Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Very slow PC


  • Please log in to reply

#1
Betrayed

Betrayed

    Member

  • Member
  • PipPipPip
  • 109 posts

PC has been very slow recently no idea why.

 

FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Jamie (administrator) on BETRAYED (07-06-2018 19:27:01)
Running from D:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\pcupdateservice.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdmonitorapps.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalsystray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dassault Systèmes SolidWorks Corp.) D:\Program Files\SOLIDWORKS\sldworks_fs.exe
(Corsair Components, Inc.) D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Rainmeter) D:\Program Files\Rainmeter\Rainmeter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
() D:\Program Files\Sublime Text 3\sublime_text.exe
() D:\Program Files\Sublime Text 3\plugin_host.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-4778-A5FC-0D0F1F219F12}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-47 (the data entry has 36 more characters).
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-25] (Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [597688 2018-05-15] (Razer Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3200800 2018-06-01] (Valve Corporation)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Discord] => C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3044848 2017-02-11] (Electronic Arts)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify] => C:\Users\Jamie\AppData\Roaming\Spotify\Spotify.exe [24023440 2018-06-07] (Spotify Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Jamie\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2115656 2017-10-15] (Gaijin Entertainment)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [5852920 2018-05-02] (NordVPN)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify Web Helper] => C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-06-07] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OBS Studio.lnk [2016-10-10]
ShortcutTarget: OBS Studio.lnk -> D:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2017-12-08]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-06-07]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-07-09]
ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{BD584BD8-9D46-4F4B-B346-6A00849ED96C}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ie/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)
 
FireFox:
========
FF DefaultProfile: dvfgafen.default
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\dvfgafen.default [2018-06-01]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> D:\Program Files\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> D:\Program Files\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR DefaultSearchKeyword: Default -> google.co.uk
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default [2018-06-07]
CHR Extension: (Heartbeat) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2017-01-24]
CHR Extension: (Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]
CHR Extension: (uBlock Origin) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-05-26]
CHR Extension: (Tampermonkey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-17]
CHR Extension: (Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (LoungeDestroyer) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2018-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-05-27]
CHR Extension: (Iron Man-Material Design) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nekeenfmlfhgoaojceionblcpbbjmnpk [2016-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-01]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 BdParental; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe [119512 2018-05-17] (Bitdefender)
R2 BdParentalUpdate; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\PCUpdateService.exe [62864 2018-05-17] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-06-04] ()
S3 CoordinatorServiceHost; D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2017-02-04] (Dassault Systèmes SolidWorks Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-08] (EasyAntiCheat Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [430840 2018-05-02] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-05-10] (The OpenVPN Project)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-11] (Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-11] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-12-08] (SolidWorks) [File not signed]
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 bddevflt; C:\Windows\System32\DRIVERS\bddevflt.sys [106992 2018-05-17] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdfwfpf_pc.sys [142232 2018-05-17] (Bitdefender SRL)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [564216 2017-04-25] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-07] (Malwarebytes)
R1 MpKsl068e207c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5A8B87F-6392-4BFC-BC73-997A840C6BF6}\MpKsl068e207c.sys [58120 2018-06-07] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [56064 2018-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\system32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2017-09-13] (The OpenVPN Project)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
U3 gzflt; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-07 19:26 - 2018-06-07 19:27 - 000000000 ____D C:\FRST
2018-06-07 18:49 - 2018-06-07 18:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-05 15:34 - 2018-06-05 15:34 - 000000000 ____D C:\ProgramData\LogiShrd
2018-06-05 15:33 - 2018-06-05 15:33 - 000000000 ____D C:\Users\Jamie\AppData\Local\Logitech
2018-06-05 15:31 - 2018-06-05 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-06-05 15:30 - 2018-06-05 15:31 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logitech
2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logishrd
2018-06-05 00:49 - 2018-06-05 00:49 - 000001925 _____ C:\Users\Public\Desktop\NordVPN.lnk
2018-06-05 00:48 - 2018-06-05 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files\TAP-NordVPN
2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2018-06-04 11:01 - 2018-06-04 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-04 11:01 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-03 15:22 - 2018-06-03 15:22 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsign9f5928a9196dbbd0
2018-06-02 21:32 - 2018-06-02 21:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc261ba133930a345
2018-06-01 13:43 - 2018-06-01 13:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-01 13:42 - 2018-06-01 13:42 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\AVAST Software
2018-06-01 10:32 - 2018-06-01 10:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\BattlEye
2018-05-24 17:14 - 2018-05-24 17:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-24 17:14 - 2018-05-22 21:09 - 000132392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-05-24 17:12 - 2018-05-23 19:24 - 040089632 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-05-24 17:12 - 2018-05-23 19:24 - 032359864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-05-24 17:12 - 2018-05-23 19:24 - 000056064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2018-05-24 17:12 - 2018-05-23 19:23 - 040347168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 035250536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 016997632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-05-24 17:12 - 2018-05-23 19:23 - 003964960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 003496992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 002013784 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439793.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001562016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439793.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001418840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001216256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001092000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000626776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000517536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000134688 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 031276288 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 025990096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 019080776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 017782384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 015192624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 013727792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 011273120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 001157208 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000913664 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000904904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000544472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000462832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000420000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000182784 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000170192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000164944 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000159896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000148512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-05-24 17:12 - 2018-05-22 22:52 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-05-24 17:12 - 2018-05-22 22:52 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-05-23 14:09 - 2018-05-23 14:09 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-05-23 14:08 - 2018-05-27 14:10 - 000000000 ____D C:\Users\Jamie\AppData\Local\Battle.net
2018-05-23 14:08 - 2018-05-25 22:25 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard Entertainment
2018-05-23 14:08 - 2018-05-25 22:12 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Battle.net
2018-05-23 14:08 - 2018-05-23 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-05-23 14:07 - 2018-05-27 13:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard
2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\ProgramData\Battle.net
2018-05-19 23:48 - 2018-05-19 23:48 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignfe2295aadf1bbde7
2018-05-18 20:06 - 2018-05-24 17:13 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-05-18 20:06 - 2018-05-08 22:24 - 001990688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439764.dll
2018-05-18 20:06 - 2018-05-08 22:24 - 001467992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439764.dll
2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-05-17 16:35 - 2018-05-17 16:35 - 000106992 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bddevflt.sys
2018-05-16 19:03 - 2018-05-16 19:03 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc1d1dccad7ed2609
2018-05-14 19:12 - 2018-03-19 19:26 - 000137592 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2018-05-14 19:12 - 2018-03-08 22:14 - 000041720 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\Program Files (x86)\PKGInstaller
2018-05-11 20:05 - 2018-05-11 20:05 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS 2017
2018-05-09 13:36 - 2018-04-22 09:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 13:36 - 2018-04-22 08:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 13:36 - 2018-04-22 08:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 13:36 - 2018-04-22 07:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 13:36 - 2018-04-22 07:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 13:35 - 2018-04-22 10:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 13:35 - 2018-04-22 09:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 13:35 - 2018-04-22 08:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 13:35 - 2018-04-22 08:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 13:35 - 2018-04-22 08:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 13:35 - 2018-04-22 08:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 13:35 - 2018-04-22 08:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 13:35 - 2018-04-22 08:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 13:35 - 2018-04-22 07:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 13:35 - 2018-04-22 07:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 13:35 - 2018-04-22 07:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 13:35 - 2018-04-22 07:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 13:35 - 2018-04-22 07:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 13:35 - 2018-04-22 07:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 13:35 - 2018-04-22 07:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 13:35 - 2018-04-22 07:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 13:35 - 2018-04-22 07:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 13:35 - 2018-04-22 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 13:35 - 2018-04-22 07:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 13:35 - 2018-04-22 07:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 13:35 - 2018-04-22 07:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 13:35 - 2018-04-22 07:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 13:35 - 2018-04-22 07:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 13:35 - 2018-04-22 07:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 13:35 - 2018-04-22 07:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 13:35 - 2018-04-22 07:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 13:35 - 2018-04-15 17:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 13:35 - 2018-04-15 17:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 13:35 - 2018-04-11 02:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 13:35 - 2018-04-11 02:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 13:35 - 2018-04-11 02:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 13:35 - 2018-04-10 19:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 13:35 - 2018-04-10 19:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 13:35 - 2018-04-10 19:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 13:35 - 2018-04-10 18:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 13:35 - 2018-04-10 17:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 13:35 - 2018-04-07 17:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 13:35 - 2018-04-07 16:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 13:35 - 2018-04-07 16:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 13:35 - 2018-04-07 16:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 13:35 - 2018-04-07 16:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 13:35 - 2018-04-07 16:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 13:35 - 2018-04-07 16:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 13:35 - 2018-04-07 16:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 13:35 - 2018-04-06 22:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 13:35 - 2018-03-24 16:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 13:35 - 2018-03-24 16:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 13:35 - 2018-03-24 16:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 13:35 - 2018-03-24 16:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 13:35 - 2018-03-24 15:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 13:35 - 2018-03-24 15:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 13:35 - 2018-03-15 23:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 13:35 - 2018-03-10 21:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 13:35 - 2018-03-10 20:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 13:35 - 2018-03-10 18:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 13:35 - 2018-03-10 18:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 13:35 - 2018-03-10 18:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 13:35 - 2018-03-10 18:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 13:35 - 2018-03-10 17:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 13:35 - 2018-03-10 17:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 13:35 - 2018-03-10 17:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 13:35 - 2018-03-10 17:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 13:35 - 2018-03-10 17:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 13:35 - 2018-03-10 17:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 13:35 - 2018-03-10 17:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 13:35 - 2018-03-10 17:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 13:35 - 2018-03-10 17:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 13:35 - 2018-03-10 17:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 13:35 - 2018-03-10 17:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 13:35 - 2018-03-09 19:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 13:35 - 2018-03-03 17:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 13:35 - 2018-03-03 17:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 13:35 - 2018-03-03 17:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 13:35 - 2018-03-03 17:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 13:35 - 2018-03-03 17:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 13:35 - 2018-03-03 17:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 13:35 - 2018-02-14 22:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 13:35 - 2018-02-14 15:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-06-07 19:18 - 2016-07-09 11:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\TS3Client
2018-06-07 18:56 - 2016-07-09 00:56 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1719391309-1542172637-2612288240-1001
2018-06-07 18:55 - 2014-03-18 16:26 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-07 18:55 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-06-07 18:53 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-07 18:52 - 2018-03-25 10:07 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\steelseries-engine-3-client
2018-06-07 18:49 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-07 18:45 - 2016-07-10 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3 Launcher
2018-06-07 18:06 - 2016-10-09 21:54 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\obs-studio
2018-06-07 18:06 - 2016-07-10 11:41 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3
2018-06-07 18:02 - 2016-07-09 13:51 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\vlc
2018-06-07 17:41 - 2016-07-09 00:53 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5300C48B-BF93-4A18-917D-7F8F63F8C0CE}
2018-06-07 14:24 - 2016-07-09 13:11 - 000000000 ____D C:\Users\Jamie\AppData\Local\Spotify
2018-06-07 14:24 - 2016-07-09 13:09 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Spotify
2018-06-06 21:32 - 2016-07-09 10:58 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-06 11:29 - 2018-03-10 11:17 - 000000000 ___RD C:\Users\Jamie\Creative Cloud Files
2018-06-06 11:29 - 2016-07-22 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Local\Adobe
2018-06-05 18:45 - 2016-07-16 14:05 - 000000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2018-06-05 15:32 - 2013-08-22 15:44 - 000457512 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-05 15:32 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-05 00:50 - 2018-03-30 18:01 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\NordVPN
2018-06-04 11:01 - 2018-03-21 14:39 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-04 11:01 - 2017-01-09 17:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-02 02:28 - 2016-07-09 00:50 - 000000000 ____D C:\Users\Jamie
2018-06-02 02:24 - 2016-07-09 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Skype
2018-06-01 20:42 - 2016-12-10 22:45 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Mozilla
2018-06-01 13:42 - 2017-06-22 15:06 - 000000000 ____D C:\Program Files\CCleaner
2018-06-01 12:52 - 2016-07-22 16:50 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\discord
2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2018-05-24 17:19 - 2016-07-09 01:50 - 000000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA
2018-05-24 17:14 - 2018-03-04 14:22 - 000000000 ____D C:\temp
2018-05-24 17:14 - 2016-07-09 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-24 17:14 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-23 19:24 - 2016-07-09 10:41 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2018-05-23 19:23 - 2016-07-09 10:41 - 023298544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-05-23 19:22 - 2017-10-25 18:41 - 015691136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-05-23 19:22 - 2016-10-21 16:59 - 000505736 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 020323544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 004613408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 004081624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-05-22 22:52 - 2015-11-10 02:48 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-05-22 22:52 - 2015-11-10 01:13 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-05-22 20:58 - 2016-07-09 01:32 - 002612520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-05-22 20:57 - 2016-07-09 10:42 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-05-22 20:57 - 2016-07-09 10:42 - 000083240 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 005947328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 001767360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 000450960 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 000124200 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-05-22 07:43 - 2016-07-09 01:32 - 008186102 _____ C:\Windows\system32\nvcoproc.bin
2018-05-18 20:07 - 2016-07-09 01:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-18 16:25 - 2016-07-09 10:57 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 16:25 - 2016-07-09 10:57 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\ProgramData\Razer
2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\Program Files (x86)\Razer
2018-05-14 19:09 - 2016-07-09 11:16 - 000000000 ____D C:\Users\Jamie\AppData\Local\Razer
2018-05-14 19:07 - 2017-11-26 21:02 - 000000000 ____D C:\Users\Jamie\AppData\Local\LogMeIn Hamachi
2018-05-14 17:01 - 2017-10-25 17:44 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-05-11 20:05 - 2017-12-08 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS
2018-05-10 18:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\en-GB
2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\en-GB
2018-05-09 16:03 - 2016-07-17 13:38 - 000000000 ____D C:\Users\Jamie\.junique
2018-05-09 13:41 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 13:40 - 2016-07-10 05:15 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 13:38 - 2017-10-11 14:34 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 13:38 - 2016-07-10 05:15 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 22:25 - 2016-07-09 01:32 - 000551680 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-05-08 22:25 - 2016-07-09 01:32 - 000456792 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
 
==================== Files in the root of some directories =======
 
2018-02-22 18:24 - 2018-04-29 12:18 - 000000033 _____ () C:\Users\Jamie\AppData\Roaming\AdobeWLCMCache.dat
2016-10-20 21:22 - 2017-02-12 00:45 - 000000301 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Login.ini
2016-07-09 19:08 - 2017-02-12 01:50 - 000001427 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Options.ini
2016-11-08 00:45 - 2016-11-08 00:45 - 000000054 _____ () C:\Users\Jamie\AppData\Roaming\updater.cfg
2018-01-05 20:42 - 2018-01-05 20:42 - 000000600 _____ () C:\Users\Jamie\AppData\Roaming\winscp.rnd
2017-07-20 10:14 - 2017-09-28 18:36 - 000001456 _____ () C:\Users\Jamie\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-12-27 19:55 - 2017-12-27 19:55 - 000000600 _____ () C:\Users\Jamie\AppData\Local\PUTTY.RND
2016-07-09 21:05 - 2016-07-09 21:05 - 000007605 _____ () C:\Users\Jamie\AppData\Local\Resmon.ResmonCfg
2016-07-10 23:42 - 2016-07-10 23:42 - 000000003 _____ () C:\Users\Jamie\AppData\Local\updater.log
2016-07-10 23:42 - 2016-08-06 11:31 - 000000424 _____ () C:\Users\Jamie\AppData\Local\UserProducts.xml
 
Some files in TEMP:
====================
2018-06-05 18:45 - 2018-06-05 18:45 - 000000000 _____ () C:\Users\Jamie\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-06-05 18:45 - 2018-06-05 18:45 - 000000017 _____ () C:\Users\Jamie\AppData\Local\Temp\df56b456466e87efef47cf1a2c9e2082.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-06-02 18:55
 
==================== End of FRST.txt ============================
 
 
 
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by Jamie (07-06-2018 19:27:30)
Running from D:\Users\Jamie\Desktop
Windows 8.1 (Update) (X64) (2016-07-08 23:50:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1719391309-1542172637-2612288240-500 - Administrator - Disabled)
Guest (S-1-5-21-1719391309-1542172637-2612288240-501 - Limited - Disabled)
Jamie (S-1-5-21-1719391309-1542172637-2612288240-1001 - Administrator - Enabled) => C:\Users\Jamie
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)
AutoHotkey 1.1.24.02 (HKLM\...\AutoHotkey) (Version: 1.1.24.02 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Bitdefender Parental Advisor (HKLM\...\Bitdefender Parental Advisor) (Version: 1.2.0.291 - Bitdefender)
Breaking Point (HKLM-x32\...\{D94AC775-62AF-4630-8292-7EB26691AAAE}) (Version: 5.0.2.9 - The Zombie Infection) Hidden
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{213B426C-5317-4F2D-8395-AC04B70711C4}) (Version: 1.1.133.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.6 (HKLM-x32\...\{2B710CA5-99F0-4D29-962C-29A7CFF7A989}) (Version: 2.6.0.32 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Kodi) (Version:  - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Firefox 59.0.3 (x64 en-US) (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MultiBit Classic 0.5.19 (HKLM\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)
MultiBit HD 0.3.0 (HKLM\...\6925-4794-5772-4956) (Version: 0.3.0 - Bitcoin Solutions Ltd)
NordVPN (HKLM-x32\...\{7296DD91-4FC7-47BB-B211-912D9E980FC7}) (Version: 6.13.13 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.13.13) (Version: 6.13.13 - NordVPN)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 397.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.0 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenVPN 2.3.11-I601  (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.11.0 - )
pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== ATTENTION
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.19.529 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8279 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SOLIDWORKS 2017 SP02 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.120.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP02 (HKLM-x32\...\SolidWorks Installation Manager 20170-40200-1100-100) (Version: 25.2.0.52 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP02 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP02 (HKLM\...\{061157FB-631D-480A-B8AB-529E455BA74D}) (Version: 17.2.0029 - Dassault Systèmes SolidWorks Corp) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.4 - SteelSeries ApS)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.11-0 - Bitnami)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {06763BA6-162A-4D87-8ED8-08B3878D28B4} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {0C13D476-921D-4F35-9512-5C4315087486} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {0F2E34F7-DF67-4931-8180-94601F02A3E7} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {23662676-604F-4CE4-AE7C-D00D52DFEA81} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {26E992B5-1ABB-4578-BAB9-03F714E64610} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {35386CF1-51D3-4CDB-AAE6-E4A831819BF8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {45D3124E-E400-4CB6-8A58-771FA7E08BE9} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {4A5586B0-A962-47A2-A999-59841DB478AB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {58BBA558-2959-42FC-9902-821282282918} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {6835F2CF-3C45-49FD-9B8C-1E2CB6649452} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {7259BD5C-A376-44C6-B17D-45C607A736F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {74BFFE8C-382B-4AC2-A021-B884EDAA936A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {7893E9C3-9133-4D20-B35F-91A3976B8694} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {7A55D264-0586-4C00-90D4-19FA9260642D} - System32\Tasks\AdobeGCInvoker-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {8DB43842-0A6D-4138-85EE-E5847D9178EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {9156EE9B-FB63-45B3-A21B-97226934652A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {A09EF7C6-A025-4B84-B569-C478EAC89AB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {AFACBA89-BFF1-4157-B006-B56889770DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {BB55845E-C171-498D-A155-3C76D1EE5A30} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {BDF43C40-AA3C-45A7-B70C-D9C32D8BBC42} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BFE19B39-EC2B-4708-8BE6-D9322CE361E1} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C47A6178-DF6F-4CBE-8183-97FBBE719CB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {C945DA90-4C5E-4A02-B1E1-43D03C942852} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {CED85B6F-3F79-4416-B0AC-6EBE301C9D99} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe [2018-06-07] (AVAST Software)
Task: {FB746247-9F64-46DD-A92C-E8D3D4E07A99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-05-08 16:29 - 2018-05-08 16:29 - 000992704 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpbr.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 000543344 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpdsp.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 003639000 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpf.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 001527808 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttprbl.mdl
2018-05-02 12:49 - 2018-05-02 12:49 - 000430840 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-10-25 17:44 - 2018-03-14 14:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-14 20:13 - 2018-03-14 20:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2018-06-04 11:01 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2018-05-07 08:33 - 2018-05-07 08:33 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2018-05-07 08:33 - 2018-05-07 08:33 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-22 21:59 - 2018-03-14 14:04 - 000019904 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2016-07-09 11:05 - 2016-06-08 18:07 - 000458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-09 11:05 - 2016-06-08 18:18 - 000709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2017-02-04 02:43 - 2017-02-04 02:43 - 000272280 _____ () D:\Program Files\SOLIDWORKS\sldBodyDiffu.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000174744 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2017-01-12 17:35 - 2018-02-17 22:07 - 000020632 _____ () D:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2017-01-12 17:35 - 2018-02-17 22:07 - 001981592 _____ () D:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000125592 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000150680 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2017-02-15 13:21 - 2017-02-15 13:21 - 000134144 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2017-01-12 17:35 - 2017-10-20 19:26 - 006282240 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll
2017-01-12 17:35 - 2016-11-09 19:09 - 000263680 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll
2017-01-12 17:35 - 2018-06-02 14:36 - 004021248 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll
2017-01-12 17:35 - 2017-02-16 20:19 - 000479744 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\soundboard.dll
2017-03-24 17:10 - 2017-07-21 13:03 - 000345880 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2018-03-23 21:38 - 2018-06-06 22:52 - 005680568 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe
2016-07-09 11:05 - 2016-06-08 18:12 - 000416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-09 11:05 - 2016-06-08 18:15 - 000130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-09 11:05 - 2016-06-08 18:15 - 000032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2018-06-06 21:32 - 2018-06-06 02:25 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libglesv2.dll
2018-06-06 21:32 - 2018-06-06 02:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libegl.dll
2016-10-07 13:18 - 2016-10-07 13:18 - 005971056 _____ () D:\Program Files\Sublime Text 3\sublime_text.exe
2016-10-07 13:18 - 2016-10-07 13:18 - 000672768 _____ () D:\Program Files\Sublime Text 3\plugin_host.exe
2018-04-25 12:08 - 2018-04-25 12:08 - 000254464 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2017-10-25 17:44 - 2018-03-14 14:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-25 17:45 - 2018-03-14 14:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-02-26 20:03 - 2018-03-14 14:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-02-26 20:03 - 2018-03-14 14:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-03-22 21:59 - 2018-03-14 14:05 - 000019904 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2018-06-02 11:27 - 2018-06-01 20:02 - 002632480 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 005137696 _____ () D:\Program Files (x86)\Steam\libavcodec-57.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000695584 _____ () D:\Program Files (x86)\Steam\libavformat-57.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000351520 _____ () D:\Program Files (x86)\Steam\libavresample-3.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000847136 _____ () D:\Program Files (x86)\Steam\libavutil-55.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000783648 _____ () D:\Program Files (x86)\Steam\libswscale-4.dll
2018-06-02 11:27 - 2018-06-01 20:02 - 000979744 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-14 08:48 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libegl.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 000091136 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 000224256 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 000200704 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2018-05-02 13:31 - 2018-05-23 13:54 - 009820504 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 13:31 - 2018-05-02 13:31 - 001530712 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 13:31 - 2018-05-02 13:31 - 000512856 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 13:31 - 2018-05-03 07:46 - 001578840 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-02 13:31 - 2018-05-02 13:31 - 002722648 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-02 13:31 - 2018-05-02 13:31 - 002760536 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 13:31 - 2018-05-02 13:31 - 001249112 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 083524384 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-14 08:48 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 002253600 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 000109856 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
2016-03-16 01:54 - 2016-03-16 01:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2017-10-25 17:29 - 000000002 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\StartupFolder: => "OBS Studio.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NetBalancer"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NordVPN"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{43280E25-5FDA-4220-A4AE-5002A736D28B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B004BAD1-39D2-44EB-B190-2075321C648C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB9ED71A-662C-455F-87E9-0A790C95A5EC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{37271229-BE7A-47BC-BFB4-8C54924854FF}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{05F9763A-ED1A-4A80-9C2E-0F779D2D7450}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F3BF32E7-1337-46D7-89C5-72D92A81628D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7E95E14-D16D-46B5-8867-574F60FA4F27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{234A17CE-C1FC-40E0-B9C2-8D307AEE884E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0EF71D9A-6EBD-4FB3-B8AF-6213F01C9E46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EE668382-30B4-4F1B-A1AF-8C150FDF1865}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{798A58B1-B109-4ADD-8381-426C0FBD0E7E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{245F0650-001A-4902-9819-648CD12269EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{D78D9F29-C391-4F4D-B44C-EB43EAD3BBF9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A1BEA2B7-CE10-4D6E-998D-BC5D4F4C7834}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{4D20DBF2-0C1E-432E-AC59-DAEBB9F28C6C}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68AD369D-B8A4-494F-83AA-1926FA3263D0}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AD5458E8-667C-458E-9FF4-2EB84ABF8C42}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [UDP Query User{12590890-1217-4AA1-A426-BD3B1C29EA3E}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [TCP Query User{5E966F72-502D-4C81-954D-A28DC77BE3F0}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{EB1D1430-426B-4945-A818-02E532AE9977}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4F823053-4909-4AB2-9291-BD68248ADF32}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A0DA01A-C88E-4EEE-A304-3B115F5AA62E}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{094A09AB-4776-424C-A2E2-C232E04F7705}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{1221CC45-8FA2-471E-9947-9E0C2BFF8D9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{75EA8C07-E02B-42B2-859D-2A041D76B6D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{EDEBF04E-4D77-4140-9642-0F8F955531FF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{ADD96FA6-B2C5-4E0A-8489-756CD795492C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{51905D0F-9C42-4DA6-A34E-896A36FEA620}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{9CC85030-5885-4EAF-81BD-3B47F7F17C6E}] => (Allow) C:\Users\Jamie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{A12C97BC-7E5A-4F0B-A47B-6B87058C1773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2127FAC9-E30B-4FB4-BDDC-07D661F068F5}] => (Allow) LPort=2869
FirewallRules: [{E696FF9E-C112-4FF2-BF34-6A7060266C46}] => (Allow) LPort=1900
FirewallRules: [{2D3695A1-326F-4523-9C8A-25B32C2DF4EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{598F6D8E-24E5-401A-84AA-05B79FC20419}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EAD2AF8-5037-4106-822E-74BF9CB3CED4}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{15DBF988-5F71-4099-B7B4-CCA393546DB5}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{2A8C7067-B59E-49EA-A540-10687AD386EE}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{C59428CB-1F85-4957-ADB6-F8B9C42FDA22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3D955DC0-0228-475A-8253-724E6E51F3C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{45E440E8-F608-4CF0-939B-62A2569FB968}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CA3EA36B-DBD2-4096-BD8E-7DC75DF0D7A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CDA5438B-5EBF-4CD0-8035-D806C3F6617A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{1D8DD10C-926F-41E7-B2E7-9F796956ECEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{5D70229B-081B-4E3F-9F6B-F3A85EA32D15}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{04DD16C0-B189-4C7A-A05A-9C79D0A1B256}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{35D6B5A8-BBC8-4BB4-8437-C37302CFE7DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{3AC0E794-A4BB-4258-8A73-9AAA95B7BCFB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{221061C7-8755-4DEF-8822-67CA3FE03698}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{31D892F4-9BBD-45B4-B1F1-DFBD1DE1BD3E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{CAEB01B5-C51A-461B-A739-C6AC5AB00FB8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6DBADAEC-90BF-4150-9699-A1ACE2670A65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{65BCB92C-B7A7-40AB-B562-618EAB4B0A7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EF547CEC-C447-49E3-9CD4-1389A4015C2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3A85E5E7-F1BB-4852-ABDF-C9C041DEC30D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3EAF9153-995F-4A07-9483-53C6687072DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66108248-7899-4FA5-9652-D0A501EA97D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{735D853C-757E-4787-A993-DB3669620016}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [UDP Query User{39BF3FC7-1DB0-4AAF-946E-062467332DA7}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [TCP Query User{3D306803-4323-4135-B7AB-1A884466D43D}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{6272F8B5-5F4F-49A3-A028-7F2D061D22CA}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{B48D565B-1064-4A1E-B333-4F807DA52358}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{ACDD4940-14C5-4278-B928-392B3C2497B6}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{716510F5-2508-4E63-B021-D8FAB54E4A5E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{8A6DE1DC-7909-45AB-94DD-57F285AC9C7A}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{213D75CB-C013-4ECF-BA3E-11B2401C297B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4C95CAF3-85C6-4037-B23F-567A834C79FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3493E0EA-612A-465C-99FA-1F7FF368B1DD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BF2208F8-467B-4B5D-B728-6F4D65D12F35}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97BBEDEF-967C-4D34-B438-D9971445F5AC}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5B116891-FCD2-4BEA-A423-C0E475A24859}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1D6B41D-31AB-4D7B-B7D8-56D468FE1E35}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{361D7308-9B4B-4728-8920-C023FB8D020A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0525ABC2-2A74-4AF9-9A48-D7ABDEA9620A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{033CE73D-8BA2-4C62-96F7-1FE59B88B3BB}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{828E9277-E9B4-44FD-9688-53005615BAA0}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{E1920F54-4271-4054-88D8-985EA69CD803}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{5A5B3439-AB38-4242-B4C9-8457B117B963}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63F895A9-84B3-450E-943E-D7D51B2848F4}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{14A970D5-009F-4E35-9A24-A8380BE6568C}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A8888945-DFBA-4060-9078-E193C4EF79EA}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4331BA20-7EEB-41DF-A634-205837C07376}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{781F9E07-A98C-40E0-814B-317021B7FEB1}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{5DC4ACA9-1514-48D3-A39B-EB021E81B9D0}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{857A0648-8909-478B-ABC6-173A334FC21C}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{FE480A42-72FA-4680-A346-09753A5D8E1B}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{4C723CC6-37AE-496C-806A-D71D07B0F531}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{004115AC-3B0C-493C-B576-C89D3A280AFF}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{BF18A62D-0753-43EA-885C-1E5671905617}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{D125098A-D45E-4A54-A218-8D9CDFF31E78}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8217E94-A114-4015-B913-609ED4AC54D9}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C85FFB54-1D5A-4D33-ABF6-2BE90B03AA04}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{49284333-C5FE-43C9-B509-3530F0DFCBF3}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{20514E74-B1ED-4E12-B373-D9D65809E67E}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{083B28D4-19AD-4706-96C1-6281CE1CF523}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{C9BFA25B-EB89-49B1-809E-7EC8B093BD8E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{0D38522F-6E81-42C7-B8DF-09AD3ABA1986}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{D188A311-7968-454B-B336-59DFA84F89B4}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{EAB7083F-9E7A-42FA-99F1-30ACC6B4E114}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [{092F6539-E3A1-4160-A8CC-8FF1B73F4787}] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{629124B9-D933-47CC-9F19-146EC4B85BB0}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{C873AF50-7F01-49B7-A231-51F945298243}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{B1921B5F-529F-47C9-8FB8-07C9A0923695}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{882CB9CF-6B7F-461C-9F39-688B4FFD3C4D}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [TCP Query User{066E391E-7B51-4A71-B1CF-D8A00967F0A8}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{F82AFCEE-4BC0-4018-998E-7CAEABA4E20B}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{BEE18A40-9D97-4ABD-B3CF-8A0B67B44C99}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{7BDE513E-B80B-4C92-95AE-108D37CA8078}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{533F98D3-5FFC-443B-A1E1-F389F63FDB20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F8512BAC-C8C3-4803-9AA7-77BAE031BD21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4F35148F-8003-4C70-A9FA-143CA8F942CD}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3E2F95E2-048C-42F1-A9D7-EC059139AF44}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{488A0425-5FE3-4C17-8BBF-D5001D835247}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{82EFAD9D-999E-4D0E-B86E-D1272FB4607F}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{9DC5ED78-5D04-48D0-9FA7-EA29BF5896BE}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{2E3A6978-5338-4EF3-8911-6AAB0CAFB966}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{AE0AC452-CA04-4D70-BB2D-9E8E43835B29}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4C481E7A-CAD8-4F15-8EE9-793A3092D017}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{7B21009D-D772-4400-A683-9E08F4FC515F}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{23FC5D17-D74C-4239-AAA8-48578A9DA88D}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [{BB664711-245B-44BD-9817-169ECC150999}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{A5EC0E0E-627E-4F3F-941E-08A06536AE9C}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [TCP Query User{230DF51C-9434-405B-BFE7-789798CCF1F6}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{A69E820D-3E7D-4328-94F5-AF0E93D30807}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{3D5F118E-1F63-449D-BB15-B9459D9088AF}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe
FirewallRules: [UDP Query User{08218CD5-D1B5-47CA-990E-FB41E8C3F3E5}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe
FirewallRules: [{22C9C27D-2849-4B43-880E-273F86214724}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{A6568B11-F2FE-4950-BDFA-775ABC1026BB}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{BB8DA272-8E7E-42CB-828A-AB67873BD5F9}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9B97AA94-89EC-4754-B2FE-2BB3AC604DF0}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{FC07EE0D-77DD-4957-97D8-73C6ACE0D514}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe
FirewallRules: [{1DFFB3ED-B4EF-423D-9F1B-8EAFF89386A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe
FirewallRules: [{802848D8-4719-401B-957D-5F4429A42998}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{6A3CF025-CBDC-45B3-827E-375EF0A24E08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{7D366F10-ED1A-4E95-90FE-53E1E78E3E73}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{519D1C13-EBE4-452F-A54C-359390757C6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{CAE475F6-34DF-433D-A607-A44620F17A56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{FBDD785F-AE5E-4A80-AE91-FAB8BF3481E6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{E90F7430-8330-48ED-A7A8-2B31A18F9F92}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6348B783-2B4C-484C-BB83-4A31586DABAC}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FF9C7F6B-C58E-4FB4-897D-9FCBE3C7B58C}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B0117A2E-2EC7-4F22-A292-0E9EF3C3EA5B}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9B1C6C9E-F85E-4305-92D1-B82D31AB1C37}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{16E14B08-9E63-401C-8106-44DF17D6F517}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{A254CEB6-7F57-4F5B-815B-CBE0B376B360}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{15C4A018-F9C8-4920-9DD9-41E732A536DA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{93530B40-F7F8-4673-9A39-3C0A4785BDBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85B192EF-23F1-4D7A-8B79-F175E276EA8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{782DF227-C230-4394-AE52-6BC12ED79DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD490B2E-6603-4F57-80AC-8B32A46D6B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7724A776-72CB-43C0-AB77-725C8CFA6FF6}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{857D1CBC-2297-46A5-A9EC-C8E9C64F39B5}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [TCP Query User{3D890B6B-C098-45BF-B0CB-994EA0924A8B}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [UDP Query User{548E0E4D-B0B3-4091-81BD-9F62BA1E496D}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [{83BD2FE1-1838-4BFF-BA4B-6C3B9AA02FC0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{38B7AE44-B970-4525-B439-0F1D6DF67815}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3CCB8C94-599E-4EC2-AE03-CB480A062217}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{B9272BE8-E732-48F9-8E52-D29CBB577567}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [TCP Query User{087F2CE9-4B88-4E24-BF3A-AAD5513ECBEF}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe
FirewallRules: [UDP Query User{FBADBFA1-70CF-4295-BDA1-58F2F4D45A73}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe
FirewallRules: [TCP Query User{5659484D-2477-4881-B1A6-3EA36BE1467C}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7443F57F-6C6D-4B79-AB68-8A31F40B0D46}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{8CAE3CF9-DC6A-4625-8C81-4F3DF424D88D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8EF54A42-A0D6-4264-85E7-95BEF4D9F30A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{F0728078-5C09-40F4-AF8C-97279CBAF06B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{615C2929-2C6B-4C17-840B-F94C0DB03646}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{B7771F36-2733-4AD5-B20F-D700150A3DF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
05-06-2018 15:30:41 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
05-06-2018 15:30:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
07-06-2018 18:50:42 Installed DirectX
 
==================== Faulty Device Manager Devices =============
 
Name: 690LC
Description: 690LC
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/07/2018 01:11:36 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (06/06/2018 02:23:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (06/05/2018 06:45:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obs64.exe, version: 0.0.0.0, time stamp: 0x59f0e828
Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f83ff
Exception code: 0xc0000409
Fault offset: 0x0000000000074a30
Faulting process ID: 0x23e8
Faulting application start time: 0x01d3fceb254a4461
Faulting application path: D:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Faulting module path: C:\Windows\SYSTEM32\MSVCR120.dll
Report ID: 2d8ec43f-68e8-11e8-82e6-d8cb8a318c74
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
 
System Error:
The system cannot find the file specified.
.
 
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
 
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
 
System Error:
The system cannot find the file specified.
.
 
 
System errors:
=============
Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/07/2018 02:29:52 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (06/07/2018 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (06/07/2018 01:31:55 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (06/07/2018 01:31:25 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (06/07/2018 12:52:18 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (06/07/2018 12:51:48 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
 
Windows Defender:
===================================
Date: 2018-06-07 13:33:34.511
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {E1E9627E-9B81-4485-9E04-F36C034C0793}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-07 12:52:53.570
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {A034E8E0-854F-402D-8094-A62F4F15FF67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-07 11:55:07.593
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {12E137EC-33E8-425C-88A6-8529A170699F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-06 02:24:51.012
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {05B6D9DD-AB67-4C2B-9794-FFEC9A446119}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-05 17:56:40.524
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {23D42202-8E83-45E2-9F92-3E6240085120}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-06-01 10:32:10.520
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2018-06-01 10:32:10.520
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2018-06-01 10:32:10.520
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2018-04-12 16:34:08.834
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.265.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14700.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2018-04-12 16:34:08.834
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.265.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.14700.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 16279.26 MB
Available physical RAM: 12134.22 MB
Total Virtual: 20887.26 MB
Available Virtual: 15866.49 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.37 GB) (Free:57.59 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:426.73 GB) NTFS
 
\\?\Volume{3fad585b-9665-4141-80f4-c6d4b5b1ed84}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

#3
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    93.17    0 K    4 K    0            
nvcontainer.exe    1.11    176,476 K    173,112 K    9724    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
ts3client_win64.exe    0.95    164,708 K    201,676 K    616    TeamSpeak 3 Client    TeamSpeak Systems GmbH    (Verified) TeamSpeak Systems GmbH
CorsairHID.exe    0.90    50,956 K    113,168 K    3656    Corsair Utility Engine    Corsair Components, Inc.    (Verified) Corsair Components
procexp64.exe    0.75    40,896 K    67,504 K    9800    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
Steam.exe    0.68    101,672 K    205,172 K    8488    Steam Client Bootstrapper    Valve Corporation    (Verified) Valve
Interrupts    0.47    0 K    0 K    n/a    Hardware Interrupts and DPCs        
MsMpEng.exe    0.28    191,984 K    270,912 K    4876    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
audiodg.exe    0.26    26,972 K    29,004 K    4176    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
dwm.exe    0.23    55,480 K    97,764 K    9492    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Discord.exe    0.21    127,488 K    279,260 K    6536    Discord    Discord Inc.    (Verified) Discord Inc.
System    0.19    764 K    1,372 K    4            
csrss.exe    0.12    3,176 K    56,016 K    9188    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
nordvpn-service.exe    0.11    39,324 K    149,364 K    2024    nordvpn-service        (Verified) Datasec Holding Ltd.
esrv_svc.exe    0.07    15,892 K    36,204 K    9996    Intel® System Usage Report        (Verified) Intel® Software Development Products
NVIDIA Share.exe    0.06    94,068 K    197,676 K    7248    NVIDIA Share    NVIDIA Corporation    (Verified) NVIDIA Corporation
Rainmeter.exe    0.05    7,132 K    71,976 K    6416    Rainmeter desktop customization tool    Rainmeter    (Verified) Open Source Developer
explorer.exe    0.05    105,956 K    302,348 K    8392    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
Discord.exe    0.05    34,688 K    140,428 K    3200    Discord    Discord Inc.    (Verified) Discord Inc.
LCore.exe    0.04    37,640 K    103,204 K    2828    Logitech Gaming Framework    Logitech Inc.    (Verified) Logitech Inc
chrome.exe    0.03    67,676 K    93,652 K    4512    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe    0.02    223,464 K    216,460 K    2432    Google Chrome    Google Inc.    (Verified) Google Inc
nvcontainer.exe    0.02    9,464 K    65,420 K    2160    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
nvcontainer.exe    0.02    34,144 K    57,164 K    8656    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
NVIDIA Web Helper.exe    0.02    35,448 K    64,716 K    6868    NVIDIA Web Helper Service    Node.js    (Verified) NVIDIA Corporation
chrome.exe    0.01    162,120 K    257,680 K    10404    Google Chrome    Google Inc.    (Verified) Google Inc
nvcontainer.exe    0.01    7,368 K    20,096 K    5788    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
chrome.exe    0.01    31,144 K    43,612 K    2392    Google Chrome    Google Inc.    (Verified) Google Inc
nvsphelper64.exe    0.01    2,484 K    10,180 K    7240    NVIDIA ShadowPlay Helper    NVIDIA Corporation    (Verified) NVIDIA Corporation
chrome.exe    0.01    99,068 K    142,600 K    236    Google Chrome    Google Inc.    (Verified) Google Inc
nvcontainer.exe    < 0.01    26,676 K    68,968 K    5820    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
steamwebhelper.exe    < 0.01    30,220 K    89,548 K    11204    Steam Client WebHelper    Valve Corporation    (Verified) Valve
NVDisplay.Container.exe    < 0.01    5,640 K    39,872 K    2228    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    22,688 K    56,920 K    996    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
NVIDIA Share.exe    < 0.01    46,580 K    153,536 K    4816    NVIDIA Share    NVIDIA Corporation    (Verified) NVIDIA Corporation
svchost.exe    < 0.01    34,592 K    122,208 K    376    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ProductAgentService.exe    < 0.01    6,420 K    35,512 K    4572    Bitdefender Agent    Bitdefender    (Verified) Bitdefender SRL
svchost.exe    < 0.01    5,664 K    31,228 K    880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AGMService.exe    < 0.01    1,976 K    31,072 K    1668    Adobe Genuine Software Service    Adobe Systems, Incorporated    (Verified) Adobe Systems Incorporated
SearchIndexer.exe    < 0.01    41,072 K    78,956 K    6060    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
bdparentalservice.exe    < 0.01    57,236 K    93,604 K    1744    Bitdefender Parental Service    Bitdefender    (Verified) Bitdefender SRL
TeamViewer_Service.exe    < 0.01    5,572 K    46,488 K    4848    TeamViewer 12    TeamViewer GmbH    (Verified) TeamViewer GmbH
SteamService.exe    < 0.01    7,312 K    12,652 K    3540    Steam Client Service    Valve Corporation    (Verified) Valve
SteelSeriesEngine3.exe    < 0.01    50,372 K    101,736 K    3440    SteelSeries Engine 3 Core    SteelSeries ApS    (Verified) SteelSeries ApS
svchost.exe    < 0.01    5,492 K    24,736 K    908    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    4,628 K    38,220 K    1068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe    < 0.01    1,088 K    4,352 K    9192    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
AdobeUpdateService.exe    < 0.01    1,124 K    23,452 K    1648    Adobe Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems Incorporated
lsass.exe    < 0.01    9,240 K    34,236 K    796    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
NVDisplay.Container.exe    < 0.01    31,432 K    98,356 K    9512    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
pcupdateservice.exe    < 0.01    2,124 K    27,976 K    1772    Bitdefender parental update service    Bitdefender    (Verified) Bitdefender SRL
GameScannerService.exe    < 0.01    23,324 K    112,032 K    4592    GameScannerService        (Verified) Razer USA Ltd.
bdparentalsystray.exe    < 0.01    2,472 K    8,444 K    3240    Bitdefender system tray app    Bitdefender    (Verified) Bitdefender SRL
bdmonitorapps.exe    < 0.01    1,664 K    6,732 K    5240    Bitdefender parental plugin    Bitdefender    (Verified) Bitdefender SRL
MBAMService.exe    < 0.01    20,980 K    103,384 K    4968    Malwarebytes Service    Malwarebytes    (Verified) Malwarebytes Corporation
WmiPrvSE.exe        18,440 K    24,020 K    9000    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1,340 K    16,188 K    9900    Windows Log-on Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,132 K    10,380 K    680    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows
usb3Monitor.exe        1,508 K    29,896 K    3228    usbmonitor    VIA Technologies, Inc.    (No signature was present in the subject) VIA Technologies, Inc.
taskhostex.exe        4,972 K    43,892 K    3272    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
taskhost.exe        15,836 K    91,432 K    3988    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        24,900 K    69,308 K    1512    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,520 K    56,508 K    1348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,580 K    96,624 K    580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,344 K    56,588 K    6044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,192 K    42,252 K    932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,420 K    98,260 K    1796    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,468 K    29,440 K    4720    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,436 K    17,204 K    6192    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SurSvc.exe        42,608 K    139,684 K    4740    Intel® System Usage Report        (Verified) Intel® Software Development Products
steamwebhelper.exe        21,204 K    33,476 K    9204    Steam Client WebHelper    Valve Corporation    (Verified) Valve
steamwebhelper.exe        17,092 K    19,868 K    9956    Steam Client WebHelper    Valve Corporation    (Verified) Valve
steamwebhelper.exe        10,140 K    13,348 K    7736    Steam Client WebHelper    Valve Corporation    (Verified) Valve
SpotifyWebHelper.exe        1,404 K    25,004 K    5924    SpotifyWebHelper    Spotify Ltd    (Verified) Spotify AB
spoolsv.exe        4,648 K    32,620 K    1444    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        284 K    1,740 K    396    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sldworks_fs.exe        21,204 K    262,316 K    8288    SldWorks_fs    Dassault Systèmes SolidWorks Corp.    (Verified) Dassault Systemes SolidWorks Corp.
services.exe        4,916 K    14,708 K    788    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SbieSvc.exe        2,908 K    17,260 K    1104    Sandboxie Service    Sandboxie Holdings, LLC    (Verified) Invincea
rundll32.exe        1,248 K    4,988 K    4544    Windows host process (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
rundll32.exe        3,692 K    5,944 K    8756    Windows host process (Rundll32)    Microsoft Corporation    (Verified) Microsoft Windows
RtkNGUI64.exe        4,336 K    51,460 K    3828    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
procexp.exe        2,320 K    7,736 K    12100    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
NvTelemetryContainer.exe        9,332 K    36,364 K    2252    NVIDIA Container    NVIDIA Corporation    (Verified) NVIDIA Corporation
NVIDIA Share.exe        9,240 K    126,660 K    4188    NVIDIA Share    NVIDIA Corporation    (Verified) NVIDIA Corporation
NisSrv.exe        13,836 K    27,888 K    6000    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
mbamtray.exe        17,116 K    67,308 K    7180    Malwarebytes Tray Application    Malwarebytes    (Verified) Malwarebytes Corporation
LogiRegistryService.exe        1,048 K    16,616 K    1964    Logitech Surround Sound Service    Logitech Inc.    (Verified) Logitech Inc
LMS.exe        3,624 K    32,564 K    984    Intel® Local Management Service    Intel Corporation    (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
Lightshot.exe        8,544 K    64,012 K    200    Lightshot    Skillbrains    (Verified) OOO Lightshot
jusched.exe        1,308 K    32,732 K    2288    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America
jhi_service.exe        1,020 K    15,508 K    10228    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
isa.exe        9,460 K    70,828 K    9484    Intel® Security Assist    Intel Corporation    (No signature was present in the subject) Intel Corporation
IPROSetMonitor.exe        1,284 K    19,504 K    1840    Intel® PROSet Monitoring Service    Intel Corporation    (Verified) Intel® Network Platform Group
GyStation.exe        1,396 K    30,724 K    11104    Gyazo Station    Nota Inc.    (Verified) Nota Inc.
esrv.exe        6,380 K    25,476 K    9296    Intel® System Usage Report        (Verified) Intel® Software Development Products
dllhost.exe        1,572 K    5,804 K    11612    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
Discord.exe        42,428 K    152,648 K    8116    Discord    Discord Inc.    (Verified) Discord Inc.
dasHost.exe        880 K    11,808 K    1848    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        2,084 K    10,460 K    600    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
conhost.exe        1,208 K    17,636 K    2412    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        828 K    12,460 K    11040    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
chrome.exe        299,976 K    221,724 K    3788    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        48,168 K    62,372 K    8588    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        33,700 K    46,440 K    11524    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        33,728 K    46,344 K    10356    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        66,704 K    76,324 K    9632    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        12,988 K    20,196 K    964    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        72,216 K    82,532 K    8096    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        28,132 K    44,676 K    8160    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        27,572 K    39,500 K    5420    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        33,584 K    43,380 K    10832    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        2,372 K    7,800 K    8252    Google Chrome    Google Inc.    (Verified) Google Inc
chrome.exe        2,176 K    7,872 K    4348    Google Chrome    Google Inc.    (Verified) Google Inc
AGSService.exe        1,740 K    29,436 K    1720    Adobe Genuine Software Integrity Service    Adobe Systems, Incorporated    (Verified) Adobe Systems Incorporated


junk.txt:
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       396 N/A                                         
csrss.exe                      600 N/A                                         
wininit.exe                    680 N/A                                         
services.exe                   788 N/A                                         
lsass.exe                      796 SamSs                                       
svchost.exe                    880 BrokerInfrastructure, DcomLaunch, LSM,      
                                   PlugPlay, Power, SystemEventsBroker         
svchost.exe                    908 RpcEptMapper, RpcSs                         
svchost.exe                    996 Dhcp, EventLog, lmhosts, Wcmsvc, wscsvc     
svchost.exe                    376 AeLookupSvc, Appinfo, BITS, gpsvc, IKEEXT,  
                                   iphlpsvc, LanmanServer, MMCSS, ProfSvc,     
                                   Schedule, SENS, ShellHWDetection, Themes,   
                                   Winmgmt                                     
svchost.exe                    580 EventSystem, FontCache, netprofm, nsi,      
                                   WdiServiceHost, WinHttpAutoProxySvc         
svchost.exe                    932 AudioEndpointBuilder,                       
                                   DeviceAssociationService, hidserv,          
                                   NcbService, PcaSvc, SysMain, TrkWks,        
                                   WdiSystemHost, wudfsvc                      
svchost.exe                   1068 Audiosrv                                    
SbieSvc.exe                   1104 SbieSvc                                     
svchost.exe                   1348 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
spoolsv.exe                   1444 Spooler                                     
svchost.exe                   1512 BFE, DPS, MpsSvc                            
AdobeUpdateService.exe        1648 AdobeUpdateService                          
AGMService.exe                1668 AGMService                                  
AGSService.exe                1720 AGSService                                  
bdparentalservice.exe         1744 BdParental                                  
pcupdateservice.exe           1772 BdParentalUpdate                            
svchost.exe                   1796 DiagTrack                                   
IPROSetMonitor.exe            1840 Intel® PROSet Monitoring Service          
dasHost.exe                   1848 N/A                                         
LogiRegistryService.exe       1964 LogiRegistryService                         
nordvpn-service.exe           2024 nordvpn-service                             
nvcontainer.exe               2160 NvContainerLocalSystem                      
NVDisplay.Container.exe       2228 NVDisplay.ContainerLocalSystem              
NvTelemetryContainer.exe      2252 NvTelemetryContainer                        
audiodg.exe                   4176 N/A                                         
ProductAgentService.exe       4572 ProductAgentService                         
GameScannerService.exe        4592 Razer Game Scanner Service                  
svchost.exe                   4720 stisvc                                      
SurSvc.exe                    4740 SystemUsageReportSvc_WILLAMETTE             
TeamViewer_Service.exe        4848 TeamViewer                                  
MsMpEng.exe                   4876 WinDefend                                   
MBAMService.exe               4968 MBAMService                                 
NisSrv.exe                    6000 WdNisSvc                                    
svchost.exe                   6044 QWAVE, SSDPSRV, TimeBroker                  
SearchIndexer.exe             6060 WSearch                                     
svchost.exe                   6192 PolicyAgent                                 
esrv_svc.exe                  9996 ESRV_SVC_WILLAMETTE                         
jhi_service.exe              10228 jhi_service                                 
LMS.exe                        984 LMS                                         
taskhost.exe                  3988 N/A                                         
isa.exe                       9484 Intel® Security Assist                    
csrss.exe                     9188 N/A                                         
winlogon.exe                  9900 N/A                                         
dwm.exe                       9492 N/A                                         
NVDisplay.Container.exe       9512 N/A                                         
nvcontainer.exe               9724 N/A                                         
nvcontainer.exe               5820 N/A                                         
bdmonitorapps.exe             5240 N/A                                         
taskhostex.exe                3272 N/A                                         
mbamtray.exe                  7180 N/A                                         
conhost.exe                   9192 N/A                                         
explorer.exe                  8392 N/A                                         
NVIDIA Web Helper.exe         6868 N/A                                         
conhost.exe                  11040 N/A                                         
bdparentalsystray.exe         3240 N/A                                         
usb3Monitor.exe               3228 N/A                                         
RtkNGUI64.exe                 3828 N/A                                         
LCore.exe                     2828 N/A                                         
nvsphelper64.exe              7240 N/A                                         
NVIDIA Share.exe              7248 N/A                                         
nvcontainer.exe               5788 NvContainerNetworkService                   
nvcontainer.exe               8656 N/A                                         
Steam.exe                     8488 N/A                                         
NVIDIA Share.exe              4188 N/A                                         
NVIDIA Share.exe              4816 N/A                                         
Discord.exe                   3200 N/A                                         
rundll32.exe                  4544 N/A                                         
rundll32.exe                  8756 N/A                                         
Discord.exe                   8116 N/A                                         
GyStation.exe                11104 N/A                                         
SpotifyWebHelper.exe          5924 N/A                                         
CorsairHID.exe                3656 N/A                                         
sldworks_fs.exe               8288 N/A                                         
SteelSeriesEngine3.exe        3440 N/A                                         
Lightshot.exe                  200 N/A                                         
Discord.exe                   6536 N/A                                         
jusched.exe                   2288 N/A                                         
Rainmeter.exe                 6416 N/A                                         
esrv.exe                      9296 N/A                                         
conhost.exe                   2412 N/A                                         
steamwebhelper.exe           11204 N/A                                         
steamwebhelper.exe            7736 N/A                                         
SteamService.exe              3540 Steam Client Service                        
steamwebhelper.exe            9956 N/A                                         
chrome.exe                   10404 N/A                                         
chrome.exe                    8252 N/A                                         
chrome.exe                    4348 N/A                                         
chrome.exe                    3788 N/A                                         
chrome.exe                    5420 N/A                                         
chrome.exe                    8096 N/A                                         
chrome.exe                    9632 N/A                                         
chrome.exe                    8160 N/A                                         
chrome.exe                   10832 N/A                                         
chrome.exe                     236 N/A                                         
ts3client_win64.exe            616 N/A                                         
chrome.exe                    2432 N/A                                         
steamwebhelper.exe            9204 N/A                                         
chrome.exe                   10356 N/A                                         
WmiPrvSE.exe                  9000 N/A                                         
chrome.exe                    4512 N/A                                         
chrome.exe                   11524 N/A                                         
chrome.exe                    2392 N/A                                         
chrome.exe                    8588 N/A                                         
SearchProtocolHost.exe        2644 N/A                                         
SearchFilterHost.exe          2896 N/A                                         
chrome.exe                    8132 N/A                                         
cmd.exe                       8040 N/A                                         
conhost.exe                   3576 N/A                                         
tasklist.exe                 11944 N/A                                         
WmiPrvSE.exe                  7676 N/A                                         

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

Let's try Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.51

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.


  • 0

#5
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts. 
LatencyMon has been analyzing your system for  0:00:32  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        BETRAYED
OS version:                                           Windows 8.1 , 6.3, build: 9600 (x64)
Hardware:                                             MS-7885, MSI, X99S SLI PLUS (MS-7885)
CPU:                                                  GenuineIntel Intel® Core™ i7-5820K CPU @ 3.30GHz
Logical processors:                                   12
Processor groups:                                     1
RAM:                                                  16279 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   330 MHz
Measured CPU speed:                                   1 MHz (approx.)
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
WARNING: the CPU speed that was measured is only a fraction of the CPU speed reported. Your CPUs may be throttled back due to variable speed settings and thermal issues. It is suggested that you run a utility which reports your actual CPU frequency and temperature. 
 
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   642.637626
Average measured interrupt to process latency (µs):   10.494098
 
Highest measured interrupt to DPC latency (µs):       624.640048
Average measured interrupt to DPC latency (µs):       1.679532
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              696.272424
Driver with highest ISR routine execution time:       dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.072530
Driver with highest ISR total time:                   dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.081938
 
ISR count (execution time <250 µs):                   20522
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                1
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              333.926667
Driver with highest DPC routine execution time:       nvlddmkm.sys - NVIDIA Windows Kernel Mode Driver, Version 397.93 , NVIDIA Corporation
 
Highest reported total DPC routine time (%):          0.040474
Driver with highest DPC total execution time:         Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in DPCs (%)                          0.147979
 
DPC count (execution time <250 µs):                   124966
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                11
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 nvcontainer.exe
 
Total number of hard pagefaults                       68
Hard pagefault count of hardest hit process:          55
Highest hard pagefault resolution time (µs):          2386.456667
Total time spent in hard pagefaults (%):              0.00410
Number of processes hit:                              4
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.627774
CPU 0 ISR highest execution time (µs):                0.0
CPU 0 ISR total execution time (s):                   0.0
CPU 0 ISR count:                                      0
CPU 0 DPC highest execution time (µs):                153.946667
CPU 0 DPC total execution time (s):                   0.135134
CPU 0 DPC count:                                      82547
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.364162
CPU 1 ISR highest execution time (µs):                23.830
CPU 1 ISR total execution time (s):                   0.014312
CPU 1 ISR count:                                      3427
CPU 1 DPC highest execution time (µs):                50.876667
CPU 1 DPC total execution time (s):                   0.010134
CPU 1 DPC count:                                      3920
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.630195
CPU 2 ISR highest execution time (µs):                16.568788
CPU 2 ISR total execution time (s):                   0.014338
CPU 2 ISR count:                                      6611
CPU 2 DPC highest execution time (µs):                104.846667
CPU 2 DPC total execution time (s):                   0.162486
CPU 2 DPC count:                                      10096
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.354294
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                48.650
CPU 3 DPC total execution time (s):                   0.004616
CPU 3 DPC count:                                      697
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       0.395805
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                44.470
CPU 4 DPC total execution time (s):                   0.007034
CPU 4 DPC count:                                      1699
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       0.345665
CPU 5 ISR highest execution time (µs):                7.886667
CPU 5 ISR total execution time (s):                   0.000352
CPU 5 ISR count:                                      217
CPU 5 DPC highest execution time (µs):                66.920
CPU 5 DPC total execution time (s):                   0.006590
CPU 5 DPC count:                                      466
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       0.383023
CPU 6 ISR highest execution time (µs):                19.433636
CPU 6 ISR total execution time (s):                   0.007180
CPU 6 ISR count:                                      925
CPU 6 DPC highest execution time (µs):                76.346667
CPU 6 DPC total execution time (s):                   0.008827
CPU 6 DPC count:                                      2085
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       0.321731
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                56.545455
CPU 7 DPC total execution time (s):                   0.003011
CPU 7 DPC count:                                      513
_________________________________________________________________________________________________________
CPU 8 Interrupt cycle time (s):                       0.377540
CPU 8 ISR highest execution time (µs):                0.0
CPU 8 ISR total execution time (s):                   0.0
CPU 8 ISR count:                                      0
CPU 8 DPC highest execution time (µs):                94.333333
CPU 8 DPC total execution time (s):                   0.008476
CPU 8 DPC count:                                      1851
_________________________________________________________________________________________________________
CPU 9 Interrupt cycle time (s):                       0.368777
CPU 9 ISR highest execution time (µs):                0.0
CPU 9 ISR total execution time (s):                   0.0
CPU 9 ISR count:                                      0
CPU 9 DPC highest execution time (µs):                42.550
CPU 9 DPC total execution time (s):                   0.001155
CPU 9 DPC count:                                      257
_________________________________________________________________________________________________________
CPU 10 Interrupt cycle time (s):                       0.896670
CPU 10 ISR highest execution time (µs):                696.272424
CPU 10 ISR total execution time (s):                   0.278922
CPU 10 ISR count:                                      9343
CPU 10 DPC highest execution time (µs):                333.926667
CPU 10 DPC total execution time (s):                   0.220051
CPU 10 DPC count:                                      20613
_________________________________________________________________________________________________________
CPU 11 Interrupt cycle time (s):                       0.393864
CPU 11 ISR highest execution time (µs):                0.0
CPU 11 ISR total execution time (s):                   0.0
CPU 11 ISR count:                                      0
CPU 11 DPC highest execution time (µs):                47.125152
CPU 11 DPC total execution time (s):                   0.001560
CPU 11 DPC count:                                      233
_________________________________________________________________________________________________________

  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

Uninstall:

 

NVIDIA GeForce Experience 3.13.1.30

 

then run Latency Monitor again


  • 0

#7
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 109 posts

Uninstall:

 

NVIDIA GeForce Experience 3.13.1.30

 

then run Latency Monitor again

Are we able to avoid this step as I only recently got this program to work with recordings and I feel like uninstalling it would mess it up again.


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

Afraid not.  It appears to be causing part of the problem.

 

Process with highest pagefault count:                 nvcontainer.exe
 
Total number of hard pagefaults                       68
Hard pagefault count of hardest hit process:          55
Highest hard pagefault resolution time (µs):          2386.456667
Total time spent in hard pagefaults (%):              0.00410
Number of processes hit:                              4

 

 

nvcontainer.exe is part of NVIDIA GeForce Experience 3.13.1.30.  Pagefaults slow your PC down.  Only alternative would be to add RAM or find a better version.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP