD-4FB3-B8AF-6213F01C9E46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{EE668382-30B4-4F1B-A1AF-8C150FDF1865}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{798A58B1-B109-4ADD-8381-426C0FBD0E7E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe

FirewallRules: [{245F0650-001A-4902-9819-648CD12269EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe

FirewallRules: [{D78D9F29-C391-4F4D-B44C-EB43EAD3BBF9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe

FirewallRules: [{A1BEA2B7-CE10-4D6E-998D-BC5D4F4C7834}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe

FirewallRules: [{4D20DBF2-0C1E-432E-AC59-DAEBB9F28C6C}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{68AD369D-B8A4-494F-83AA-1926FA3263D0}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [TCP Query User{AD5458E8-667C-458E-9FF4-2EB84ABF8C42}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe

FirewallRules: [UDP Query User{12590890-1217-4AA1-A426-BD3B1C29EA3E}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe

FirewallRules: [TCP Query User{5E966F72-502D-4C81-954D-A28DC77BE3F0}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe

FirewallRules: [UDP Query User{EB1D1430-426B-4945-A818-02E532AE9977}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe

FirewallRules: [TCP Query User{4F823053-4909-4AB2-9291-BD68248ADF32}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{3A0DA01A-C88E-4EEE-A304-3B115F5AA62E}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe

FirewallRules: [{094A09AB-4776-424C-A2E2-C232E04F7705}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe

FirewallRules: [{1221CC45-8FA2-471E-9947-9E0C2BFF8D9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe

FirewallRules: [{75EA8C07-E02B-42B2-859D-2A041D76B6D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{EDEBF04E-4D77-4140-9642-0F8F955531FF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe

FirewallRules: [{ADD96FA6-B2C5-4E0A-8489-756CD795492C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe

FirewallRules: [{51905D0F-9C42-4DA6-A34E-896A36FEA620}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe

FirewallRules: [{9CC85030-5885-4EAF-81BD-3B47F7F17C6E}] => (Allow) C:\Users\Jamie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [{A12C97BC-7E5A-4F0B-A47B-6B87058C1773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{2127FAC9-E30B-4FB4-BDDC-07D661F068F5}] => (Allow) LPort=2869

FirewallRules: [{E696FF9E-C112-4FF2-BF34-6A7060266C46}] => (Allow) LPort=1900

FirewallRules: [{2D3695A1-326F-4523-9C8A-25B32C2DF4EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [TCP Query User{598F6D8E-24E5-401A-84AA-05B79FC20419}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe

FirewallRules: [UDP Query User{1EAD2AF8-5037-4106-822E-74BF9CB3CED4}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe

FirewallRules: [TCP Query User{15DBF988-5F71-4099-B7B4-CCA393546DB5}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe

FirewallRules: [UDP Query User{2A8C7067-B59E-49EA-A540-10687AD386EE}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe

FirewallRules: [{C59428CB-1F85-4957-ADB6-F8B9C42FDA22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{3D955DC0-0228-475A-8253-724E6E51F3C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [TCP Query User{45E440E8-F608-4CF0-939B-62A2569FB968}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [UDP Query User{CA3EA36B-DBD2-4096-BD8E-7DC75DF0D7A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [{CDA5438B-5EBF-4CD0-8035-D806C3F6617A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe

FirewallRules: [{1D8DD10C-926F-41E7-B2E7-9F796956ECEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe

FirewallRules: [{5D70229B-081B-4E3F-9F6B-F3A85EA32D15}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe

FirewallRules: [{04DD16C0-B189-4C7A-A05A-9C79D0A1B256}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe

FirewallRules: [{35D6B5A8-BBC8-4BB4-8437-C37302CFE7DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe

FirewallRules: [{3AC0E794-A4BB-4258-8A73-9AAA95B7BCFB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe

FirewallRules: [{221061C7-8755-4DEF-8822-67CA3FE03698}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe

FirewallRules: [{31D892F4-9BBD-45B4-B1F1-DFBD1DE1BD3E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe

FirewallRules: [{CAEB01B5-C51A-461B-A739-C6AC5AB00FB8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{6DBADAEC-90BF-4150-9699-A1ACE2670A65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

FirewallRules: [{65BCB92C-B7A7-40AB-B562-618EAB4B0A7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{EF547CEC-C447-49E3-9CD4-1389A4015C2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{3A85E5E7-F1BB-4852-ABDF-C9C041DEC30D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

FirewallRules: [{3EAF9153-995F-4A07-9483-53C6687072DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{66108248-7899-4FA5-9652-D0A501EA97D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{735D853C-757E-4787-A993-DB3669620016}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe

FirewallRules: [UDP Query User{39BF3FC7-1DB0-4AAF-946E-062467332DA7}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe

FirewallRules: [TCP Query User{3D306803-4323-4135-B7AB-1A884466D43D}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe

FirewallRules: [UDP Query User{6272F8B5-5F4F-49A3-A028-7F2D061D22CA}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe

FirewallRules: [TCP Query User{B48D565B-1064-4A1E-B333-4F807DA52358}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [UDP Query User{ACDD4940-14C5-4278-B928-392B3C2497B6}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [TCP Query User{716510F5-2508-4E63-B021-D8FAB54E4A5E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [UDP Query User{8A6DE1DC-7909-45AB-94DD-57F285AC9C7A}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [{213D75CB-C013-4ECF-BA3E-11B2401C297B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{4C95CAF3-85C6-4037-B23F-567A834C79FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{3493E0EA-612A-465C-99FA-1F7FF368B1DD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{BF2208F8-467B-4B5D-B728-6F4D65D12F35}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe

FirewallRules: [{97BBEDEF-967C-4D34-B438-D9971445F5AC}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{5B116891-FCD2-4BEA-A423-C0E475A24859}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

FirewallRules: [{F1D6B41D-31AB-4D7B-B7D8-56D468FE1E35}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe

FirewallRules: [{361D7308-9B4B-4728-8920-C023FB8D020A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe

FirewallRules: [{0525ABC2-2A74-4AF9-9A48-D7ABDEA9620A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe

FirewallRules: [{033CE73D-8BA2-4C62-96F7-1FE59B88B3BB}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe

FirewallRules: [{828E9277-E9B4-44FD-9688-53005615BAA0}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe

FirewallRules: [{E1920F54-4271-4054-88D8-985EA69CD803}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe

FirewallRules: [{5A5B3439-AB38-4242-B4C9-8457B117B963}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{63F895A9-84B3-450E-943E-D7D51B2848F4}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{14A970D5-009F-4E35-9A24-A8380BE6568C}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{A8888945-DFBA-4060-9078-E193C4EF79EA}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{4331BA20-7EEB-41DF-A634-205837C07376}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{781F9E07-A98C-40E0-814B-317021B7FEB1}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [TCP Query User{5DC4ACA9-1514-48D3-A39B-EB021E81B9D0}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [UDP Query User{857A0648-8909-478B-ABC6-173A334FC21C}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [TCP Query User{FE480A42-72FA-4680-A346-09753A5D8E1B}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe

FirewallRules: [UDP Query User{4C723CC6-37AE-496C-806A-D71D07B0F531}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe

FirewallRules: [TCP Query User{004115AC-3B0C-493C-B576-C89D3A280AFF}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [UDP Query User{BF18A62D-0753-43EA-885C-1E5671905617}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [TCP Query User{D125098A-D45E-4A54-A218-8D9CDFF31E78}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe

FirewallRules: [UDP Query User{A8217E94-A114-4015-B913-609ED4AC54D9}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe

FirewallRules: [TCP Query User{C85FFB54-1D5A-4D33-ABF6-2BE90B03AA04}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe

FirewallRules: [UDP Query User{49284333-C5FE-43C9-B509-3530F0DFCBF3}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe

FirewallRules: [TCP Query User{20514E74-B1ED-4E12-B373-D9D65809E67E}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe

FirewallRules: [UDP Query User{083B28D4-19AD-4706-96C1-6281CE1CF523}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe

FirewallRules: [TCP Query User{C9BFA25B-EB89-49B1-809E-7EC8B093BD8E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [UDP Query User{0D38522F-6E81-42C7-B8DF-09AD3ABA1986}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe

FirewallRules: [TCP Query User{D188A311-7968-454B-B336-59DFA84F89B4}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe

FirewallRules: [UDP Query User{EAB7083F-9E7A-42FA-99F1-30ACC6B4E114}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe

FirewallRules: [{092F6539-E3A1-4160-A8CC-8FF1B73F4787}] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe

FirewallRules: [{629124B9-D933-47CC-9F19-146EC4B85BB0}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe

FirewallRules: [{C873AF50-7F01-49B7-A231-51F945298243}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe

FirewallRules: [{B1921B5F-529F-47C9-8FB8-07C9A0923695}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe

FirewallRules: [{882CB9CF-6B7F-461C-9F39-688B4FFD3C4D}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe

FirewallRules: [TCP Query User{066E391E-7B51-4A71-B1CF-D8A00967F0A8}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe

FirewallRules: [UDP Query User{F82AFCEE-4BC0-4018-998E-7CAEABA4E20B}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe

FirewallRules: [{BEE18A40-9D97-4ABD-B3CF-8A0B67B44C99}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe

FirewallRules: [{7BDE513E-B80B-4C92-95AE-108D37CA8078}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe

FirewallRules: [{533F98D3-5FFC-443B-A1E1-F389F63FDB20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{F8512BAC-C8C3-4803-9AA7-77BAE031BD21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{4F35148F-8003-4C70-A9FA-143CA8F942CD}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [{3E2F95E2-048C-42F1-A9D7-EC059139AF44}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe

FirewallRules: [TCP Query User{488A0425-5FE3-4C17-8BBF-D5001D835247}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [UDP Query User{82EFAD9D-999E-4D0E-B86E-D1272FB4607F}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe

FirewallRules: [TCP Query User{9DC5ED78-5D04-48D0-9FA7-EA29BF5896BE}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe

FirewallRules: [UDP Query User{2E3A6978-5338-4EF3-8911-6AAB0CAFB966}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe

FirewallRules: [TCP Query User{AE0AC452-CA04-4D70-BB2D-9E8E43835B29}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe

FirewallRules: [UDP Query User{4C481E7A-CAD8-4F15-8EE9-793A3092D017}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe

FirewallRules: [TCP Query User{7B21009D-D772-4400-A683-9E08F4FC515F}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe

FirewallRules: [UDP Query User{23FC5D17-D74C-4239-AAA8-48578A9DA88D}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe

FirewallRules: [{BB664711-245B-44BD-9817-169ECC150999}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe

FirewallRules: [{A5EC0E0E-627E-4F3F-941E-08A06536AE9C}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe

FirewallRules: [TCP Query User{230DF51C-9434-405B-BFE7-789798CCF1F6}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe

FirewallRules: [UDP Query User{A69E820D-3E7D-4328-94F5-AF0E93D30807}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe

FirewallRules: [TCP Query User{3D5F118E-1F63-449D-BB15-B9459D9088AF}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe

FirewallRules: [UDP Query User{08218CD5-D1B5-47CA-990E-FB41E8C3F3E5}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe

FirewallRules: [{22C9C27D-2849-4B43-880E-273F86214724}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe

FirewallRules: [{A6568B11-F2FE-4950-BDFA-775ABC1026BB}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe

FirewallRules: [{BB8DA272-8E7E-42CB-828A-AB67873BD5F9}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{9B97AA94-89EC-4754-B2FE-2BB3AC604DF0}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe

FirewallRules: [{FC07EE0D-77DD-4957-97D8-73C6ACE0D514}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe

FirewallRules: [{1DFFB3ED-B4EF-423D-9F1B-8EAFF89386A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe

FirewallRules: [{802848D8-4719-401B-957D-5F4429A42998}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe

FirewallRules: [{6A3CF025-CBDC-45B3-827E-375EF0A24E08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe

FirewallRules: [{7D366F10-ED1A-4E95-90FE-53E1E78E3E73}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe

FirewallRules: [{519D1C13-EBE4-452F-A54C-359390757C6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe

FirewallRules: [{CAE475F6-34DF-433D-A607-A44620F17A56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe

FirewallRules: [{FBDD785F-AE5E-4A80-AE91-FAB8BF3481E6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe

FirewallRules: [TCP Query User{E90F7430-8330-48ED-A7A8-2B31A18F9F92}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [UDP Query User{6348B783-2B4C-484C-BB83-4A31586DABAC}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe

FirewallRules: [TCP Query User{FF9C7F6B-C58E-4FB4-897D-9FCBE3C7B58C}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [UDP Query User{B0117A2E-2EC7-4F22-A292-0E9EF3C3EA5B}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe

FirewallRules: [TCP Query User{9B1C6C9E-F85E-4305-92D1-B82D31AB1C37}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe

FirewallRules: [UDP Query User{16E14B08-9E63-401C-8106-44DF17D6F517}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe

FirewallRules: [{A254CEB6-7F57-4F5B-815B-CBE0B376B360}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe

FirewallRules: [{15C4A018-F9C8-4920-9DD9-41E732A536DA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe

FirewallRules: [{93530B40-F7F8-4673-9A39-3C0A4785BDBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{85B192EF-23F1-4D7A-8B79-F175E276EA8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

FirewallRules: [{782DF227-C230-4394-AE52-6BC12ED79DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [{AD490B2E-6603-4F57-80AC-8B32A46D6B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

FirewallRules: [TCP Query User{7724A776-72CB-43C0-AB77-725C8CFA6FF6}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe

FirewallRules: [UDP Query User{857D1CBC-2297-46A5-A9EC-C8E9C64F39B5}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe

FirewallRules: [TCP Query User{3D890B6B-C098-45BF-B0CB-994EA0924A8B}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe

FirewallRules: [UDP Query User{548E0E4D-B0B3-4091-81BD-9F62BA1E496D}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe

FirewallRules: [{83BD2FE1-1838-4BFF-BA4B-6C3B9AA02FC0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{38B7AE44-B970-4525-B439-0F1D6DF67815}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

FirewallRules: [{3CCB8C94-599E-4EC2-AE03-CB480A062217}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe

FirewallRules: [{B9272BE8-E732-48F9-8E52-D29CBB577567}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe

FirewallRules: [TCP Query User{087F2CE9-4B88-4E24-BF3A-AAD5513ECBEF}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe

FirewallRules: [UDP Query User{FBADBFA1-70CF-4295-BDA1-58F2F4D45A73}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe

FirewallRules: [TCP Query User{5659484D-2477-4881-B1A6-3EA36BE1467C}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe

FirewallRules: [UDP Query User{7443F57F-6C6D-4B79-AB68-8A31F40B0D46}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe

FirewallRules: [{8CAE3CF9-DC6A-4625-8C81-4F3DF424D88D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

FirewallRules: [{8EF54A42-A0D6-4264-85E7-95BEF4D9F30A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

FirewallRules: [TCP Query User{F0728078-5C09-40F4-AF8C-97279CBAF06B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [UDP Query User{615C2929-2C6B-4C17-840B-F94C0DB03646}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe

FirewallRules: [{B7771F36-2733-4AD5-B20F-D700150A3DF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

05-06-2018 15:30:41 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501

05-06-2018 15:30:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501

07-06-2018 18:50:42 Installed DirectX

==================== Faulty Device Manager Devices =============

Name: 690LC

Description: 690LC

Class Guid:

Manufacturer:

Service:

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (06/07/2018 01:11:36 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)

Description: There was an error with the Windows Location Provider database

Error: (06/06/2018 02:23:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )

Description: The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)

Error: (06/05/2018 06:45:05 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: obs64.exe, version: 0.0.0.0, time stamp: 0x59f0e828

Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f83ff

Exception code: 0xc0000409

Fault offset: 0x0000000000074a30

Faulting process ID: 0x23e8

Faulting application start time: 0x01d3fceb254a4461

Faulting application path: D:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe

Faulting module path: C:\Windows\SYSTEM32\MSVCR120.dll

Report ID: 2d8ec43f-68e8-11e8-82e6-d8cb8a318c74

Faulting package full name:

Faulting package-relative application ID:

Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed

System Error:

The system cannot find the file specified.

Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed

System Error:

The system cannot find the file specified.

Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary aswVmm.

System Error:

The system cannot find the file specified.

Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary aswSP.

System Error:

The system cannot find the file specified.

Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.

System Error:

The system cannot find the file specified.

System errors:

=============

Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Origin Web Helper Service service failed to start due to the following error:

The service did not respond to the start or control request in a timely fashion.

Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.

Error: (06/07/2018 02:29:52 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (06/07/2018 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/07/2018 01:31:55 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/07/2018 01:31:25 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (06/07/2018 12:52:18 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (06/07/2018 12:51:48 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)

Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Windows Defender:

===================================

Date: 2018-06-07 13:33:34.511

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {E1E9627E-9B81-4485-9E04-F36C034C0793}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2018-06-07 12:52:53.570

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {A034E8E0-854F-402D-8094-A62F4F15FF67}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2018-06-07 11:55:07.593

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {12E137EC-33E8-425C-88A6-8529A170699F}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2018-06-06 02:24:51.012

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {05B6D9DD-AB67-4C2B-9794-FFEC9A446119}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2018-06-05 17:56:40.524

Description:

Windows Defender scan has been stopped before completion.

Scan ID: {23D42202-8E83-45E2-9F92-3E6240085120}

Scan Type: Antimalware

Scan Parameters: Quick Scan

Date: 2018-06-01 10:32:10.520

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.269.148.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.14901.4

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-06-01 10:32:10.520

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.269.148.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.14901.4

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-06-01 10:32:10.520

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.269.148.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.14901.4

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-04-12 16:34:08.834

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.265.515.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.14700.5

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-04-12 16:34:08.834

Description:

Windows Defender has encountered an error trying to update signatures.

New Signature Version:

Previous Signature Version: 1.265.515.0

Update Source: Microsoft Update Server

Signature Type: AntiVirus

Update Type: Full

Current Engine Version:

Previous Engine Version: 1.1.14700.5

Error code: 0x80240016

Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz

Percentage of memory in use: 25%

Total physical RAM: 16279.26 MB

Available physical RAM: 12134.22 MB

Total Virtual: 20887.26 MB

Available Virtual: 15866.49 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.37 GB) (Free:57.59 GB) NTFS

Drive d: () (Fixed) (Total:931.39 GB) (Free:426.73 GB) NTFS

\\?\Volume{3fad585b-9665-4141-80f4-c6d4b5b1ed84}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================

Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

#2
RKinner

Posted 08 June 2018 - 02:54 PM

Malware Expert

Expert
24,624 posts

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Copy the next 2 lines:

TASKLIST /SVC > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open. Copy and paste the text from notepad into a reply.

Get the free version of Speccy:

http://www.filehippo...ownload_speccy/

(Look in the upper right for the Download
Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. Attaching the log is the best option as it is too big for the forum. Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it. Point it at the file and hit Open.
Now click on Attach this file.

#3
Betrayed

Posted 08 June 2018 - 03:05 PM

Member

Topic Starter
Member
119 posts

Process   CPU   Private Bytes   Working Set   PID   Description   Company Name   Verified Signer
System Idle Process   93.17   0 K   4 K   0
nvcontainer.exe   1.11   176,476 K   173,112 K   9724   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
ts3client_win64.exe   0.95   164,708 K   201,676 K   616   TeamSpeak 3 Client   TeamSpeak Systems GmbH   (Verified) TeamSpeak Systems GmbH
CorsairHID.exe   0.90   50,956 K   113,168 K   3656   Corsair Utility Engine   Corsair Components, Inc.   (Verified) Corsair Components
procexp64.exe   0.75   40,896 K   67,504 K   9800   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
Steam.exe   0.68   101,672 K   205,172 K   8488   Steam Client Bootstrapper   Valve Corporation   (Verified) Valve
Interrupts   0.47   0 K   0 K   n/a   Hardware Interrupts and DPCs
MsMpEng.exe   0.28   191,984 K   270,912 K   4876   Antimalware Service Executable   Microsoft Corporation   (Verified) Microsoft Corporation
audiodg.exe   0.26   26,972 K   29,004 K   4176   Windows Audio Device Graph Isolation    Microsoft Corporation   (Verified) Microsoft Windows
dwm.exe   0.23   55,480 K   97,764 K   9492   Desktop Window Manager   Microsoft Corporation   (Verified) Microsoft Windows
Discord.exe   0.21   127,488 K   279,260 K   6536   Discord   Discord Inc.   (Verified) Discord Inc.
System   0.19   764 K   1,372 K   4
csrss.exe   0.12   3,176 K   56,016 K   9188   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
nordvpn-service.exe   0.11   39,324 K   149,364 K   2024   nordvpn-service       (Verified) Datasec Holding Ltd.
esrv_svc.exe   0.07   15,892 K   36,204 K   9996   Intel® System Usage Report       (Verified) Intel® Software Development Products
NVIDIA Share.exe   0.06   94,068 K   197,676 K   7248   NVIDIA Share   NVIDIA Corporation   (Verified) NVIDIA Corporation
Rainmeter.exe   0.05   7,132 K   71,976 K   6416   Rainmeter desktop customization tool   Rainmeter   (Verified) Open Source Developer
explorer.exe   0.05   105,956 K   302,348 K   8392   Windows Explorer   Microsoft Corporation   (Verified) Microsoft Windows
Discord.exe   0.05   34,688 K   140,428 K   3200   Discord   Discord Inc.   (Verified) Discord Inc.
LCore.exe   0.04   37,640 K   103,204 K   2828   Logitech Gaming Framework   Logitech Inc.   (Verified) Logitech Inc
chrome.exe   0.03   67,676 K   93,652 K   4512   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe   0.02   223,464 K   216,460 K   2432   Google Chrome   Google Inc.   (Verified) Google Inc
nvcontainer.exe   0.02   9,464 K   65,420 K   2160   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
nvcontainer.exe   0.02   34,144 K   57,164 K   8656   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
NVIDIA Web Helper.exe   0.02   35,448 K   64,716 K   6868   NVIDIA Web Helper Service   Node.js   (Verified) NVIDIA Corporation
chrome.exe   0.01   162,120 K   257,680 K   10404   Google Chrome   Google Inc.   (Verified) Google Inc
nvcontainer.exe   0.01   7,368 K   20,096 K   5788   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
chrome.exe   0.01   31,144 K   43,612 K   2392   Google Chrome   Google Inc.   (Verified) Google Inc
nvsphelper64.exe   0.01   2,484 K   10,180 K   7240   NVIDIA ShadowPlay Helper   NVIDIA Corporation   (Verified) NVIDIA Corporation
chrome.exe   0.01   99,068 K   142,600 K   236   Google Chrome   Google Inc.   (Verified) Google Inc
nvcontainer.exe   < 0.01   26,676 K   68,968 K   5820   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
steamwebhelper.exe   < 0.01   30,220 K   89,548 K   11204   Steam Client WebHelper   Valve Corporation   (Verified) Valve
NVDisplay.Container.exe   < 0.01   5,640 K   39,872 K   2228   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
svchost.exe   < 0.01   22,688 K   56,920 K   996   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
NVIDIA Share.exe   < 0.01   46,580 K   153,536 K   4816   NVIDIA Share   NVIDIA Corporation   (Verified) NVIDIA Corporation
svchost.exe   < 0.01   34,592 K   122,208 K   376   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ProductAgentService.exe   < 0.01   6,420 K   35,512 K   4572   Bitdefender Agent   Bitdefender   (Verified) Bitdefender SRL
svchost.exe   < 0.01   5,664 K   31,228 K   880   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
AGMService.exe   < 0.01   1,976 K   31,072 K   1668   Adobe Genuine Software Service   Adobe Systems, Incorporated   (Verified) Adobe Systems Incorporated
SearchIndexer.exe   < 0.01   41,072 K   78,956 K   6060   Microsoft Windows Search Indexer   Microsoft Corporation   (Verified) Microsoft Windows
bdparentalservice.exe   < 0.01   57,236 K   93,604 K   1744   Bitdefender Parental Service   Bitdefender   (Verified) Bitdefender SRL
TeamViewer_Service.exe   < 0.01   5,572 K   46,488 K   4848   TeamViewer 12   TeamViewer GmbH   (Verified) TeamViewer GmbH
SteamService.exe   < 0.01   7,312 K   12,652 K   3540   Steam Client Service   Valve Corporation   (Verified) Valve
SteelSeriesEngine3.exe   < 0.01   50,372 K   101,736 K   3440   SteelSeries Engine 3 Core   SteelSeries ApS   (Verified) SteelSeries ApS
svchost.exe   < 0.01   5,492 K   24,736 K   908   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   < 0.01   4,628 K   38,220 K   1068   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
conhost.exe   < 0.01   1,088 K   4,352 K   9192   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
AdobeUpdateService.exe   < 0.01   1,124 K   23,452 K   1648   Adobe Update Service   Adobe Systems Incorporated   (Verified) Adobe Systems Incorporated
lsass.exe   < 0.01   9,240 K   34,236 K   796   Local Security Authority Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
NVDisplay.Container.exe   < 0.01   31,432 K   98,356 K   9512   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
pcupdateservice.exe   < 0.01   2,124 K   27,976 K   1772   Bitdefender parental update service   Bitdefender   (Verified) Bitdefender SRL
GameScannerService.exe   < 0.01   23,324 K   112,032 K   4592   GameScannerService       (Verified) Razer USA Ltd.
bdparentalsystray.exe   < 0.01   2,472 K   8,444 K   3240   Bitdefender system tray app   Bitdefender   (Verified) Bitdefender SRL
bdmonitorapps.exe   < 0.01   1,664 K   6,732 K   5240   Bitdefender parental plugin   Bitdefender   (Verified) Bitdefender SRL
MBAMService.exe   < 0.01   20,980 K   103,384 K   4968   Malwarebytes Service   Malwarebytes   (Verified) Malwarebytes Corporation
WmiPrvSE.exe       18,440 K   24,020 K   9000   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
winlogon.exe       1,340 K   16,188 K   9900   Windows Log-on Application   Microsoft Corporation   (Verified) Microsoft Windows
wininit.exe       1,132 K   10,380 K   680   Windows Start-Up Application   Microsoft Corporation   (Verified) Microsoft Windows
usb3Monitor.exe       1,508 K   29,896 K   3228   usbmonitor   VIA Technologies, Inc.   (No signature was present in the subject) VIA Technologies, Inc.
taskhostex.exe       4,972 K   43,892 K   3272   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
taskhost.exe       15,836 K   91,432 K   3988   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       24,900 K   69,308 K   1512   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       15,520 K   56,508 K   1348   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       10,580 K   96,624 K   580   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,344 K   56,588 K   6044   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       8,192 K   42,252 K   932   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,420 K   98,260 K   1796   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,468 K   29,440 K   4720   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,436 K   17,204 K   6192   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SurSvc.exe       42,608 K   139,684 K   4740   Intel® System Usage Report       (Verified) Intel® Software Development Products
steamwebhelper.exe       21,204 K   33,476 K   9204   Steam Client WebHelper   Valve Corporation   (Verified) Valve
steamwebhelper.exe       17,092 K   19,868 K   9956   Steam Client WebHelper   Valve Corporation   (Verified) Valve
steamwebhelper.exe       10,140 K   13,348 K   7736   Steam Client WebHelper   Valve Corporation   (Verified) Valve
SpotifyWebHelper.exe       1,404 K   25,004 K   5924   SpotifyWebHelper   Spotify Ltd   (Verified) Spotify AB
spoolsv.exe       4,648 K   32,620 K   1444   Spooler SubSystem App   Microsoft Corporation   (Verified) Microsoft Windows
smss.exe       284 K   1,740 K   396   Windows Session Manager   Microsoft Corporation   (Verified) Microsoft Windows Publisher
sldworks_fs.exe       21,204 K   262,316 K   8288   SldWorks_fs   Dassault Systèmes SolidWorks Corp.   (Verified) Dassault Systemes SolidWorks Corp.
services.exe       4,916 K   14,708 K   788   Services and Controller app   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SbieSvc.exe       2,908 K   17,260 K   1104   Sandboxie Service   Sandboxie Holdings, LLC   (Verified) Invincea
rundll32.exe       1,248 K   4,988 K   4544   Windows host process (Rundll32)   Microsoft Corporation   (Verified) Microsoft Windows
rundll32.exe       3,692 K   5,944 K   8756   Windows host process (Rundll32)   Microsoft Corporation   (Verified) Microsoft Windows
RtkNGUI64.exe       4,336 K   51,460 K   3828   Realtek HD Audio Manager   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
procexp.exe       2,320 K   7,736 K   12100   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
NvTelemetryContainer.exe       9,332 K   36,364 K   2252   NVIDIA Container   NVIDIA Corporation   (Verified) NVIDIA Corporation
NVIDIA Share.exe       9,240 K   126,660 K   4188   NVIDIA Share   NVIDIA Corporation   (Verified) NVIDIA Corporation
NisSrv.exe       13,836 K   27,888 K   6000   Microsoft Network Realtime Inspection Service   Microsoft Corporation   (Verified) Microsoft Corporation
mbamtray.exe       17,116 K   67,308 K   7180   Malwarebytes Tray Application   Malwarebytes   (Verified) Malwarebytes Corporation
LogiRegistryService.exe       1,048 K   16,616 K   1964   Logitech Surround Sound Service   Logitech Inc.   (Verified) Logitech Inc
LMS.exe       3,624 K   32,564 K   984   Intel® Local Management Service   Intel Corporation   (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
Lightshot.exe       8,544 K   64,012 K   200   Lightshot   Skillbrains   (Verified) OOO Lightshot
jusched.exe       1,308 K   32,732 K   2288   Java Update Scheduler   Oracle Corporation   (Verified) Oracle America
jhi_service.exe       1,020 K   15,508 K   10228   Intel® Dynamic Application Loader Host Interface   Intel Corporation   (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
isa.exe       9,460 K   70,828 K   9484   Intel® Security Assist   Intel Corporation   (No signature was present in the subject) Intel Corporation
IPROSetMonitor.exe       1,284 K   19,504 K   1840   Intel® PROSet Monitoring Service   Intel Corporation   (Verified) Intel® Network Platform Group
GyStation.exe       1,396 K   30,724 K   11104   Gyazo Station   Nota Inc.   (Verified) Nota Inc.
esrv.exe       6,380 K   25,476 K   9296   Intel® System Usage Report       (Verified) Intel® Software Development Products
dllhost.exe       1,572 K   5,804 K   11612   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
Discord.exe       42,428 K   152,648 K   8116   Discord   Discord Inc.   (Verified) Discord Inc.
dasHost.exe       880 K   11,808 K   1848   Device Association Framework Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
csrss.exe       2,084 K   10,460 K   600   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
conhost.exe       1,208 K   17,636 K   2412   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       828 K   12,460 K   11040   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
chrome.exe       299,976 K   221,724 K   3788   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       48,168 K   62,372 K   8588   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       33,700 K   46,440 K   11524   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       33,728 K   46,344 K   10356   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       66,704 K   76,324 K   9632   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       12,988 K   20,196 K   964   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       72,216 K   82,532 K   8096   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       28,132 K   44,676 K   8160   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       27,572 K   39,500 K   5420   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       33,584 K   43,380 K   10832   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       2,372 K   7,800 K   8252   Google Chrome   Google Inc.   (Verified) Google Inc
chrome.exe       2,176 K   7,872 K   4348   Google Chrome   Google Inc.   (Verified) Google Inc
AGSService.exe       1,740 K   29,436 K   1720   Adobe Genuine Software Integrity Service   Adobe Systems, Incorporated   (Verified) Adobe Systems Incorporated

junk.txt:

Image Name PID Services

========================= ======== ============================================

System Idle Process 0 N/A

System 4 N/A

smss.exe 396 N/A

csrss.exe 600 N/A

wininit.exe 680 N/A

services.exe 788 N/A

lsass.exe 796 SamSs

svchost.exe 880 BrokerInfrastructure, DcomLaunch, LSM,

PlugPlay, Power, SystemEventsBroker

svchost.exe 908 RpcEptMapper, RpcSs

svchost.exe 996 Dhcp, EventLog, lmhosts, Wcmsvc, wscsvc

svchost.exe 376 AeLookupSvc, Appinfo, BITS, gpsvc, IKEEXT,

iphlpsvc, LanmanServer, MMCSS, ProfSvc,

Schedule, SENS, ShellHWDetection, Themes,

Winmgmt

svchost.exe 580 EventSystem, FontCache, netprofm, nsi,

WdiServiceHost, WinHttpAutoProxySvc

svchost.exe 932 AudioEndpointBuilder,

DeviceAssociationService, hidserv,

NcbService, PcaSvc, SysMain, TrkWks,

WdiSystemHost, wudfsvc

svchost.exe 1068 Audiosrv

SbieSvc.exe 1104 SbieSvc

svchost.exe 1348 CryptSvc, Dnscache, LanmanWorkstation,

NlaSvc

spoolsv.exe 1444 Spooler

svchost.exe 1512 BFE, DPS, MpsSvc

AdobeUpdateService.exe 1648 AdobeUpdateService

AGMService.exe 1668 AGMService

AGSService.exe 1720 AGSService

bdparentalservice.exe 1744 BdParental

pcupdateservice.exe 1772 BdParentalUpdate

svchost.exe 1796 DiagTrack

IPROSetMonitor.exe 1840 Intel® PROSet Monitoring Service

dasHost.exe 1848 N/A

LogiRegistryService.exe 1964 LogiRegistryService

nordvpn-service.exe 2024 nordvpn-service

nvcontainer.exe 2160 NvContainerLocalSystem

NVDisplay.Container.exe 2228 NVDisplay.ContainerLocalSystem

NvTelemetryContainer.exe 2252 NvTelemetryContainer

audiodg.exe 4176 N/A

ProductAgentService.exe 4572 ProductAgentService

GameScannerService.exe 4592 Razer Game Scanner Service

svchost.exe 4720 stisvc

SurSvc.exe 4740 SystemUsageReportSvc_WILLAMETTE

TeamViewer_Service.exe 4848 TeamViewer

MsMpEng.exe 4876 WinDefend

MBAMService.exe 4968 MBAMService

NisSrv.exe 6000 WdNisSvc

svchost.exe 6044 QWAVE, SSDPSRV, TimeBroker

SearchIndexer.exe 6060 WSearch

svchost.exe 6192 PolicyAgent

esrv_svc.exe 9996 ESRV_SVC_WILLAMETTE

jhi_service.exe 10228 jhi_service

LMS.exe 984 LMS

taskhost.exe 3988 N/A

isa.exe 9484 Intel® Security Assist

csrss.exe 9188 N/A

winlogon.exe 9900 N/A

dwm.exe 9492 N/A

NVDisplay.Container.exe 9512 N/A

nvcontainer.exe 9724 N/A

nvcontainer.exe 5820 N/A

bdmonitorapps.exe 5240 N/A

taskhostex.exe 3272 N/A

mbamtray.exe 7180 N/A

conhost.exe 9192 N/A

explorer.exe 8392 N/A

NVIDIA Web Helper.exe 6868 N/A

conhost.exe 11040 N/A

bdparentalsystray.exe 3240 N/A

usb3Monitor.exe 3228 N/A

RtkNGUI64.exe 3828 N/A

LCore.exe 2828 N/A

nvsphelper64.exe 7240 N/A

NVIDIA Share.exe 7248 N/A

nvcontainer.exe 5788 NvContainerNetworkService

nvcontainer.exe 8656 N/A

Steam.exe 8488 N/A

NVIDIA Share.exe 4188 N/A

NVIDIA Share.exe 4816 N/A

Discord.exe 3200 N/A

rundll32.exe 4544 N/A

rundll32.exe 8756 N/A

Discord.exe 8116 N/A

GyStation.exe 11104 N/A

SpotifyWebHelper.exe 5924 N/A

CorsairHID.exe 3656 N/A

sldworks_fs.exe 8288 N/A

SteelSeriesEngine3.exe 3440 N/A

Lightshot.exe 200 N/A

Discord.exe 6536 N/A

jusched.exe 2288 N/A

Rainmeter.exe 6416 N/A

esrv.exe 9296 N/A

conhost.exe 2412 N/A

steamwebhelper.exe 11204 N/A

steamwebhelper.exe 7736 N/A

SteamService.exe 3540 Steam Client Service

steamwebhelper.exe 9956 N/A

chrome.exe 10404 N/A

chrome.exe 8252 N/A

chrome.exe 4348 N/A

chrome.exe 3788 N/A

chrome.exe 5420 N/A

chrome.exe 8096 N/A

chrome.exe 9632 N/A

chrome.exe 8160 N/A

chrome.exe 10832 N/A

chrome.exe 236 N/A

ts3client_win64.exe 616 N/A

chrome.exe 2432 N/A

steamwebhelper.exe 9204 N/A

chrome.exe 10356 N/A

WmiPrvSE.exe 9000 N/A

chrome.exe 4512 N/A

chrome.exe 11524 N/A

chrome.exe 2392 N/A

chrome.exe 8588 N/A

SearchProtocolHost.exe 2644 N/A

SearchFilterHost.exe 2896 N/A

chrome.exe 8132 N/A

cmd.exe 8040 N/A

conhost.exe 3576 N/A

tasklist.exe 11944 N/A

WmiPrvSE.exe 7676 N/A

Attached Files

System Idle Process.txt 12.69KB 1 downloads
BETRAYED.txt 355.59KB 1 downloads

#4
RKinner

Posted 08 June 2018 - 08:36 PM

Malware Expert

Expert
24,624 posts

Let's try Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.51

Click on Download free home edition

Save it then right click and Run As Admin. It will install and then start the program.
It will tell you to click on the Start button but there isn't one.
Instead click on the green arrowhead (looks like a Play button). Let it run for at least 20 seconds. Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.

#5
Betrayed

Posted 09 June 2018 - 03:40 AM

Member

Topic Starter
Member
119 posts

_________________________________________________________________________________________________________

CONCLUSION

_________________________________________________________________________________________________________

Your system appears to be suitable for handling real-time audio and other tasks without dropouts.

LatencyMon has been analyzing your system for 0:00:32 (h:mm:ss) on all processors.

_________________________________________________________________________________________________________

SYSTEM INFORMATION

_________________________________________________________________________________________________________

Computer name: BETRAYED

OS version: Windows 8.1 , 6.3, build: 9600 (x64)

Hardware: MS-7885, MSI, X99S SLI PLUS (MS-7885)

CPU: GenuineIntel Intel® Core™ i7-5820K CPU @ 3.30GHz

Logical processors: 12

Processor groups: 1

RAM: 16279 MB total

_________________________________________________________________________________________________________

CPU SPEED

_________________________________________________________________________________________________________

Reported CPU speed: 330 MHz

Measured CPU speed: 1 MHz (approx.)

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.

WARNING: the CPU speed that was measured is only a fraction of the CPU speed reported. Your CPUs may be throttled back due to variable speed settings and thermal issues. It is suggested that you run a utility which reports your actual CPU frequency and temperature.

_________________________________________________________________________________________________________

MEASURED INTERRUPT TO USER PROCESS LATENCIES

_________________________________________________________________________________________________________

The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs): 642.637626

Average measured interrupt to process latency (µs): 10.494098

Highest measured interrupt to DPC latency (µs): 624.640048

Average measured interrupt to DPC latency (µs): 1.679532

_________________________________________________________________________________________________________

REPORTED ISRs

_________________________________________________________________________________________________________

Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs): 696.272424

Driver with highest ISR routine execution time: dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Highest reported total ISR routine time (%): 0.072530

Driver with highest ISR total time: dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation

Total time spent in ISRs (%) 0.081938

ISR count (execution time <250 µs): 20522

ISR count (execution time 250-500 µs): 0

ISR count (execution time 500-999 µs): 1

ISR count (execution time 1000-1999 µs): 0

ISR count (execution time 2000-3999 µs): 0

ISR count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED DPCs

_________________________________________________________________________________________________________

DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs): 333.926667

Driver with highest DPC routine execution time: nvlddmkm.sys - NVIDIA Windows Kernel Mode Driver, Version 397.93 , NVIDIA Corporation

Highest reported total DPC routine time (%): 0.040474

Driver with highest DPC total execution time: Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Total time spent in DPCs (%) 0.147979

DPC count (execution time <250 µs): 124966

DPC count (execution time 250-500 µs): 0

DPC count (execution time 500-999 µs): 11

DPC count (execution time 1000-1999 µs): 0

DPC count (execution time 2000-3999 µs): 0

DPC count (execution time >=4000 µs): 0

_________________________________________________________________________________________________________

REPORTED HARD PAGEFAULTS

_________________________________________________________________________________________________________

Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count: nvcontainer.exe

Total number of hard pagefaults 68

Hard pagefault count of hardest hit process: 55

Highest hard pagefault resolution time (µs): 2386.456667

Total time spent in hard pagefaults (%): 0.00410

Number of processes hit: 4

_________________________________________________________________________________________________________

PER CPU DATA

_________________________________________________________________________________________________________

CPU 0 Interrupt cycle time (s): 0.627774

CPU 0 ISR highest execution time (µs): 0.0

CPU 0 ISR total execution time (s): 0.0

CPU 0 ISR count: 0

CPU 0 DPC highest execution time (µs): 153.946667

CPU 0 DPC total execution time (s): 0.135134

CPU 0 DPC count: 82547

_________________________________________________________________________________________________________

CPU 1 Interrupt cycle time (s): 0.364162

CPU 1 ISR highest execution time (µs): 23.830

CPU 1 ISR total execution time (s): 0.014312

CPU 1 ISR count: 3427

CPU 1 DPC highest execution time (µs): 50.876667

CPU 1 DPC total execution time (s): 0.010134

CPU 1 DPC count: 3920

_________________________________________________________________________________________________________

CPU 2 Interrupt cycle time (s): 0.630195

CPU 2 ISR highest execution time (µs): 16.568788

CPU 2 ISR total execution time (s): 0.014338

CPU 2 ISR count: 6611

CPU 2 DPC highest execution time (µs): 104.846667

CPU 2 DPC total execution time (s): 0.162486

CPU 2 DPC count: 10096

_________________________________________________________________________________________________________

CPU 3 Interrupt cycle time (s): 0.354294

CPU 3 ISR highest execution time (µs): 0.0

CPU 3 ISR total execution time (s): 0.0

CPU 3 ISR count: 0

CPU 3 DPC highest execution time (µs): 48.650

CPU 3 DPC total execution time (s): 0.004616

CPU 3 DPC count: 697

_________________________________________________________________________________________________________

CPU 4 Interrupt cycle time (s): 0.395805

CPU 4 ISR highest execution time (µs): 0.0

CPU 4 ISR total execution time (s): 0.0

CPU 4 ISR count: 0

CPU 4 DPC highest execution time (µs): 44.470

CPU 4 DPC total execution time (s): 0.007034

CPU 4 DPC count: 1699

_________________________________________________________________________________________________________

CPU 5 Interrupt cycle time (s): 0.345665

CPU 5 ISR highest execution time (µs): 7.886667

CPU 5 ISR total execution time (s): 0.000352

CPU 5 ISR count: 217

CPU 5 DPC highest execution time (µs): 66.920

CPU 5 DPC total execution time (s): 0.006590

CPU 5 DPC count: 466

_________________________________________________________________________________________________________

CPU 6 Interrupt cycle time (s): 0.383023

CPU 6 ISR highest execution time (µs): 19.433636

CPU 6 ISR total execution time (s): 0.007180

CPU 6 ISR count: 925

CPU 6 DPC highest execution time (µs): 76.346667

CPU 6 DPC total execution time (s): 0.008827

CPU 6 DPC count: 2085

_________________________________________________________________________________________________________

CPU 7 Interrupt cycle time (s): 0.321731

CPU 7 ISR highest execution time (µs): 0.0

CPU 7 ISR total execution time (s): 0.0

CPU 7 ISR count: 0

CPU 7 DPC highest execution time (µs): 56.545455

CPU 7 DPC total execution time (s): 0.003011

CPU 7 DPC count: 513

_________________________________________________________________________________________________________

CPU 8 Interrupt cycle time (s): 0.377540

CPU 8 ISR highest execution time (µs): 0.0

CPU 8 ISR total execution time (s): 0.0

CPU 8 ISR count: 0

CPU 8 DPC highest execution time (µs): 94.333333

CPU 8 DPC total execution time (s): 0.008476

CPU 8 DPC count: 1851

_________________________________________________________________________________________________________

CPU 9 Interrupt cycle time (s): 0.368777

CPU 9 ISR highest execution time (µs): 0.0

CPU 9 ISR total execution time (s): 0.0

CPU 9 ISR count: 0

CPU 9 DPC highest execution time (µs): 42.550

CPU 9 DPC total execution time (s): 0.001155

CPU 9 DPC count: 257

_________________________________________________________________________________________________________

CPU 10 Interrupt cycle time (s): 0.896670

CPU 10 ISR highest execution time (µs): 696.272424

CPU 10 ISR total execution time (s): 0.278922

CPU 10 ISR count: 9343

CPU 10 DPC highest execution time (µs): 333.926667

CPU 10 DPC total execution time (s): 0.220051

CPU 10 DPC count: 20613

_________________________________________________________________________________________________________

CPU 11 Interrupt cycle time (s): 0.393864

CPU 11 ISR highest execution time (µs): 0.0

CPU 11 ISR total execution time (s): 0.0

CPU 11 ISR count: 0

CPU 11 DPC highest execution time (µs): 47.125152

CPU 11 DPC total execution time (s): 0.001560

CPU 11 DPC count: 233

_________________________________________________________________________________________________________

#6
RKinner

Posted 09 June 2018 - 06:17 AM

Malware Expert

Expert
24,624 posts

Uninstall:

NVIDIA GeForce Experience 3.13.1.30

then run Latency Monitor again

#7
Betrayed

Posted 10 June 2018 - 04:33 AM

Member

Topic Starter
Member
119 posts

Uninstall:

NVIDIA GeForce Experience 3.13.1.30

then run Latency Monitor again

Are we able to avoid this step as I only recently got this program to work with recordings and I feel like uninstalling it would mess it up again.

#8
RKinner

Posted 10 June 2018 - 07:31 AM

Malware Expert

Expert
24,624 posts

Afraid not. It appears to be causing part of the problem.

Process with highest pagefault count: nvcontainer.exe

Total number of hard pagefaults 68

Hard pagefault count of hardest hit process: 55

Highest hard pagefault resolution time (µs): 2386.456667

Total time spent in hard pagefaults (%): 0.00410

Number of processes hit: 4

nvcontainer.exe is part of NVIDIA GeForce Experience 3.13.1.30. Pagefaults slow your PC down. Only alternative would be to add RAM or find a better version.