Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my PC infected?


  • Please log in to reply
12 replies to this topic

#1 no13

no13

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 04 December 2017 - 11:52 AM

I've been warned by another user of a free game we both downloaded that he got a keylogger amongst other things. Unfortunately my level of understanding is much lower than his. I've done a spybot scan in safe mode. Any assistance would be much appreciated.

 

Search results from Spybot - Search & Destroy

04/12/2017 16:33:01
Scan took 00:13:05.
32 items found.

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\DirectInput\MostRecentApplication\Name
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\DirectInput\MostRecentApplication\Id
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $F7204896] Open with list - .AVI extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AVI\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $691C1B44] Open with list - .BIN extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BIN\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $A1C94E79] Open with list - .BMP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.BMP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $A44AC4BA] Open with list - .CAP extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CAP\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $99432203] Open with list - .CFG extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CFG\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows.OpenWith: [SBI $7E93AD81] Open with list - .CSS extension (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.CSS\OpenWithList
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-21-1882742350-736463923-641873678-1001\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
  Category=Tracks
  ThreatLevel=2
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
 
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cache: [SBI $49804B54] Browser: Cache (2) (Browser: Cache, nothing done)
 
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

History: [SBI $49804B54] Browser: History (3) (Browser: History, nothing done)
 
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54

Cookie: [SBI $49804B54] Browser: Cookie (1) (Browser: Cookie, nothing done)
 
  Category=Browser
  ThreatLevel=1
  Weblink=http://forums.spybot.info/forumdisplay.php?54


--- Spybot - Search & Destroy version: 2.6.46.134  DLL (build: 20170523) ---
 


Edited by hamluis, 04 December 2017 - 11:56 AM.
Moved from MRL to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 04 December 2017 - 12:26 PM

Welcome to BC...

 

Best to uninstall Spybot S&D. It has long since lost favor with security pros. Be sure to shut it down completely or uninstall

while in safe mode.

 

Use the programs below to clean, remove adware and remove malware.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Malwarebytes - Clean Mode

  • Download and install the free version of Malwarebytes
    Note: If you have Malwarebytes already installed, you don't need to install it again. Simply start from the next bullet point
  • Once Malwarebytes is installed, launch it and let it update its database. You might have to click on the little arrow by Scan Status in the middle right pane for it to do so
  • Once the database update is complete, click on the Scan tab, then select the Threat Scan button and click on Start Scan
  • Let the scan run, the time required to complete the scan depends of your system and computer specs
  • Once the scan is complete, make sure that the first checkbox at the top is checked (which will automatically check every detected item), then click on the Quarantine Selected button
    • If it asks you to restart your computer to complete the removal, do so
  • Click on Export Summary after the deletion (in the bottom-left corner) and select Copy to Clipboard. Paste the content in your next reply

If you are unable to run a scan using MBAM:

Follow the instructions in the thread below. Make sure to download the MBAR linked in it. Let me know if you're not able to launch it and run a scan.
https://forums.malwarebytes.com/topic/198907-requested-resource-is-in-use-error-unable-to-start-malwarebytes/

 

 

Download AdwCleaner by Xplode onto your desktop. (compatible with Windows 7, 8 and 10)

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

Download and run the FREE online scanner from Free Virus Scan | Online Virus Scan from ESET | ESET

  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 04 December 2017 - 01:52 PM

Thanks very much for taking the time to read and respond. I've just finished scanning (logs below) after uninstalling spybot s&d. Turns out Spybot was the cause of a pop up about bitdefender which initially worried me. Hopefully revo uninstaller picked up all the files. So.. Ran ccleaner (cookies & reg). Malwarebytes found nothing. ADWcleaner found a single pup and ESET found 12 files, 11 of which related to ccleaner and one relating to NFC_Driver.sys. Does this mean I'm in the clear?

 

# AdwCleaner 7.0.5.0 - Logfile created on Mon Dec 04 17:49:41 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 11-29-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\Brian-Main-Rig\AppData\Roaming\.acestream
PUP.Optional.Legacy, C:\_acestream_cache_


***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.
 

ESETReply to this topic

 

C:\Users\Brian-Main-Rig\Downloads\ccsetup528.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup529.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup530(1).exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup530.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup531(1).exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup531.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup532.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup534.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup535.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup536.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Brian-Main-Rig\Downloads\ccsetup537.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Windows\System32\drivers\NFC_Driver.sys    a variant of Win64/NetFilter.A potentially unsafe application    cleaned by deleting

 

Thanks again
 



#4 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 04 December 2017 - 01:57 PM

Forgot to mention that in the absence of any specific instruction to run the scanners in safe mode, I did not do so. Hope that was the right call on my behalf.



#5 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 04 December 2017 - 02:35 PM

You should go into your Downloads and delete all but the latest CCleaner installers.

That last item Eset found was likely adware. A jumble of descriptions for it on the web...some mentioning it as a trojan.

 

 

Do you have an ad blocker installed in your browsers?

 

You can block third party cookies...also called ad and tracking cookies....from installing your browsers. Once blocked, run CCleaner to remove the existing ones.

How to disable third-party cookies in all major web browsers

 

Post the three lists mentioned below using CCleaner.

Open CCleaner and click on Tools. Choose Startups. On that page you will see a list of Windows Startups and at the top tabs for each browser and Scheduled Tasks.

At the bottom right of that page you will see a button when clicked will allow you to Copy and Paste the list of Windows Startups and Scheduled Tasks into your next

post. Please do that.

 

Open CCleaner and click on Tools. Choose Uninstall. On that page you will see a list of programs installed on your computer and at the bottom right of that page you

will see a button when clicked will allow you to Copy and Paste that list in your next post. Please do that.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#6 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 04 December 2017 - 07:06 PM

Appreciate your thoroughness. Tis reassuring. All files below.

 

CCleaner Startup Windows

No    HKCU:Run    CCleaner Monitoring    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
No    HKCU:Run    DAEMON Tools Pro Agent    Disc Soft Ltd    "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
No    HKCU:Run    Epson Stylus SX420W(Network)    SEIKO EPSON CORPORATION    C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_SA53E.tmp" /EF "HKCU"
No    HKCU:Run    EPSON25EE49 (Epson Stylus SX420W)    SEIKO EPSON CORPORATION    C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGCE.EXE /FU "C:\WINDOWS\TEMP\E_SB71C.tmp" /EF "HKCU"
No    HKCU:Run    GalaxyClient    GOG.com    C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
Yes    HKCU:Run    GarminExpressTrayApp    Garmin Ltd. or its subsidiaries    "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
Yes    HKCU:RunOnce    Application Restart #0    The NWJS Community    C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe  --disable-gpu --disable-transparency --no-first-run --user-data-dir="C:\Users\Brian-Main-Rig\AppData\Local\Private Internet Access\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files\pia_manager\pia_tray_files" --restore-last-session "C:\Program Files\pia_manager\pia_tray_files"
No    HKLM:Run    ASUS AiChargerPlus Execute    ASUSTek Computer Inc.    C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
No    HKLM:Run    ASUS Media Streamer DMS    ASUSTeK Computer Inc.    C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe
No    HKLM:Run    ASUS Media Streamer ShareEdit    ASUSTeK Computer Inc.    C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe
No    HKLM:Run    ASUS Media Streamer WSAgent    ASUSTeK Computer Inc.    C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe
No    HKLM:Run    EEventManager    SEIKO EPSON CORPORATION    "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Yes    HKLM:Run    IAStorIcon    Intel Corporation    "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
Yes    HKLM:Run    LastApp    LastPass    C:\Program Files (x86)\LastPass\lastapp_x64.exe
No    HKLM:Run    Launch LCore    Logitech Inc.    C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
No    HKLM:Run    ROGRAMCACHE    ASUSTeKcomputer Inc    "C:\Program Files (x86)\ROGRAMCACHE\RamCache.exe"
Yes    HKLM:Run    RTHDVCPL    Realtek Semiconductor    "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
Yes    HKLM:Run    SecurityHealth    Microsoft Corporation    %ProgramFiles%\Windows Defender\MSASCuiL.exe
Yes    HKLM:Run    SS2UILauncher    A-Volute    C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe /noUI
No    HKLM:Run    SunJavaUpdateSched    Oracle Corporation    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Yes    HKLM:Run    SVLoadSense    SAVITECH    c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe
No    HKLM:Run    WebStorage    ASUS Cloud Corporation    C:\Program Files (x86)\ASUS\WebStorage\2.1.15.458\ASUSWSLoader.exe
Yes    Startup Common    PowerReg Scheduler V3.exe    Leader Technologies    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe

 

CCleaner Startup Scheduled Tasks

Yes    Task    Adobe Acrobat Update Task    Adobe Systems Incorporated    C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Yes    Task    Adobe Flash Player Updater    Adobe Systems Incorporated    C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Yes    Task    CCleanerSkipUAC    Piriform Ltd    "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes    Task    GarminUpdaterTask    Garmin International, Inc.    C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe
Yes    Task    IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7    Intel Corporation    "C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
Yes    Task    IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon    Intel Corporation    "C:\Program Files (x86)\Intel\Intel® Online Connect Access\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" --automatic
Yes    Task    IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473        C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic
Yes    Task    Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}    AO Kaspersky Lab    C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade
Yes    Task    MSIAfterburner    MICRO-STAR INTERNATIONAL CO., LTD.    C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe /s
Yes    Task    NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Yes    Task    NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
Yes    Task    NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
Yes    Task    NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes    Task    NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes    Task    NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Yes    Task    NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Yes    Task    NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon
Yes    Task    Private Internet Access Startup        "C:\Program Files\pia_manager\pia_manager.exe" --startup
Yes    Task    SamsungMagician    Samsung Electronics Co. Ltd.    "C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe" /AUTOHIDE
No    Task    Start CorsairLink4    Corsair Components, Inc.    C:\Program Files (x86)\CorsairLink4\CorsairLink4.exe -startup

 

CCleaner Uninstall

3D Builder    Microsoft Corporation    28/10/2017        15.0.2911.0
3DMark    Futuremark    28/07/2017    575 MB    2.2.3509.0
7-Zip 17.01 beta (x64)    Igor Pavlov    18/11/2017    4.82 MB    17.01 beta
ABBYY FineReader 9.0 Sprint    ABBYY    28/07/2017    86.6 MB    9.01.513.58212
Adobe Acrobat Reader DC    Adobe Systems Incorporated    02/12/2017    414 MB    18.009.20050
Adobe Flash Player 27 NPAPI    Adobe Systems Incorporated    15/11/2017    5.71 MB    27.0.0.187
AI Suite 3    ASUSTeK Computer Inc.    28/07/2017        1.01.30
AIDA64 Extreme v5.95    FinalWire Ltd.    30/11/2017    78.0 MB    5.95
Alarms & Clock    Microsoft Corporation    06/10/2017        10.1709.2621.0
App connector    Microsoft Corporation    22/11/2016        1.3.3.0
App Installer    Microsoft Corporation    14/11/2017        1.0.12894.0
Asmedia USB Host Controller Driver    Asmedia Technology    01/11/2016    5.06 MB    1.16.26.1
ASUS Boot Setting    ASUSTeK Computer Inc.    28/07/2017        1.00.22
ASUS ROG Connect Plus    ASUSTeK Computer Inc.    28/07/2017    4.79 MB    1.00.30
Asus Sonic Suite Plugins    ASUSTeKcomputer.Inc    28/07/2017    149 MB    2.2.2801
Audacity 2.1.2    Audacity Team    17/03/2017    56.8 MB    2.1.2
Battle.net    Blizzard Entertainment    23/11/2017    717 MB    
Battlefield 4™    Electronic Arts    28/07/2017    39.6 GB    1.8.2.48475
Battlelog Web Plugins    EA Digital Illusions CE AB    28/07/2017    4.76 MB    2.7.1
Calculator    Microsoft Corporation    10/10/2017        10.1709.2703.0
Call of Duty: Advanced Warfare    Sledgehammer Games    28/07/2017    30.6 GB    
Call of Duty: Advanced Warfare - Multiplayer    Sledgehammer Games    28/07/2017    30.6 GB    
Camera    Microsoft Corporation    23/10/2017        2017.921.10.0
CCleaner    Piriform    16/11/2017    22.3 MB    5.37
ConvertHelper 3.2    DownloadHelper    18/05/2017    120 MB    
Corsair LINK 4    Corsair Components, Inc.    28/07/2017    117 MB    4.7.0.77
Corsair Link™ USB Dongle (Driver Removal)    Corsair Memory, Inc.    28/07/2017    371 KB    
Counter-Strike: Global Offensive    Valve    02/12/2017    14.9 GB    
CPUID HWMonitor 1.33        20/10/2017    2.86 MB    1.33
CPUID ROG CPU-Z 1.72.1    CPUID, Inc.    01/11/2016    6.99 MB    1.72.1
Crysis®3    Electronic Arts    02/08/2017    14.2 GB    1.0.0.0
CrystalDiskMark 5.2.0    Crystal Dew World    02/11/2016    7.40 MB    5.2.0
DAEMON Tools Pro    Disc Soft Ltd    28/07/2017        6.1.0.0485
Demand 5    CHANNEL 5 BROADCASTING LIMITED    30/06/2017        1.3.16078.0
Discord    Discord Inc.    09/08/2017    50.8 MB    0.0.298
Dishonored®: Death of the Outsider™    Arkane Studios    22/11/2017        
DOOM    id Software    06/09/2017    67.0 GB    
Epson Easy Photo Print 2    SEIKO EPSON CORPORATION    28/11/2016    80.3 MB    2.2.3.0
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)    SEIKO EPSON CORPORATION    28/11/2016    360 KB    1.00.0000
Epson Event Manager    SEIKO EPSON CORPORATION    28/11/2016    77.5 MB    2.40.0001
EPSON Scan    Seiko Epson Corporation    28/07/2017        
EPSON SX420W Series Manual        28/07/2017        
EPSON SX420W Series Network Guide        28/07/2017        
EPSON SX420W Series Printer Uninstall    SEIKO EPSON Corporation    28/07/2017        
EpsonNet Print    SEIKO EPSON CORPORATION    28/11/2016    4.36 MB    2.4j
EpsonNet Setup 3.2    SEIKO EPSON CORPORATION    28/11/2016    27.2 MB    3.2a
Fallout 4    Bethesda Game Studios    30/11/2017    26.0 GB    
Feedback Hub    Microsoft Corporation    20/10/2017        1.1708.2831.0
Films & TV    Microsoft Corporation    01/12/2017        10.17102.13911.0
Fraps        28/07/2017        
Futuremark SystemInfo    Futuremark    05/09/2017    10.8 MB    5.0.609.0
Garmin Communicator Plugin    Garmin Ltd or its subsidiaries    01/12/2017    20.9 MB    4.2.0
Garmin Communicator Plugin x64    Garmin Ltd or its subsidiaries    01/12/2017    31.0 MB    4.2.0
Garmin Express    Garmin Ltd or its subsidiaries    16/11/2017    363 MB    5.7.1.0
Geeks3D FurMark 1.18.2.0    Geeks3D    21/02/2017    9.31 MB    
GOG Galaxy    GOG.com    02/11/2016    116 MB    
Grand Theft Auto V    Rockstar Games    27/11/2016    68.5 GB    "1.00.0000"
Groove Music    Microsoft Corporation    17/11/2017        10.17085.22311.0
Half-Life 2    Valve    28/07/2017    1.96 GB    
Half-Life 2: Lost Coast    Valve    28/07/2017    1.96 GB    
Half-Life 2: Update    Filip Victor    28/07/2017    6.36 GB    
Hearthstone    Blizzard Entertainment    08/11/2017    5.22 GB    
Heaven Benchmark version 4.0    Unigine Corp.    07/11/2016    274 MB    4.0
Hi-Rez Studios Authenticate and Update Service    Hi-Rez Studios    14/11/2017    87.3 MB    3.0.0.0
Homefront: The Revolution    Dambuster Studios    15/11/2017    67.6 GB    
Spelunky    Eek! Games, LLC    11/11/2017    4.87 GB    
HTC Sync Manager    HTC    22/09/2017    333 MB    3.1.86.4
HyStream    ASUSTeK Computer Inc.    28/07/2017    8.29 MB    1.00.12
Intel® Management Engine Components    Intel Corporation    13/11/2017        11.7.0.1043
Intel® Network Connections 22.4.16.0    Intel    13/11/2017    33.0 MB    22.4.16.0
Intel® Rapid Storage Technology    Intel Corporation    14/11/2017    11.9 MB    15.7.1.1015
Intel® Security Assist    Intel Corporation    01/11/2016    2.36 MB    1.0.0.532
IPTInstaller    HTC    16/11/2016    248 KB    4.0.8
Java 8 Update 151    Oracle Corporation    04/12/2017    199 MB    8.0.1510.12
Kaspersky Internet Security    Kaspersky Lab    15/10/2017    101 MB    17.0.0.611
KeyBot II    ASUSTeK Computer Inc.    28/07/2017    7.49 MB    1.00.05
Kodi    XBMC-Foundation    28/07/2017        
LastPass for Applications    LastPass    28/07/2017    1.95 MB    
Logitech Gaming Software 8.96    Logitech Inc.    11/10/2017    325 MB    8.96.81
Mad Max    Avalanche Studios    21/08/2017    32.0 GB    
Mail and Calendar    Microsoft Corporation    18/11/2017        17.8700.40675.0
Malwarebytes version 3.3.1.2183    Malwarebytes    03/12/2017    143 MB    3.3.1.2183
Maps    Microsoft Corporation    18/10/2017        5.1708.2764.0
Media Streamer    ASUSTeK Computer Inc.    28/07/2017    20.6 MB    3.00.15
MemTweakIt    ASUSTeK Computer Inc.    28/07/2017        2.02.22
Messaging    Microsoft Corporation    29/11/2017        3.34.25004.0
METAL GEAR SOLID V: GROUND ZEROES    Kojima Productions    28/07/2017    2.93 GB    
METAL GEAR SOLID V: THE PHANTOM PAIN    Konami Digital Entertainment    06/09/2017    28.7 GB    
Microsoft Chart Controls for Microsoft .NET Framework 3.5    Microsoft Corporation    09/12/2016    4.63 MB    3.5.0.0
Microsoft Solitaire Collection    Microsoft Studios    23/11/2017        3.18.11201.0
Microsoft Sticky Notes    Microsoft Corporation    07/04/2017        1.8.0.0
Microsoft Store    Microsoft Corporation    10/11/2017        11710.1001.27.0
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    16/11/2016    3.02 MB    8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    16/11/2016    3.40 MB    8.0.59192
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148    Microsoft Corporation    09/12/2016    1.62 MB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    11/11/2016    830 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022    Microsoft Corporation    16/08/2017    1.27 MB    9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    27/11/2016    1.27 MB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    09/12/2016    1.26 MB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    02/11/2016    644 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219    Microsoft Corporation    02/11/2016    18.0 MB    10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219    Microsoft Corporation    10/01/2017    2.62 MB    10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030    Microsoft Corporation    14/11/2017    20.5 MB    11.0.61030.0
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030    Microsoft Corporation    14/11/2017    17.3 MB    11.0.61030.0
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501    Microsoft Corporation    11/10/2017    20.5 MB    12.0.30501.0
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501    Microsoft Corporation    11/10/2017    17.1 MB    12.0.30501.0
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215    Microsoft Corporation    28/07/2017    23.5 MB    14.0.24215.1
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215    Microsoft Corporation    28/07/2017    19.5 MB    14.0.24215.1
Microsoft WiFi    Microsoft Corporation    22/11/2016        1.1604.4.0
Mixed Reality Viewer    Microsoft Corporation    02/12/2017        2.1711.17012.0
Mozilla Firefox 57.0 (x64 en-GB)    Mozilla    18/11/2017    139 MB    57.0
Mozilla Maintenance Service    Mozilla    14/11/2017    464 KB    57.0.0.6525
Mozilla Thunderbird 52.5.0 (x86 en-GB)    Mozilla    30/11/2017    90.0 MB    52.5.0
MSI Afterburner 4.3.0    MSI Co., LTD    28/07/2017        4.3.0
MSI DragonEye    MSI    08/11/2016    160 MB    0.0.2.4
My Office    Microsoft Corporation    22/11/2017        17.8809.7600.0
NVIDIA 3D Vision Controller Driver 369.04    NVIDIA Corporation    02/12/2017    8.83 MB    369.04
NVIDIA 3D Vision Driver 388.43    NVIDIA Corporation    02/12/2017    33.0 MB    388.43
NVIDIA GeForce Experience 3.11.0.73    NVIDIA Corporation    02/12/2017    2.80 MB    3.11.0.73
NVIDIA Graphics Driver 388.43    NVIDIA Corporation    02/12/2017    744 MB    388.43
NVIDIA HD Audio Driver 1.3.35.1    NVIDIA Corporation    02/12/2017    8.12 MB    1.3.35.1
NVIDIA PhysX System Software 9.17.0524    NVIDIA Corporation    03/07/2017    407 MB    9.17.0524
OneNote    Microsoft Corporation    18/11/2017        17.8730.20741.0
OpenOffice 4.1.3    Apache Software Foundation    20/03/2017    157 MB    4.13.9783
OpenOffice 4.1.3 Language Pack (English (United Kingdom))    Apache Software Foundation    20/03/2017    50.8 MB    4.13.9783
Origin    Electronic Arts, Inc.    08/11/2017    356 MB    10.5.5.6040
Overwatch    Blizzard Entertainment    28/11/2017    26.5 GB    
Overwatch Test    Blizzard Entertainment    28/11/2017    26.9 GB    
Paid WiFi & Mobile    Microsoft Corporation    19/09/2017        2.1709.2484.0
Paint 3D    Microsoft Corporation    11/11/2017        3.1710.30027.0
Paladins    Hi-Rez Studios    23/11/2017    9.33 GB    
People    Microsoft Corporation    31/10/2017        10.2.2791.0
PerformanceTest v9.0    Passmark Software    30/11/2017    228 MB    9.0.1021.0
Phone    Microsoft Corporation    29/11/2017        3.34.12002.0
Phone Companion    Microsoft Corporation    22/11/2016        10.1609.2561.0
Photos    Microsoft Corporation    14/11/2017        2017.39091.16340.0
PLAYERUNKNOWN'S BATTLEGROUNDS    Bluehole, Inc.    02/12/2017    7.00 GB    
Prey    Arkane Studios    21/08/2017    18.3 GB    
Private Internet Access Support Files    Private Internet Access    10/11/2016    3.11 MB    1.0.0.0
PunkBuster Services    Even Balance, Inc.    28/07/2017        0.992
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    29/07/2017    16.1 MB    6.0.1.7904
Revo Uninstaller Pro 3.2.0    VS Revo Group, Ltd.    20/10/2017    42.1 MB    3.2.0
Rocket League    Psyonix, Inc.    11/11/2017    5.41 GB    
Rockstar Games Social Club    Rockstar Games    28/07/2017        1.2.1.4
ROG RAMDisk    ASUSTeK Computer Inc.    28/07/2017        2.02.06
ROGRAMCACHE    ASUSTeKcomputer Inc    28/07/2017        1.07.18
Samsung Magician    Samsung Electronics    29/01/2017    40.5 MB    5.0.0.790
Samsung NVM Express Driver    Samsung Electronics    01/11/2016    2.31 MB    1.1
Sport    Microsoft Corporation    30/08/2017        4.21.2212.0
Spybot Anti-Beacon    Safer-Networking Ltd.    01/12/2016    8.31 MB    1.5
Steam    Valve Corporation    28/07/2017        2.10.91.91
Store Experience Host    Microsoft Corporation    10/11/2017        11710.1710.30001.0
SVLoadSense    SAVITECH    09/06/2017    3.83 MB    1.0.12
Sway    Microsoft Corporation    07/11/2017        18.1711.50601.0
Team Fortress 2    Valve    02/12/2017    20.1 GB    
TechPowerUp GPU-Z    TechPowerUp    28/07/2017        
The Witcher 3 - Wild Hunt    GOG.com    11/04/2017    27.3 GB    1.31.0.0
Tips    Microsoft Corporation    30/10/2017        5.12.2691.0
Titanfall™    Electronic Arts    28/07/2017    62.8 GB    1.0.10.1
Titanfall™ 2    Electronic Arts, Inc.    08/11/2017    63.7 GB    1.0.1.1
Tom Clancy's Rainbow Six Siege    Ubisoft Montreal    23/11/2017    36.1 GB    
Unigine Valley Benchmark version 1.0    Unigine Corp.    07/11/2016    455 MB    1.0
Uplay    Ubisoft    08/11/2017    355 MB    24.0.1
VBCABLE, The Virtual Audio Cable    VB-Audio Software    28/07/2017        
VLC media player    VideoLAN    28/07/2017    131 MB    2.2.6
Voice Recorder    Microsoft Corporation    10/10/2017        10.1709.2703.0
Voicemeeter, The Virtual Mixing Console    VB-Audio Software    28/07/2017        
Wallet    Microsoft Corporation    28/07/2017        1.0.16328.0
Warframe    Digital Extremes    14/11/2017    21.1 GB    
Warhammer: End Times - Vermintide    Fatshark    28/11/2017    44.9 GB    
Weather    Microsoft Corporation    31/08/2017        4.21.2212.0
WebStorage    ASUS Cloud Corporation    28/07/2017    25.4 MB    2.1.15.458
Windows Driver Package - Corsair Components, Inc. (SIUSBXP) USB  (10/30/2015 3.6)    Corsair Components, Inc.    28/07/2017        10/30/2015 3.6
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)    Dynastream Innovations, Inc.    15/11/2017        04/11/2012 1.2.40.201
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)    Silicon Labs Software    15/11/2017        02/06/2007 3.1
Wolfenstein II: The New Colossus    Machine Games    16/11/2017    46.2 GB    
Xbox    Microsoft Corporation    14/11/2017        34.35.13001.0
Xbox Game bar    Microsoft Corporation    07/11/2017        1.22.30001.0
Xbox Game Speech Window    Microsoft Corporation    28/07/2017        1.14.2002.0
Xbox Identity Provider    Microsoft Corporation    12/07/2017        11.29.23003.0
XTUPackage    ASUSTeK COMPUTER INC.    29/06/2017    13.1 MB    1.0.0
µTorrent    BitTorrent Inc.    28/07/2017        3.5.0.43804


 



#7 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 04 December 2017 - 08:41 PM

What is this?......Yes    HKCU:RunOnce    Application Restart #0    The NWJS Community    C:\Program Files\pia_manager\pia_tray_bin\nw-win\pia_nw.exe  --disable-gpu --disable-transparency --no-first-run --user-data-dir="C:\Users\Brian-Main-Rig\AppData\Local\Private Internet Access\User Data" --no-sandbox --flag-switches-begin --flag-switches-end --nwapp="C:\Program Files\pia_manager\pia_tray_files" --restore-last-session "C:\Program Files\pia_manager\pia_tray_files"

I did a brief search but I think it is best to get your opinion as I'm not sure even after searching what it is exactly.

 

Delete this Startup: Use CCleaner by clicking on it and choosing Delete on the right.

Yes    Startup Common    PowerReg Scheduler V3.exe    Leader Technologies    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe

 

Disable these Tasks: Use CCleaner by clicking on each item and choosing Disable on the right.

Yes    Task    Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}    AO Kaspersky Lab    C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe /waitUpgrade

(Disable this Kaspersky item unless you have or intend to purchase it)

Yes    Task    NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe"
Yes    Task    NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe --launcher=TaskScheduler
Yes    Task    NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes    Task    NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe
Yes    Task    NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe
Yes    Task    NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe
Yes    Task    NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}    NVIDIA Corporation    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe --logon

 

Uninstall µTorrent    BitTorrent Inc.    28/07/2017        3.5.0.43804 ( more than half of free downloads will contain malware...some of the worst)

 

Do you have an ad blocker installed in your browsers such as Adblock Plus?

 

If you haven't blocked the third party cookies from installing...you should do that.

How to disable third-party cookies in all major web browsers

 

After completing the above and rebooting....let me know how the computer is performing or you see a problem.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 05 December 2017 - 04:40 PM

The NWJS PIA thing is Private Internet Access. It's my VPN provider. Probably not the best any more but had good customer service.

Deleted Startup.

Kaspertsky is my Anti-virus/Firewall with 207 days remaining.

Should I really disabled Nvidia files? I have ge-force gtx card and nvidia experience installed.

Uninstalled Bit Torrent

Browser third party cookie settings implemented in Firefox also in (the windows bundled) IE and Edge

Adblock/Kaspersky/Ghostery already installed in main Firefox browser.

 

Had some unusual slow downs (for my sytem) and a pop up asking for registration for a legitimate bundle of old Atari games I bought (clicked remind me in 2 weeks) but afterwards it worried me as it only runs from an .exe in my C:downloads folder... Maybe nothing, but not experienced before.


Edited by no13, 05 December 2017 - 04:46 PM.


#9 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 05 December 2017 - 05:13 PM

If you prefer not to disable those nvidia items...then don't.

 

Why not delete the item in downloads? The Atari games could of been bundled with adware. That brings back a few memories...Atari games played on the TV.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 05 December 2017 - 05:23 PM

Yeah, good 'ol days.. Used to have a 2600. Many hours spent playing Space Invaders. Can't help but reminisce about those simpler times. Just wanted to double check about the Nvidia stuff, will happily disable if you still advise to with the extra info I gave. Will delete the Atari .exe but is that pop up feasible without adware or similar?



#11 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 05 December 2017 - 07:41 PM

If registering or not has no effect on your ability to use the games you purchased....then delete what you think is the source of that.

 

I see the Nvidia tasks as bloat and repetitive...plus they call home every day. Windows 10 handles the updates. Also, you see one or

more of any task that I suggest being disabled....re-enabling can be done easily using CCleaner. But again...your computer...your choice.

 

Did you run AdwCleaner and Malwarebytes after purchasing the games? If so, then I think the request to register isn't a problem and is

likely wanting your email address and your permission to send more offers.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#12 no13

no13
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:05:48 PM

Posted 06 December 2017 - 04:24 PM

Very grateful for your time, effort and patience. My PC is very valuable to me (not just in monetary terms) and as such the peace of mind you've delivered is probably more substantial than you think... Thankyou



#13 buddy215

buddy215

  • Moderator
  • 13,256 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:11:48 AM

Posted 06 December 2017 - 04:28 PM

You're welcome...happy surfin'


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users