Random FPS Issues. Any Ideas?

Welcome to PCHF Lets get some info from your machine, to get things rolling.

Step 1: Reset Host File

[ul]
[li]Click here to download RstHosts v2.0[/li][li]Save the file to your desktop.[/li][li]Right Click and Run as Administrator.[/li][li]Click on Restaurer, then click OK at the prompt.[/li][li]This will restore the default host file.[/li][li]Next Click on Creer Un Rapport.[/li][li]This will open a logfile, post that in your next reply.[/li][/ul]

Step 2: MiniToolBox Scan

Please download MINITOOLBOX and run it.

Checkmark following boxes:

Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)

Click Go post the result.

Step 3: Autoruns Scan.

Download Autoruns and Autorunsc Unzip it to your desktop and then double click autoruns.exe
After the scan is finished then click on File>>>>>>>>>>>Save
The default name will be autoruns.arn make sure to save it as Autoruns.txt under the file type option.
in other words make sure it is a .txt file instead of .arn Attach the text in your next reply.

Step 4: HijackThis.

1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.

Step 5: JRT Scan.

Please download Junkware Removal Tool and save it on your desktop.

[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]
Step 6: Adware Cleaner Scan.

Please download AdwCleaner by Xplode onto your desktop.

[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]

Plenty of system information is already provided via the Speccy link, which shows absolutely every little detail about my PC. I do not need more PC problems by installing 6 potentially harmful programs.

@ConcernedCitizen
These program will not harm your machine. They do not even run unless you run them, they are all portable and can be deleted after this thread.

Have a look at this thread where they were used. I have a system that I have used on hundreds of machines. If you follow through you will certainly be happy.

There is a method to the madness. Also, if I tell you to do anything with out knowing what is gong on, I am certainly just guessing.

Edit: If any of these programs set your antivirus off it is just a false positive. Your choice I can suggest some things, but it would be nice to see exactly what I am doing rather than shooting n the dark.

Anyhow since you are Concerned about the programs…

Reset Internet Settings.

Download and unzip internet Flush.zip to your desktop right click it run as Administrator. Reboot the machine to apply the settings.

Hit enter after each command below.

1. Open Start and type cmd, then right-click Command Prompt and choose Run as Administrator
2. Once Command Prompt has started enter the following command. nbtstat -r
3. Wait for that command to complete, a new line will appear, now enter the following command. nbtstat -rr
   4 Wait for that command to complete, a new line will appear, now enter the following command. Shutdown -r
   

Disable useless items.

Download easy service optmizer, save it to your desktop and unzip it there. Right click it and run as admin, then select tweaked at the bottom. Then click on the rocket, this will turn off a lot of useless items.

https://i.imgur.com/tnkjYlk.png

You will however need to change one setting. Right Click on Wlansvc — WLAN AutoConfig, then select start service, the edit service. Make sure it is automatic across the board, as per the picture.

[MEDIA=imgur]PO7tPc7[/MEDIA]


Disable Computer Browser Service.

1. Press the Windows + R key at the same time, a Run Window will appear
2. Type or copy and paste Services.msc hit enter.
3. Scroll to the Computer Browser Service
4. Right-Click Computer Browser Service and choose Stop the service.
5. Right Click Computer Browser Service again select Properties.
6. Change the Startup type to disabled.

[MEDIA=imgur]Uh8lcOJ[/MEDIA]
7. Hit Apply then Ok.

Repeat the same above to disable the Iphelper Service. Also the DNS Client Service.

Disable net bios over tcpip.

Windows key & r at the same time.
Type or copy and paste ncpa.cpl hit enter.
Right click your connection hit properties.
Select internet protocol version 4 then properties.
Select Advanced, then Wins tab.
Put a tick next to Disable Net Bios over TCPIP.

Clean up temp files and reduce startup load with CCleaner.

[ul]
[li]Download CCleaner from here.[/li][li]After install Click Options.[/li][li]Go to monitoring.[/li][li]Uncheck All Monitoring items.[/li][li]Go to advanced – Click close program after cleaning.[/li][li]Go to settings – click run ccleaner when the computer starts.[/li][li]Now that you have ccleaner installed and set-up:[/li][li]Open the program.[/li][li]Go to Tools[/li][li]Go to Startup[/li][li]Now double click each item. To Disable.[/li][li]Leave only your antivirus enabled.[/li][li]Then disable All items in your scheduled task as well.[/li][li]Unless they are related to windows defender.Or your antivirus.[/li][li]Reboot the machine.[/li][/ul]

Changing some settings.

Follow the steps here to stop your machine from communicating with other devices on your network. Click Here for instructions.
Also, go ahead and run this tool, it stops the machine from doing other things that chew bandwidth The tool is designed to stop all the telemetry.
Please report back if these steps have helped. If the issue still persist then please run the programs and post the logs.

I do appreciate your help but that thread was for ping issues. I have NBN so ping is not my issue. It is my frames that are causing the problem.

I understand what you are saying. I would be really surprised if you followed the above instructions and did not see an increase in performance. I have ran this on many many many machines with positives results each and every time.

Once you have completed the above steps.

I think it is a good idea to go ahead and do a clean install of your NVIDIA GeForce GTX 1070 driver.

We have an in house guide on doing just that, click here to see the guide.

Reset Host File-
-|x| RstHosts v2.0 - Rapport créé le 06/01/2017 à 19:25:24
-|x| Système d’exploitation : Windows 10 Home (64 bits)
-|x| Nom d’utilisateur : adria - ADRIAN (Administrateur)

-|x|- Informations -|x|-

Emplacement : C:\Windows\System32\drivers\etc\hosts
Attribut(s) : RASH
Propriétaire : Administrators - BUILTIN
Taille : 89 bytes
Date de création : 16/07/2016 - 22:17:54
Date de modification : 06/01/2017 - 19:25:23
Date de dernier accès : 06/01/2017 - 19:25:23

-|x|- Contenu du fichier -|x|-
[HEADING=1]Fichier Hosts créé par RstHosts[/HEADING]
127.0.0.1 localhost
::1 localhost

-|x|- E.O.F - C:\RstHosts.txt - 601 bytes -|x|-

MiniToolBox File -
MiniToolBox by Farbar Version: 17-06-2016
Ran by adria (administrator) on 06-01-2017 at 19:27:41
Running from “C:\Users\adria\Downloads”
Microsoft Windows 10 Home (X64)
Model: H97M-D3H Manufacturer: Gigabyte Technology Co., Ltd.
Boot Mode: Normal

---

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

“Reset IE Proxy Settings”: IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

“Reset FF Proxy Settings”: Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Ethernet (Connected)
[HEADING=1]----------------------------------[/HEADING]
[HEADING=1]IPv4 Configuration[/HEADING]
[HEADING=1]----------------------------------[/HEADING]
pushd interface ipv4

reset
set global
set interface interface=“Ethernet” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Local Area Connection* 1” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface=“Ethernet 2” forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
[HEADING=1]End of IPv4 configuration[/HEADING]
Windows IP Configuration

Host Name . . . . . . . . . . . . : Adrian
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : FC-AA-14-8F-36-68
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::78ac:70e7:6ad8:d691%3(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, January 6, 2017 5:49:59 PM
Lease Expires . . . . . . . . . . : Saturday, January 7, 2017 5:49:59 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 50113044
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-90-E5-0C-FC-AA-14-8F-36-68
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{49BF4392-6050-4289-A841-E9BB0BEA415E}:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:3c26:55a:2d46:a1d8(Preferred)
Link-local IPv6 Address . . . . . : fe80::3c26:55a:2d46:a1d8%4(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 301989888
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-90-E5-0C-FC-AA-14-8F-36-68
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: 192-168-1-1.tpgi.com.au
Address: 192.168.1.1

Name: google.com
Addresses: 2404:6800:4006:806::200e
216.58.199.78

Pinging google.com [216.58.199.78] with 32 bytes of data:
Reply from 216.58.199.78: bytes=32 time=30ms TTL=55
Reply from 216.58.199.78: bytes=32 time=34ms TTL=55

Ping statistics for 216.58.199.78:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 30ms, Maximum = 34ms, Average = 32ms
Server: 192-168-1-1.tpgi.com.au
Address: 192.168.1.1

Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
98.139.183.24
98.138.253.109
206.190.36.45

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=241ms TTL=49
Reply from 98.139.183.24: bytes=32 time=241ms TTL=49

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 241ms, Maximum = 241ms, Average = 241ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
[HEADING=1]Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms[/HEADING]
[HEADING=1]Interface List
3…fc aa 14 8f 36 68 …Realtek PCIe GBE Family Controller
1…Software Loopback Interface 1
13…00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
4…00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface[/HEADING]
[HEADING=1]IPv4 Route Table[/HEADING]
[HEADING=1]Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 35
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
192.168.1.0 255.255.255.0 On-link 192.168.1.2 291
192.168.1.2 255.255.255.255 On-link 192.168.1.2 291
192.168.1.255 255.255.255.255 On-link 192.168.1.2 291
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 192.168.1.2 291
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 192.168.1.2 291[/HEADING]
Persistent Routes:
None
[HEADING=1]IPv6 Route Table[/HEADING]
[HEADING=1]Active Routes:
If Metric Network Destination Gateway
4 331 ::/0 On-link
1 331 ::1/128 On-link
4 331 2001::/32 On-link
4 331 2001:0:4137:9e76:3c26:55a:2d46:a1d8/128
On-link
3 291 fe80::/64 On-link
4 331 fe80::/64 On-link
4 331 fe80::3c26:55a:2d46:a1d8/128
On-link
3 291 fe80::78ac:70e7:6ad8:d691/128
On-link
1 331 ff00::/8 On-link
3 291 ff00::/8 On-link
4 331 ff00::/8 On-link[/HEADING]
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWoW64\napinsp.dll [55808] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWoW64\pnrpnsp.dll [70656] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWoW64\NLAapi.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWoW64\winrnr.dll [24064] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWoW64\mswsock.dll [306016] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [80896] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [31744] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [357216] (Microsoft Corporation)

========================= Event log errors: ===============================
[HEADING=1]Application errors:[/HEADING]
Error: (01/06/2017 06:35:49 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/06/2017 06:35:16 PM) (Source: Application Hang) (User: )
Description: The program spsetup130.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ef0

Start Time: 01d267f39171a06e

Termination Time: 4294967295

Application Path: C:\Users\adria\Downloads\spsetup130.exe

Report Id: dace4fd2-d3e6-11e6-bb2e-fcaa148f3668

Faulting package full name:

Faulting package-relative application ID:

Error: (01/06/2017 05:52:04 PM) (Source: Microsoft-Windows-EFS) (User: ADRIAN)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (01/06/2017 12:21:24 PM) (Source: Microsoft-Windows-EFS) (User: ADRIAN)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (01/05/2017 07:28:03 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 50.1.0.6186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 13fc

Start Time: 01d2672fae95734f

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: 0fb8eb12-d325-11e6-bb2d-fcaa148f3668

Faulting package full name:

Faulting package-relative application ID:

Error: (01/05/2017 07:12:42 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 50.1.0.6186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 3e4

Start Time: 01d2672b58e554cd

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: eb0829e9-d322-11e6-bb2d-fcaa148f3668

Faulting package full name:

Faulting package-relative application ID:

Error: (01/05/2017 06:22:37 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 50.1.0.6186 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 1ae4

Start Time: 01d26727a677e3c7

Termination Time: 4294967295

Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Report Id: ec09a6c0-d31b-11e6-bb2d-fcaa148f3668

Faulting package full name:

Faulting package-relative application ID:

Error: (01/05/2017 11:07:36 AM) (Source: Microsoft-Windows-EFS) (User: ADRIAN)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (01/04/2017 01:34:50 PM) (Source: Microsoft-Windows-EFS) (User: ADRIAN)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.

Error: (01/04/2017 12:26:15 AM) (Source: Microsoft-Windows-EFS) (User: ADRIAN)
Description: 7.488: EFS service failed to provision a user for EDP. Error code: 0x80070005.
[HEADING=1]System errors:[/HEADING]
Error: (01/06/2017 06:19:44 PM) (Source: DCOM) (User: ADRIAN)
Description: {21F282D1-A881-49E1-9A3A-26E44E39B86C}

Error: (01/06/2017 05:52:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: FarmVille 2: Country Escape.

Error: (01/06/2017 05:50:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/06/2017 12:22:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: FarmVille 2: Country Escape.

Error: (01/06/2017 12:21:24 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/05/2017 11:10:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: FarmVille 2: Country Escape.

Error: (01/05/2017 11:07:36 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (01/04/2017 09:04:52 PM) (Source: DCOM) (User: ADRIAN)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (01/04/2017 01:35:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070003: FarmVille 2: Country Escape.

Error: (01/04/2017 01:34:50 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
[HEADING=1]Microsoft Office Sessions:[/HEADING]
Error: (01/06/2017 06:35:49 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (01/06/2017 06:35:16 PM) (Source: Application Hang)(User: )
Description: spsetup130.exe1.0.0.01ef001d267f39171a06e429496729 5C:\Users\adria\Downloads\spsetup130.exedace4fd2-d3e6-11e6-bb2e-fcaa148f3668

Error: (01/06/2017 05:52:04 PM) (Source: Microsoft-Windows-EFS)(User: ADRIAN)
Description: 74880x80070005

Error: (01/06/2017 12:21:24 PM) (Source: Microsoft-Windows-EFS)(User: ADRIAN)
Description: 74880x80070005

Error: (01/05/2017 07:28:03 PM) (Source: Application Hang)(User: )
Description: firefox.exe50.1.0.618613fc01d2672fae95734f42949672 95C:\Program Files (x86)\Mozilla Firefox\firefox.exe0fb8eb12-d325-11e6-bb2d-fcaa148f3668

Error: (01/05/2017 07:12:42 PM) (Source: Application Hang)(User: )
Description: firefox.exe50.1.0.61863e401d2672b58e554cd429496729 5C:\Program Files (x86)\Mozilla Firefox\firefox.exeeb0829e9-d322-11e6-bb2d-fcaa148f3668

Error: (01/05/2017 06:22:37 PM) (Source: Application Hang)(User: )
Description: firefox.exe50.1.0.61861ae401d26727a677e3c742949672 95C:\Program Files (x86)\Mozilla Firefox\firefox.exeec09a6c0-d31b-11e6-bb2d-fcaa148f3668

Error: (01/05/2017 11:07:36 AM) (Source: Microsoft-Windows-EFS)(User: ADRIAN)
Description: 74880x80070005

Error: (01/04/2017 01:34:50 PM) (Source: Microsoft-Windows-EFS)(User: ADRIAN)
Description: 74880x80070005

Error: (01/04/2017 12:26:15 AM) (Source: Microsoft-Windows-EFS)(User: ADRIAN)
Description: 74880x80070005
[HEADING=1]CodeIntegrity Errors:[/HEADING]
Date: 2016-12-19 18:53:29.748
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-12-19 12:10:16.085
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-12-01 12:48:05.362
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-11-26 12:50:49.258
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-11-11 17:35:09.841
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-11-11 17:34:51.416
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-11-05 11:44:42.605
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-11-03 12:49:58.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

Date: 2016-10-23 19:16:21.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Micros oft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.ex e) attempted to load \Device\HarddiskVolume4\Windows\System32\nvspcap64 .dll that did not meet the Store signing level requirements.

=========================== Installed Programs ============================

. . . (HKLM...{DCAFF63A-A26F-4809-A00D-27AD6733ACB3}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32...{C7B0C705-9987-44A2-B495-4101DAEDBFE0}) (Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKCU...\uTorrent) (Version: 3.4.9.42923 - BitTorrent Inc.)
7-Zip 16.02 (x64) (HKLM...\7-Zip) (Version: 16.02 - Igor Pavlov)
7-Zip 16.04 (x64 edition) (HKLM...{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
Action! (HKLM-x32...\Mirillis Action!) (Version: 1.31.3 - Mirillis)
Adobe Flash Player 24 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32...{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Ansel (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 372.90 - NVIDIA Corporation) Hidden
ARK: Survival Of The Fittest (HKLM...\Steam App 407530) (Version: - Studio Wildcard)
ASTRONEER (HKLM...\Steam App 361420) (Version: - System Era Softworks)
Battle.net (HKLM-x32...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32...{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.47.30570 - Electronic Arts)
Call of Duty: Black Ops II - Multiplayer (HKLM...\Steam App 202990) (Version: - Treyarch)
Counter-Strike: Source (HKLM...\Steam App 240) (Version: - Valve)
CPUID CPU-Z 1.77 (HKLM...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.30 (HKLM...\CPUID HWMonitor_is1) (Version: - )
Curse (HKLM-x32...{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (HKLM-x32...{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKCU...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Epic Games Launcher (HKLM-x32...{BD314040-A603-48D1-92B1-5FFC6550E442}) (Version: 1.1.85.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM...{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Garry’s Mod (HKLM...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (HKLM-x32...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32...{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: “1.00.0000” - Rockstar Games)
Heroes of the Storm (HKLM-x32...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (HKLM-x32...{619e726e-d2b4-4e28-9568-c964fd81ee6c}) (Version: 10.1.1.14 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32...{66307462-7d19-4f1a-af82-aa04b6017f05}) (Version: 2.6.2.4 - Intel)
Java 8 Update 111 (HKLM-x32...{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Junk Jack (HKLM...\Steam App 414190) (Version: - Pixbits)
Launcher Prerequisites (x64) (HKLM-x32...{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Left 4 Dead 2 (HKLM...\Steam App 550) (Version: - Valve)
Microsoft Project Professional 2016 - en-us (HKLM...\ProjectProRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32...{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2016 - en-us (HKLM...\VisioProRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32...{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM...{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM...{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32...{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32...{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM...{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32...{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32...{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32...{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32...{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32...{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32...{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32...{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32...{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Word 2016 - en-us (HKLM...\WordRetail - en-us) (Version: 16.0.7571.2075 - Microsoft Corporation)
Minecraft (HKLM-x32...{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Miscreated (HKLM...\Steam App 299740) (Version: - Entrada Interactive LLC)
Movie Maker (HKLM-x32...{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32...{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.1.0 (x86 en-US) (HKLM-x32...\Mozilla Firefox 50.1.0 (x86 en-US)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32...\MozillaMaintenanceService) (Version: 50.1.0.6186 - Mozilla)
MpcStar 5.4 (HKLM-x32...\MpcStar) (Version: 5.4 - www.mpcstar.com)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 372.90 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 372.90 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.0 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.0 - NVIDIA Corporation)
NVIDIA Graphics Driver 372.90 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 372.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.15 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.15 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
OBS Studio (HKLM-x32...\OBS Studio) (Version: 0.16.5 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM...{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM...{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM...{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.7571.2075 - Microsoft Corporation) Hidden
Origin (HKLM-x32...\Origin) (Version: 10.3.5.6379 - Electronic Arts, Inc.)
Overwatch (HKLM-x32...\Overwatch) (Version: - Blizzard Entertainment)
PAYDAY 2 (HKLM...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS6 (HKLM-x32...{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Rockstar Games Social Club (HKLM-x32...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
Shadow Warrior 2 (HKLM...\Steam App 324800) (Version: - Flying Wild Hog)
SHIELD Streaming (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM...{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.0 - NVIDIA Corporation) Hidden
Skype™ 7.30 (HKLM-x32...{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Speccy (HKLM...\Speccy) (Version: 1.30 - Piriform)
Spotify (HKCU...\Spotify) (Version: 1.0.44.100.ga60c0ce1 - Spotify AB)
Steam (HKLM-x32...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stellar Overload (HKLM...\Steam App 397150) (Version: - Cubical Drift)
Team Fortress 2 (HKLM...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Tom Clancy’s The Division (HKLM-x32...\Uplay Install 568) (Version: - Ubisoft)
Uplay (HKLM-x32...\Uplay) (Version: 19.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.26.0 (HKLM...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Warframe (HKLM...\Steam App 230410) (Version: - Digital Extremes)
Windows Live Essentials (HKLM-x32...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
XSplit Broadcaster (HKLM-x32...{5C254CA3-2CC0-4171-9D46-0A80FE456977}) (Version: 2.8.1607.1952 - SplitmediaLabs)

========================= Devices: ================================

========================= Memory info: ===================================

Percentage of memory in use: 15%
Total physical RAM: 16311.98 MB
Available physical RAM: 13834.13 MB
Total Virtual: 18743.98 MB
Available Virtual: 15854.43 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:223.02 GB) (Free:164.34 GB) NTFS
2 Drive d: () (Fixed) (Total:1863 GB) (Free:1085.1 GB) NTFS

========================= Users: ========================================

User accounts for \ADRIAN

Administrator adria DefaultAccount
defaultuser0 Guest

**** End of log ****

Autoruns Scan -
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n” “” “” “” “12/19/2016 7:26 PM” “”

• “AdobeAAMUpdater-1.0” “Adobe Updater Startup Utility” “Adobe Systems Incorporated” “c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.e xe” “3/25/2012 9:19 AM” “”
• “NvBackend” “NVIDIA Backend” “NVIDIA Corporation” “c:\program files (x86)\nvidia corporation\update core\nvbackend.exe” “6/14/2016 9:09 PM” “”
• “ShadowPlay” “NVIDIA Capture Server Proxy” “NVIDIA Corporation” “c:\windows\system32\nvspcap64.dll” “6/14/2016 9:13 PM” “”
• “WindowsDefender” “Windows Defender notification icon” “Microsoft Corporation” “c:\program files\windows defender\msascuil.exe” “9/7/2016 3:20 PM” “”
  “HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Run” “” “” “” “12/19/2016 6:50 PM” “”
• “AdobeCS6ServiceManager” “Adobe CS6 Service Manager” “Adobe Systems Incorporated” “c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.ex e” “3/10/2012 1:55 AM” “”
• “SunJavaUpdateSched” “Java Update Scheduler” “Oracle Corporation” “c:\program files (x86)\common files\java\java update\jusched.exe” “9/23/2016 1:30 PM” “”
• “SwitchBoard” “SwitchBoard Server (32 bit)” “Adobe Systems Incorporated” “c:\program files (x86)\common files\adobe\switchboard\switchboard.exe” “2/20/2010 7:20 AM” “”
  “HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ru n” “” “” “” “12/20/2016 3:39 PM” “”
• “Spotify Web Helper” “SpotifyWebHelper” “Spotify Ltd” “c:\users\adria\appdata\roaming\spotify\spotifyweb helper.exe” “12/6/2016 11:27 PM” “”
  “HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components” “” “” “” “10/26/2016 11:43 AM” “”
• “Google Chrome” “Google Chrome Installer” “Google Inc.” “c:\program files (x86)\google\chrome\application\55.0.2883.87\insta ller\chrmstp.exe” “12/8/2016 5:34 PM” “”
• “Microsoft Windows” “Windows Mail” “Microsoft Corporation” “c:\program files\windows mail\winmail.exe” “7/16/2016 12:55 PM” “”
  “HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components” “” “” “” “10/26/2016 11:43 AM” “”
• “Microsoft Windows” “Windows Mail” “Microsoft Corporation” “c:\program files (x86)\windows mail\winmail.exe” “7/16/2016 12:11 PM” “”
  “HKLM\SOFTWARE\Classes\Protocols\Handler” “” “” “” “12/28/2016 11:49 AM” “”
• “mso-minsb-roaming.16” “Microsoft Office 2016 component” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msosb.dll” “12/4/2016 11:34 AM” “”
• “mso-minsb.16” “Microsoft Office 2016 component” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msosb.dll” “12/4/2016 11:34 AM” “”
• “osf-roaming.16” “Microsoft Office 2016 component” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msosb.dll” “12/4/2016 11:34 AM” “”
• “osf.16” “Microsoft Office 2016 component” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msosb.dll” “12/4/2016 11:34 AM” “”
  “HKLM\Software\Classes*\ShellEx\ContextMenuHandler s” “” “” “” “12/19/2016 6:50 PM” “”
• “7-Zip” “7-Zip Shell Extension” “Igor Pavlov” “c:\program files\7-zip\7-zip.dll” “10/5/2016 1:21 AM” “”
• “EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\windows defender\shellext.dll” “9/7/2016 3:20 PM” “”
  “HKLM\Software\Classes\Drive\ShellEx\ContextMenuHa ndlers” “” “” “” “12/19/2016 6:50 PM” “”
• “EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\windows defender\shellext.dll” “9/7/2016 3:20 PM” “”
  “HKLM\Software\Classes\Directory\ShellEx\ContextMe nuHandlers” “” “” “” “12/19/2016 6:50 PM” “”
• “7-Zip” “7-Zip Shell Extension” “Igor Pavlov” “c:\program files\7-zip\7-zip.dll” “10/5/2016 1:21 AM” “”
• “EPP” “Microsoft Security Client Shell Extension” “Microsoft Corporation” “c:\program files\windows defender\shellext.dll” “9/7/2016 3:20 PM” “”
  “HKLM\Software\Classes\Directory\Shellex\DragDropH andlers” “” “” “” “10/13/2016 9:21 PM” “”
• “7-Zip” “7-Zip Shell Extension” “Igor Pavlov” “c:\program files\7-zip\7-zip.dll” “10/5/2016 1:21 AM” “”
  “HKLM\Software\Classes\Directory\Background\ShellE x\ContextMenuHandlers” “” “” “” “12/19/2016 7:25 PM” “”
• “NvCplDesktopContext” “NVIDIA Display Shell Extension” “NVIDIA Corporation” “c:\windows\system32\nvshext.dll” “9/17/2016 9:16 AM” “”
  “HKLM\Software\Classes\Folder\ShellEx\ContextMenuH andlers” “” “” “” “12/19/2016 6:50 PM” “”
• “7-Zip” “7-Zip Shell Extension” “Igor Pavlov” “c:\program files\7-zip\7-zip.dll” “10/5/2016 1:21 AM” “”
  “HKLM\Software\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\ShellIconOverlayIdentifiers” “” “” “” “12/28/2016 11:49 AM” “”
• " SkyDrivePro1 (ErrorConflict)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll” “12/4/2016 10:54 AM” “”
• " SkyDrivePro2 (SyncInProgress)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll” “12/4/2016 10:54 AM” “”
• " SkyDrivePro3 (InSync)" “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll” “12/4/2016 10:54 AM” “”
  “HKLM\Software\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects” “” “” “” “12/28/2016 11:49 AM” “”
• “Java™ Plug-In 2 SSV Helper” “Java™ Platform SE binary” “Oracle Corporation” “c:\program files (x86)\java\jre1.8.0_111\bin\jp2ssv.dll” “9/23/2016 1:07 PM” “”
• “Java™ Plug-In SSV Helper” “Java™ Platform SE binary” “Oracle Corporation” “c:\program files (x86)\java\jre1.8.0_111\bin\ssv.dll” “9/23/2016 1:07 PM” “”
• “Lync Browser Helper” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll” “12/4/2016 11:01 AM” “”
• “Microsoft OneDrive for Business Browser Helper” “Microsoft OneDrive for Business Extensions” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\grooveex.dll” “12/4/2016 10:54 AM” “”
  “HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions” “” “” “” “12/28/2016 11:49 AM” “”
• “Lync Click to Call” “Skype for Business” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\ochelper.dll” “12/4/2016 11:01 AM” “”
• “OneNote Lin&ked Notes” “Microsoft OneNote Internet Explorer Add-in” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\onbttnielinkednotes.dll” “12/4/2016 11:06 AM” “”
• “Se&nd to OneNote” “Microsoft OneNote Internet Explorer Add-in” “Microsoft Corporation” “c:\program files\microsoft office\root\vfs\programfilesx86\microsoft office\office16\onbttnie.dll” “12/4/2016 10:59 AM” “”
  “Task Scheduler” “” “” “” “” “”
• “\Microsoft\Office\Office Automatic Updates” “Microsoft Office Click-to-Run Client (SxS)” “Microsoft Corporation” “c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe” “12/4/2016 8:07 PM” “”
• “\Microsoft\Office\Office ClickToRun Service Monitor” “Microsoft Office Click-to-Run Client (SxS)” “Microsoft Corporation” “c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe” “12/4/2016 8:07 PM” “”
• “\Microsoft\Office\OfficeTelemetryAgentFallBack201 6” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msoia.exe” “12/4/2016 11:31 AM” “”
• “\Microsoft\Office\OfficeTelemetryAgentLogOn2016” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msoia.exe” “12/4/2016 11:31 AM” “”
• “\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task” “Windows Live Social Object Extractor Engine” “Microsoft Corporation” “c:\program files (x86)\windows live\soxe\wlsoxe.dll” “4/1/2014 2:58 PM” “”
• “\Microsoft\Windows\NetTrace\GatherNetworkInfo” “” “” “c:\windows\system32\gathernetworkinfo.vbs” “7/16/2016 10:12 PM” “”
• “\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance” “Microsoft Malware Protection Command Line Utility” “Microsoft Corporation” “c:\program files\windows defender\mpcmdrun.exe” “7/16/2016 12:53 PM” “”
• “\Microsoft\Windows\Windows Defender\Windows Defender Cleanup” “Microsoft Malware Protection Command Line Utility” “Microsoft Corporation” “c:\program files\windows defender\mpcmdrun.exe” “7/16/2016 12:53 PM” “”
• “\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan” “Microsoft Malware Protection Command Line Utility” “Microsoft Corporation” “c:\program files\windows defender\mpcmdrun.exe” “7/16/2016 12:53 PM” “”
• “\Microsoft\Windows\Windows Defender\Windows Defender Verification” “Microsoft Malware Protection Command Line Utility” “Microsoft Corporation” “c:\program files\windows defender\mpcmdrun.exe” “7/16/2016 12:53 PM” “”
• “\Microsoft\Windows\Windows Media Sharing\UpdateLibrary” “Windows Media Player Network Sharing Service Configuration Application” “Microsoft Corporation” “c:\program files\windows media player\wmpnscfg.exe” “7/16/2016 12:55 PM” “”
• “\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}” “” “” “File not found: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe” “” “”
• “\OneDrive Standalone Update Task” “Standalone Updater” “Microsoft Corporation” “c:\users\adria\appdata\local\microsoft\onedrive\1 7.3.6517.0809\onedrivestandaloneupdater.exe” “8/10/2016 4:50 AM” “”
  “HKLM\System\CurrentControlSet\Services” “” “” “” “1/6/2017 6:39 PM” “”
• “BEService” “” “” “c:\program files (x86)\common files\battleye\beservice.exe” “8/1/2016 10:03 PM” “”
• “ClickToRunSvc” “‪Manages resource coordination, background streaming, and system integration of Microsoft Office products and their related updates. This service is required to run during the use of any Microsoft Office program, during initial streaming installation and all subsequent updates.‬” “Microsoft Corporation” “c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe” “12/4/2016 8:07 PM” “”
• “EasyAntiCheat” “EasyAntiCheat Service” “EasyAntiCheat Ltd” “c:\windows\syswow64\easyanticheat.exe” “2/4/2016 4:44 AM” “”
• “ESRV_SVC_QUEENCREEK” “Intel(r) Energy Checker SDK. ESRV Service queencreek” “” “c:\program files\intel\sur\queencreek\esrv_svc.exe” “11/18/2016 5:46 AM” “”
• “NvTelemetryContainer” “Container service for NVIDIA Telemetry” “” “File not found: C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe” “” “”
• “ose64” “Saves installation files used for updates and repairs and is required for the downloading of Setup updates and Watson error reports.” “Microsoft Corporation” “c:\program files\common files\microsoft shared\source engine\ose.exe” “12/4/2016 11:33 AM” “”
• “SystemUsageReportSvc_QUEENCREEK” “Inte(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK monitors the computer system usage and helps to improve system’s performance.” “” “c:\program files\intel driver update utility\sur\sursvc.exe” “11/18/2016 5:35 AM” “”
• “USER_ESRV_SVC_QUEENCREEK” “Intel(r) Energy Checker SDK. ESRV Service queencreek” “” “c:\program files\intel\sur\queencreek\esrv_svc.exe” “11/18/2016 5:46 AM” “”
• “WdNisSvc” “Helps guard against intrusion attempts targeting known and newly discovered vulnerabilities in network protocols” “Microsoft Corporation” “c:\program files\windows defender\nissrv.exe” “7/16/2016 12:54 PM” “”
• “WinDefend” “Helps protect users from malware and other potentially unwanted software” “Microsoft Corporation” “c:\program files\windows defender\msmpeng.exe” “7/16/2016 12:57 PM” “”
• “WMPNetworkSvc” “Shares Windows Media Player libraries to other networked players and media devices using Universal Plug and Play” “Microsoft Corporation” “c:\program files\windows media player\wmpnetwk.exe” “9/7/2016 3:11 PM” “”
  “HKLM\System\CurrentControlSet\Services” “” “” “” “1/6/2017 6:39 PM” “”
• “3ware” “LSI 3ware SCSI Storport Driver” “LSI” “c:\windows\system32\drivers\3ware.sys” “5/19/2015 8:58 AM” “”
• “ADP80XX” “PMC-Sierra Storport Driver For SPC8x6G SAS/SATA controller” “PMC-Sierra” “c:\windows\system32\drivers\adp80xx.sys” “4/10/2015 7:19 AM” “”
• “amdsata” “AHCI 1.3 Device Driver” “Advanced Micro Devices” “c:\windows\system32\drivers\amdsata.sys” “5/14/2015 10:44 PM” “”
• “amdsbs” “AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform” “AMD Technologies Inc.” “c:\windows\system32\drivers\amdsbs.sys” “12/12/2012 7:51 AM” “”
• “amdxata” “Storage Filter Driver” “Advanced Micro Devices” “c:\windows\system32\drivers\amdxata.sys” “5/1/2015 11:25 AM” “”
• “arcsas” “Adaptec SAS RAID WS03 Driver” “PMC-Sierra, Inc.” “c:\windows\system32\drivers\arcsas.sys” “4/10/2015 5:42 AM” “”
• “b06bdrv” “QLogic Gigabit Ethernet VBD” “QLogic Corporation” “c:\windows\system32\drivers\bxvbda.sys” “5/25/2016 5:33 PM” “”
• “bcmfn” “BCM Function 2 Device Driver” “Windows (R) Win 7 DDK provider” “c:\windows\system32\drivers\bcmfn.sys” “6/8/2015 7:02 PM” “”
• “bcmfn2” “BCM Function 2 Device Driver” “Windows (R) Win 7 DDK provider” “c:\windows\system32\drivers\bcmfn2.sys” “3/16/2014 8:37 PM” “”
• “cht4iscsi” “Chelsio iSCSI VMiniport Driver” “Chelsio Communications” “c:\windows\system32\drivers\cht4sx64.sys” “4/20/2016 8:24 PM” “”
• “cht4vbd” “Virtual Bus Driver for Chelsio ® T4 Chipset” “Chelsio Communications” “c:\windows\system32\drivers\cht4vx64.sys” “4/15/2016 6:02 PM” “”
• “dg_ssudbus” “SAMSUNG USB Composite Device Driver” “Samsung Electronics Co., Ltd.” “c:\windows\system32\drivers\ssudbus.sys” “8/24/2016 6:30 PM” “”
• “ebdrv” “QLogic 10 GigE VBD” “QLogic Corporation” “c:\windows\system32\drivers\evbda.sys” “5/25/2016 5:31 PM” “”
• “gdrv” “GIGABYTE Tools” “Windows (R) Server 2003 DDK provider” “c:\windows\gdrv.sys” “3/13/2009 1:52 PM” “”
• “HpSAMD” “Smart Array SAS/SATA Controller Media Driver” “Hewlett-Packard Company” “c:\windows\system32\drivers\hpsamd.sys” “3/27/2013 8:06 AM” “”
• “iagpio” “Intel(R) Serial IO GPIO Controller Driver” “Intel(R) Corporation” “c:\windows\system32\drivers\iagpio.sys” “2/18/2016 6:05 PM” “”
• “iai2c” “Intel(R) Serial IO I2C Driver” “Intel(R) Corporation” “c:\windows\system32\drivers\iai2c.sys” “9/22/2015 5:23 PM” “”
• “iaLPSS2i_GPIO2” “Intel(R) Serial IO GPIO Driver v2” “Intel Corporation” “c:\windows\system32\drivers\ialpss2i_gpio2.sys” “3/3/2016 12:36 PM” “”
• “iaLPSS2i_I2C” “Intel(R) Serial IO I2C Driver v2” “Intel Corporation” “c:\windows\system32\drivers\ialpss2i_i2c.sys” “3/3/2016 12:36 PM” “”
• “iaLPSSi_GPIO” “Intel(R) Serial IO GPIO Controller Driver” “Intel Corporation” “c:\windows\system32\drivers\ialpssi_gpio.sys” “2/2/2015 7:30 PM” “”
• “iaLPSSi_I2C” “Intel(R) Serial IO I2C Controller Driver” “Intel Corporation” “c:\windows\system32\drivers\ialpssi_i2c.sys” “2/25/2015 2:22 AM” “”
• “iaStorAV” “Intel(R) Rapid Storage Technology driver (inbox) - x64” “Intel Corporation” “c:\windows\system32\drivers\iastorav.sys” “2/19/2015 10:38 PM” “”
• “iaStorV” “Intel Matrix Storage Manager driver - x64” “Intel Corporation” “c:\windows\system32\drivers\iastorv.sys” “4/12/2011 5:18 AM” “”
• “ibbus” “InfiniBand Fabric Bus Driver” “Mellanox” “c:\windows\system32\drivers\ibbus.sys” “4/11/2016 12:16 AM” “”
• “LSI_SAS” “LSI Fusion-MPT SAS Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_sas.sys” “3/26/2015 6:06 AM” “”
• “LSI_SAS2i” “LSI SAS Gen2 Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_sas2i.sys” “3/29/2016 5:19 AM” “”
• “LSI_SAS3i” “Avago SAS Gen3 Driver (StorPort)” “Avago Technologies” “c:\windows\system32\drivers\lsi_sas3i.sys” “3/29/2016 5:19 AM” “”
• “LSI_SSS” “LSI SSS PCIe/Flash Driver (StorPort)” “LSI Corporation” “c:\windows\system32\drivers\lsi_sss.sys” “3/16/2013 10:09 AM” “”
• “megasas” “MEGASAS RAID Controller Driver for Windows” “Avago Technologies” “c:\windows\system32\drivers\megasas.sys” “3/5/2015 1:06 PM” “”
• “megasas2i” “MEGASAS RAID Controller Driver for Windows” “Avago Technologies” “c:\windows\system32\drivers\megasas2i.sys” “7/23/2016 8:06 AM” “”
• “megasr” “LSI MegaRAID Software RAID Driver” “LSI Corporation, Inc.” “c:\windows\system32\drivers\megasr.sys” “6/4/2013 8:32 AM” “”
• “MEIx64” “Intel(R) Management Engine Interface” “Intel Corporation” “c:\windows\system32\drivers\teedriverw8x64.sys” “7/8/2015 4:13 AM” “”
• “mlx4_bus” “MLX4 Bus Driver” “Mellanox” “c:\windows\system32\drivers\mlx4_bus.sys” “4/11/2016 12:19 AM” “”
• “mvumis” “Marvell Flash Controller Driver” “Marvell Semiconductor, Inc.” “c:\windows\system32\drivers\mvumis.sys” “5/24/2014 7:09 AM” “”
• “ndfltr” “NetworkDirect Support Filter Driver” “Mellanox” “c:\windows\system32\drivers\ndfltr.sys” “4/11/2016 12:16 AM” “”
• “NetAdapterCx” “” “” “c:\windows\system32\drivers\netadaptercx.sys” “7/16/2016 12:58 PM” “”
• “NVHDA” “NVIDIA HDMI Audio Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvhda64v.sys” “5/10/2016 7:29 PM” “”
• “nvlddmkm” "NVIDIA Windows Kernel Mode Driver, Version 372.90 " “NVIDIA Corporation” “c:\windows\system32\driverstore\filerepository\nv _dispi.inf_amd64_674733509ab83d72\nvlddmkm.sys” “9/17/2016 8:51 AM” “”
• “nvraid” “NVIDIA® nForce™ RAID Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvraid.sys” “4/22/2014 4:58 AM” “”
• “nvstor” “NVIDIA® nForce™ Sata Performance Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvstor.sys” “4/22/2014 5:04 AM” “”
• “NvStreamKms” “Nvidia Streaming Kernel Service” “NVIDIA Corporation” “c:\program files\nvidia corporation\nvstreamsrv\nvstreamkms.sys” “6/3/2016 9:58 PM” “”
• “nvvad_WaveExtensible” “NVIDIA Virtual Audio Driver” “NVIDIA Corporation” “c:\windows\system32\drivers\nvvad64v.sys” “4/12/2016 7:16 PM” “”
• “percsas2i” “MEGASAS RAID Controller Driver for Windows” “Avago Technologies” “c:\windows\system32\drivers\percsas2i.sys” “3/15/2016 11:20 AM” “”
• “percsas3i” “MEGASAS RAID Controller Driver for Windows” “Avago Technologies” “c:\windows\system32\drivers\percsas3i.sys” “3/5/2016 7:52 AM” “”
• “rt640x64” "Realtek 8136/8168/8169 NDIS 6.40 64-bit Driver " "Realtek " “c:\windows\system32\drivers\rt640x64.sys” “1/21/2016 6:47 PM” “”
• “semav6msr64” “” “” “c:\windows\system32\drivers\semav6msr64.sys” “1/25/2014 5:52 AM” “”
• “SiSRaid2” “SiS RAID Stor Miniport Driver” “Silicon Integrated Systems Corp.” “c:\windows\system32\drivers\sisraid2.sys” “9/25/2008 4:58 AM” “”
• “SiSRaid4” “SiS AHCI Stor-Miniport Driver” “Silicon Integrated Systems” “c:\windows\system32\drivers\sisraid4.sys” “10/2/2008 8:26 AM” “”
• “ssudmdm” “@oem15.inf,%ssud.Service.Desc%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.)” “Samsung Electronics Co., Ltd.” “c:\windows\system32\drivers\ssudmdm.sys” “8/24/2016 6:30 PM” “”
• “stexstor” “Promise SuperTrak EX Series Driver for Windows x64” “Promise Technology, Inc.” “c:\windows\system32\drivers\stexstor.sys” “11/27/2012 10:32 AM” “”
• “vsmraid” “VIA RAID DRIVER FOR AMD-X86-64” “VIA Technologies Inc.,Ltd” “c:\windows\system32\drivers\vsmraid.sys” “4/23/2014 5:51 AM” “”
• “VSTXRAID” “VIA StorX RAID Controller Driver” “VIA Corporation” “c:\windows\system32\drivers\vstxraid.sys” “1/22/2013 5:30 AM” “”
• “WinMad” “Kernel WinMad” “Mellanox” “c:\windows\system32\drivers\winmad.sys” “4/11/2016 12:16 AM” “”
• “WinVerbs” “Kernel WinVerbs” “Mellanox” “c:\windows\system32\drivers\winverbs.sys” “4/11/2016 12:16 AM” “”
  “HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers” “” “” “” “7/16/2016 10:19 PM” “”
• “Adobe Type Manager” “Windows NT OpenType/Type 1 Font Driver” “Adobe Systems Incorporated” “c:\windows\system32\atmfd.dll” “11/2/2016 9:01 PM” “”
  “HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32” “” “” “” “12/20/2016 3:33 PM” “”
• “msacm.l3acm” “MPEG Layer-3 Audio Codec for MSACM” “Fraunhofer Institut Integrierte Schaltungen IIS” “c:\windows\system32\l3codeca.acm” “7/16/2016 12:56 PM” “”
• “VIDC.FICV” “” “” “c:\windows\system32\ficvdec_x64.dll” “5/29/2013 6:53 AM” “”
  “HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32” “” “” “” “12/20/2016 3:33 PM” “”
• “msacm.l3acm” “MPEG Layer-3 Audio Codec for MSACM” “Fraunhofer Institut Integrierte Schaltungen IIS” “c:\windows\syswow64\l3codeca.acm” “7/16/2016 12:11 PM” “”
• “vidc.cvid” “Cinepak® Codec” “Radius Inc.” “c:\windows\syswow64\iccvid.dll” “7/16/2016 12:12 PM” “”
• “VIDC.FFDS” “” “” “File not found: ff_vfw.dll” “” “”
• “VIDC.FICV” “” “” “c:\windows\syswow64\ficvdec_x86.dll” “5/29/2013 6:52 AM” “”
• “vidc.tscc” “TechSmith Screen Capture Codec” “TechSmith Corporation” “c:\program files (x86)\mpcstar\codecs\tscc\tsccvid.dll” “5/23/2005 2:41 AM” “”
  “HKLM\Software\Classes\CLSID{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance” “” “” “” “11/5/2016 10:54 AM” “”
• “VHAudioDelay” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHAudioDSP” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHAudioGain” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHClockSync” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHCopyFilter” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHCropResize” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHDeinterlace” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHFrameRateConv” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHMixerSource” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHMultiReader” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHMultiWriter” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHSplitProcSource” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHStreamDelay” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHYV12Decoder” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “VHYV12Encoder” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
• “XSplitAudioSxDSP” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\x64\vhmediacom.dll” “12/15/2015 11:32 PM” “”
  “HKLM\Software\Wow6432Node\Classes\CLSID{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance” “” “” “” “11/11/2016 5:36 PM” “”
• “Capture File Writer” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “DirectVobSub” “VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth” “Gabest” “c:\program files (x86)\mpcstar\codecs\vsfilter.dll” “7/18/2011 2:01 PM” “”
• “DirectVobSub (auto-loading version)” “VobSub & TextSub filter for DirectShow/VirtualDub/Avisynth” “Gabest” “c:\program files (x86)\mpcstar\codecs\vsfilter.dll” “7/18/2011 2:01 PM” “”
• “ffdshow Audio Decoder” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax” “12/20/2008 3:56 AM” “”
• “ffdshow Audio Processor” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax” “12/20/2008 3:56 AM” “”
• “ffdshow raw video filter” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax” “12/20/2008 3:56 AM” “”
• “ffdshow subtitles filter” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax” “12/20/2008 3:56 AM” “”
• “ffdshow Video Decoder” “DirectShow and VFW video and audio decoding/encoding/processing filter” “” “c:\program files (x86)\mpcstar\codecs\ffdshow\ffdshow.ax” “12/20/2008 3:56 AM” “”
• “Pmp Source” “Pmp Splitter” “cooleyes” “c:\program files (x86)\mpcstar\codecs\pmp\pmpsplitter.ax” “3/30/2007 8:22 PM” “”
• “Pmp Splitter” “Pmp Splitter” “cooleyes” “c:\program files (x86)\mpcstar\codecs\pmp\pmpsplitter.ax” “3/30/2007 8:22 PM” “”
• “RealAudio Decoder” “RealMedia Splitter” “Gabest” “c:\program files (x86)\mpcstar\codecs\realmediasplitter.ax” “9/14/2010 5:02 PM” “”
• “RealMedia Source” “RealMedia Splitter” “Gabest” “c:\program files (x86)\mpcstar\codecs\realmediasplitter.ax” “9/14/2010 5:02 PM” “”
• “RealMedia Splitter” “RealMedia Splitter” “Gabest” “c:\program files (x86)\mpcstar\codecs\realmediasplitter.ax” “9/14/2010 5:02 PM” “”
• “RealVideo Decoder” “RealMedia Splitter” “Gabest” “c:\program files (x86)\mpcstar\codecs\realmediasplitter.ax” “9/14/2010 5:02 PM” “”
• “Record Queue” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “TigerPlayer H264 Decoder” “TigerPlayer Video Decoder Filter” “TigerPlayer.com” “c:\program files (x86)\mpcstar\codecs\tpvdecfilter.dll” “11/8/2011 1:40 PM” “”
• “TigerPlayer MPEG2 Decoder” “TigerPlayer Video Decoder Filter” “TigerPlayer.com” “c:\program files (x86)\mpcstar\codecs\tpvdecfilter.dll” “11/8/2011 1:40 PM” “”
• “VGM - Audio Decoder” “XVD Audio Decoder Filter” “DS USA, Inc.” “c:\program files (x86)\mpcstar\codecs\vgm2\vgmaudiodecx.ax” “3/13/2004 6:18 AM” “”
• “VGM - BGR Converter” “Vgm BGR Converter Filter” “DS USA, Inc.” “c:\program files (x86)\mpcstar\codecs\vgm2\vgmbgr.ax” “9/27/2003 4:41 AM” “”
• “VGM - Splitter” “XVD Demuxer Filter” “DS USA, Inc” “c:\program files (x86)\mpcstar\codecs\vgm2\vgmsplt.ax” “3/27/2004 5:14 AM” “”
• “VGM - Video Decoder” “XVD Video Decoder Filter” “DS USA, Inc” “c:\program files (x86)\mpcstar\codecs\vgm2\vgmv2k2dx.ax” “3/13/2004 6:20 AM” “”
• “VHAudioDelay” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHAudioDSP” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHAudioGain” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHClockSync” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHCopyFilter” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHCropResize” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHDeinterlace” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHFrameRateConv” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHMixerSource” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHMultiReader” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHMultiWriter” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHSplitProcSource” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHStreamDelay” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHYV12Decoder” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “VHYV12Encoder” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “WM VIH2 Fix” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “WMT DV Extract Filter” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “WMT Sample Info Filter” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “WMT Switch Filter” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “WMT Virtual Renderer” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “WMT Virtual Source” “Photo Gallery Video Acquisition Filters” “Microsoft Corporation” “c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll” “4/1/2014 2:57 PM” “”
• “XSplitAudioSxDSP” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “XSplitNdiRendererDS” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “XSplitNdiSourceDS” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
• “XSplitWASAPIAudioRenderer” “VHMediaLib COM implementation” “SplitmediaLabs Limited” “c:\program files (x86)\splitmedialabs\xsplit broadcaster\vhmediacom.dll” “9/28/2016 10:54 PM” “”
  “HKLM\SOFTWARE\Classes\Htmlfile\Shell\Open\Command (Default)” “” “” “” “10/13/2016 6:10 PM” “”
• “C:\Program Files\Internet Explorer\iexplore.exe” “Internet Explorer” “Microsoft Corporation” “c:\program files\internet explorer\iexplore.exe” “7/16/2016 12:47 PM” “”
  
  Hijack This File -
  Logfile of Trend Micro HijackThis v2.0.4
  Scan saved at 7:33:44 PM, on 1/6/2017
  Platform: Unknown Windows (WinNT 6.02.1008)
  MSIE: Internet Explorer v11.0 (11.00.14393.0000)
  Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Battle.net\Agent\Agent.5342\Agent.e xe
C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net.exe
C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
C:\Program Files (x86)\Battle.net\Battle.net.8180\Battle.net Helper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerPlug in_24_0_0_186.exe
C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerPlug in_24_0_0_186.exe
C:\Users\adria\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search - Microsoft Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search - Microsoft Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O1 - Hosts: ::1 localhost
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM..\Run: [AdobeCS6ServiceManager] “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.ex e” -launchedbylogin
O4 - HKCU..\Run: [Spotify Web Helper] “C:\Users\adria\AppData\Roaming\Spotify\SpotifyWeb Helper.exe”
O4 - HKUS\S-1-5-18..\Run: (User ‘SYSTEM’)
O4 - HKUS.DEFAULT..\Run: (User ‘Default user’)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra ‘Tools’ menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra ‘Tools’ menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra ‘Tools’ menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.Sta ndardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.Standa rdCollector.Service.exe (file missing)
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - Unknown owner - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

–
End of file - 9635 bytes

JRT Scan File -
File System: 1

Successfully deleted: C:\Windows\system32\Tasks\NvDriverUpdateCheckDaily _{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} (Task)

Registry: 0
Adware Cleaner System File -
[HEADING=1]AdwCleaner v6.041 - Logfile created 06/01/2017 at 19:39:40[/HEADING]
[HEADING=1]Updated on 16/12/2016 by Malwarebytes[/HEADING]
[HEADING=1]Database : 2017-01-05.2 [Local][/HEADING]
[HEADING=1]Operating System : Windows 10 Home (X64)[/HEADING]
[HEADING=1]Username : adria - ADRIAN[/HEADING]
[HEADING=1]Running from : C:\Users\adria\Downloads\adwcleaner_6.041.exe[/HEADING]
[HEADING=1]Mode: Clean[/HEADING]
[HEADING=1]Support : https://www.malwarebytes.com/support[/HEADING]
***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

[-] [C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com
[-] [C:\Users\adria\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com

---

:: “Tracing” keys deleted
:: Winsock settings cleared

---

C:\AdwCleaner\AdwCleaner[C0].txt - [973 Bytes] - [06/01/2017 19:39:40]
C:\AdwCleaner\AdwCleaner[S0].txt - [1298 Bytes] - [06/01/2017 19:38:02]
C:\AdwCleaner\AdwCleaner[S1].txt - [1370 Bytes] - [06/01/2017 19:39:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1191 Bytes] ##########

Alright, I notice from the logs that you did not do any of the last steps. If you could go through the steps listed in the above post. I assure you that you will notice a difference.

All of those along with this…

Step 1: Installed programs update check.

Make sure your programs are up to date with Patch My PC


Step 2: Fix with HijackThis!

Close all other programs!

Right Click Hijack this, run as administrator.
Click do a system scan only.
Place a tick next to the items below.

O4 - HKLM..\Run: [SunJavaUpdateSched] “C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe”
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM..\Run: [AdobeCS6ServiceManager] “C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.ex e” -launchedbylogin
O4 - HKCU..\Run: [Spotify Web Helper] “C:\Users\adria\AppData\Roaming\Spotify\SpotifyWeb Helper.exe”

Click fix checked.
Accept the prompt.
Reboot the machine after.

Step 3: Fix with Autoruns.

Open Autoruns as administrator and under the “Task Scheduler” tab and uncheck these items.

• “\Microsoft\Office\Office Automatic Updates” “Microsoft Office Click-to-Run Client (SxS)” “Microsoft Corporation” “c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe” “12/4/2016 8:07 PM” “”
• “\Microsoft\Office\Office ClickToRun Service Monitor” “Microsoft Office Click-to-Run Client (SxS)” “Microsoft Corporation” “c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe” “12/4/2016 8:07 PM” “”
• “\Microsoft\Office\OfficeTelemetryAgentFallBack201 6” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msoia.exe” “12/4/2016 11:31 AM” “”
• “\Microsoft\Office\OfficeTelemetryAgentLogOn2016” “Office Telemetry Agent” “Microsoft Corporation” “c:\program files\microsoft office\root\office16\msoia.exe” “12/4/2016 11:31 AM” “”
• “\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task” “Windows Live Social Object Extractor Engine” “Microsoft Corporation” “c:\program files (x86)\windows live\soxe\wlsoxe.dll” “4/1/2014 2:58 PM” “”
• “\Microsoft\Windows\NetTrace\GatherNetworkInfo” “” “” “c:\windows\system32\gathernetworkinfo.vbs” “7/16/2016 10:12 PM” “”
• “\Microsoft\Windows\Windows Media Sharing\UpdateLibrary” “Windows Media Player Network Sharing Service Configuration Application” “Microsoft Corporation” “c:\program files\windows media player\wmpnscfg.exe” “7/16/2016 12:55 PM” “”
• “\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}” “” “” “File not found: C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe” “” “”
• “\OneDrive Standalone Update Task” “Standalone Updater” “Microsoft Corporation” “c:\users\adria\appdata\local\microsoft\onedrive\1 7.3.6517.0809\onedrivestandaloneupdater.exe” “8/10/2016 4:50 AM” “”
  
  
  Step 4: Disable Telemetry.

Use O&O shut up ten to stop all the useless telemetry.

Along with the other instructions that I posted these should have your machine running fairly nice.

What do you mean? I did all 6 steps from your first post along with fresh driver install

Did you run minitoolbox prior to doing the steps? Cause the internet settings on your machine do not reflect that you followed the instructions.

Edit: The initial batch file will also clear the event viewer logs, you have entries from two days ago in there.

I did them in the order of your post, from Step 1 - step 6 in the exact order

No thats my bad.. I thought you were saying you did these.

Can you go ahead and do that for me now please.

Oh right lol, yeah sure