1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Problems with PC randomly freezing and restarting

Discussion in 'Windows 10' started by Steve84b, Aug 13, 2018.

Thread Status:
Not open for further replies.
Advertisement
  1. Steve84b

    Steve84b Thread Starter

    Joined:
    Aug 13, 2018
    Messages:
    3
    Hi there,

    I've been having a problem with my PC randomly freezing and restarting (BSOD). Not really sure what to do as I can't seem to identify the cause. Have checked all drivers are up to date and have also done a clean install of my Nvidia graphics drivers.

    From reading here I have done a sys info, pasted below, and because I thought earlier it might be a virus even though Sophos seems to say the PC is clean I installed and ran FRST and have pasted those logs below as well.

    I really hope that someone can can help me and many thanks in advance,
    Steve

    Tech Support Guy System Info Utility version 1.0.0.4
    OS Version: Microsoft Windows 10 Pro, 64 bit
    Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz, Intel64 Family 6 Model 94 Stepping 3
    Processor Count: 8
    RAM: 16336 Mb
    Graphics Card: NVIDIA GeForce GTX 970, -1 Mb
    Hard Drives: C: 476 GB (258 GB Free);
    Motherboard: MSI, Z170A KRAIT GAMING (MS-7984)
    Antivirus: Sophos Anti-Virus, Enabled and Updated


    FRST.txt



    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
    (Sophos Limited) C:\Program Files\Sophos\Clean\scsched.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
    (Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
    (MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
    () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
    (Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    (Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimeLineAgent.exe
    (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
    (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
    (MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
    (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
    () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Microsoft Corporation) C:\Windows\splwow64.exe
    (Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
    (Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
    (Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
    (Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
    HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
    HKLM\...\Run: [ProxyCap] => C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
    HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1031120 2015-05-18] (MSI)
    HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1516096 2018-03-23] (Sophos Limited)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
    HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Steve\AppData\Local\slack\Update.exe [1584656 2018-06-09] ()
    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-03-20] (NETGEAR Inc.)
    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
    AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [235928 2018-03-06] (Sophos Limited)
    AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [207864 2018-03-06] (Sophos Limited)
    AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [207864 2018-03-06] (Sophos Limited)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{6bf4afe8-5695-4ee2-8319-eb938c60e729}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    SearchScopes: HKU\S-1-5-21-1995455828-1570911684-582075778-1001 -> {3076390F-718F-43C6-807B-5CFBDB156677} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
    BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-01] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-09] (Oracle Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-09] (Oracle Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-09] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-09] (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-01] (Microsoft Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-11] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-11] (Google Inc.)

    Chrome:
    =======
    CHR DefaultProfile: Default
    CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
    CHR DefaultSearchKeyword: Default -> Yahoo
    CHR DefaultSuggestURL: Default -> hxxps://uk.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
    CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2018-08-13]
    CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
    CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
    CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
    CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
    CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
    CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
    CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
    CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
    CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
    CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx

    ==================== Services (Whitelisted) ====================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
    R2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [671744 2016-12-18] (Genie9) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
    R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
    S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
    R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
    R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
    S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (NETGEAR)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation)
    S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation)
    S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-07-27] (Overwolf LTD)
    R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [236384 2018-03-06] (Sophos Limited)
    R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [200064 2018-03-06] (Sophos Limited)
    S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
    R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [773080 2018-03-23] (Sophos Limited)
    R2 Sophos Client Firewall; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe [852640 2015-07-09] (Sophos Limited)
    R2 Sophos Client Firewall Manager; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe [170280 2015-07-09] (Sophos Limited)
    R2 SophosCleanScheduler; C:\Program Files\Sophos\Clean\scsched.exe [135488 2018-08-13] (Sophos Limited)
    R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2499872 2016-08-30] (Sophos Limited)
    S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
    R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475384 2018-03-06] (Sophos Limited)
    R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3620968 2018-03-06] (Sophos Limited)
    R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] () [File not signed]
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
    R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
    R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

    ===================== Drivers (Whitelisted) ======================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2016-01-29] (Evoluent)
    S3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [22584 2012-08-02] ()
    R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel Corporation)
    S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
    R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
    R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
    R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2018-05-05] (CACE Technologies, Inc.)
    R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
    R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-30] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
    R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
    R1 SAVOnAccess; C:\WINDOWS\System32\DRIVERS\savonaccess.sys [204328 2017-10-11] (Sophos Limited)
    R1 SFWCallout; C:\WINDOWS\system32\DRIVERS\SFWCallout.sys [65280 2015-07-09] (Sophos Limited)
    S4 SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [45840 2017-10-11] (Sophos Limited)
    R1 swi_callout; C:\WINDOWS\system32\DRIVERS\swi_callout.sys [47760 2017-10-11] (Sophos Limited)
    S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
    S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
    S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-08-13 18:08 - 2018-08-13 18:08 - 000022798 _____ C:\Users\Steve\Downloads\FRST.txt
    2018-08-13 18:06 - 2018-08-13 18:08 - 000000000 ____D C:\FRST
    2018-08-13 18:06 - 2018-08-13 18:06 - 002412544 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
    2018-08-13 14:06 - 2018-08-13 14:06 - 026716179 _____ C:\Users\Steve\Downloads\R7800-V1.0.2.52.zip
    2018-08-13 13:53 - 2018-08-13 13:53 - 000002061 _____ C:\Users\Public\Desktop\Sophos Clean.lnk
    2018-08-13 13:53 - 2018-08-13 13:53 - 000000000 ____D C:\Program Files\Sophos
    2018-08-13 13:52 - 2018-08-13 13:52 - 011766440 _____ (Sophos Limited) C:\Users\Steve\Downloads\SophosClean_x64.exe
    2018-08-13 13:45 - 2018-08-13 13:45 - 000000000 ___HD C:\OneDriveTemp
    2018-08-13 12:02 - 2018-08-13 12:13 - 000000000 ____D C:\Users\Steve\Desktop\Y.O.U steff
    2018-08-12 11:34 - 2018-08-12 11:34 - 000000000 ____D C:\Program Files (x86)\VulkanRT
    2018-08-12 11:34 - 2018-07-30 18:50 - 000132488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
    2018-08-12 11:33 - 2018-08-12 11:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
    2018-08-12 11:32 - 2018-08-01 10:50 - 004352880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 003769016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 002002448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439882.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 001565048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 001467920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439882.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 001420576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 001218528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 001094128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 000749936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 000628920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 000608544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
    2018-08-12 11:32 - 2018-08-01 10:50 - 000518488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 040346808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 035250008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 031250184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 025966552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 013728728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 011273816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 001159120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 000906808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 000816392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 000654760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
    2018-08-12 11:32 - 2018-08-01 10:49 - 000635968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 017756224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 015170808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 001358720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 001349384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 001071568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
    2018-08-12 11:32 - 2018-08-01 10:48 - 001065688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
    2018-08-12 11:32 - 2018-08-01 10:47 - 004128280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
    2018-08-12 11:32 - 2018-07-30 20:14 - 000047648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
    2018-08-12 11:26 - 2018-08-12 11:34 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
    2018-08-12 11:26 - 2018-08-01 10:52 - 000553376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
    2018-08-12 11:26 - 2018-08-01 10:52 - 000458312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
    2018-08-12 11:26 - 2018-07-30 18:41 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
    2018-08-12 11:26 - 2018-07-24 10:03 - 008253772 _____ C:\WINDOWS\system32\nvcoproc.bin
    2018-08-12 11:25 - 2018-08-12 12:25 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA Corporation
    2018-08-12 11:25 - 2018-08-12 11:38 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
    2018-08-12 11:25 - 2018-08-12 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
    2018-08-12 11:25 - 2018-08-12 11:25 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA
    2018-08-12 11:25 - 2018-07-30 20:14 - 001936424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 000206760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 000185256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
    2018-08-12 11:25 - 2018-07-30 20:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
    2018-08-12 11:25 - 2018-06-08 02:59 - 000069544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
    2018-08-12 11:25 - 2018-04-24 18:29 - 000065792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
    2018-08-12 11:24 - 2018-08-13 17:53 - 000000000 ____D C:\ProgramData\NVIDIA
    2018-08-12 11:24 - 2018-08-12 11:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
    2018-08-12 11:08 - 2018-08-12 11:08 - 000000000 ____D C:\Users\Steve\Downloads\[Guru3D.com]-DDU
    2018-08-12 11:07 - 2018-08-12 11:07 - 001117531 _____ C:\Users\Steve\Downloads\[Guru3D.com]-DDU.zip
    2018-08-12 11:02 - 2018-08-12 11:02 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
    2018-08-12 11:02 - 2018-08-12 11:02 - 000000000 ____D C:\Program Files (x86)\NirSoft
    2018-08-12 11:01 - 2018-08-12 11:01 - 000141864 _____ C:\Users\Steve\Downloads\bluescreenview_setup.exe
    2018-08-12 10:46 - 2018-08-12 09:47 - 001014260 _____ C:\Users\Steve\Desktop\081218-3421-01.dmp
    2018-08-12 09:47 - 2018-08-13 14:29 - 000000000 ____D C:\WINDOWS\Minidump
    2018-08-11 17:58 - 2018-08-11 17:58 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2018-08-11 17:58 - 2018-08-11 17:58 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2018-08-11 17:57 - 2018-08-11 17:57 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2018-08-11 17:57 - 2018-08-11 17:57 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2018-08-09 09:01 - 2018-08-09 09:01 - 000291170 _____ C:\Users\Steve\Downloads\YOU Pitch script - final v2.pdf
    2018-08-01 18:53 - 2018-08-01 18:53 - 000000000 ____D C:\Users\Steve\Downloads\potter 5 dale-20180801T165153Z-001
    2018-08-01 17:56 - 2018-08-01 17:57 - 1528295514 _____ C:\Users\Steve\Downloads\potter 5 dale-20180801T165153Z-001.zip
    2018-08-01 15:40 - 2018-08-01 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
    2018-08-01 13:24 - 2018-08-01 13:24 - 000489442 _____ C:\Users\Steve\Downloads\Y.O.U.eps
    2018-07-31 15:02 - 2018-06-24 16:40 - 000440768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NVStWiz.exe
    2018-07-31 14:59 - 2018-08-12 11:37 - 000000000 ____D C:\Temp
    2018-07-31 14:53 - 2018-08-12 11:37 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-07-31 14:53 - 2018-08-12 11:37 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-07-31 14:53 - 2018-07-30 20:14 - 002340392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
    2018-07-31 13:26 - 2018-07-31 13:31 - 000226933 _____ C:\Users\Steve\Desktop\Account expenses1 2016-17.xlsx
    2018-07-30 15:38 - 2018-07-30 16:57 - 000240743 _____ C:\Users\Steve\Desktop\Start up costs .xlsx
    2018-07-30 15:38 - 2018-07-30 15:38 - 000161077 _____ C:\Users\Steve\Downloads\Start Up Cost (2).xlsx
    2018-07-30 15:27 - 2018-07-30 15:27 - 000161458 _____ C:\Users\Steve\Downloads\Start Up Cost (1).xlsx
    2018-07-30 15:27 - 2018-07-30 15:27 - 000158883 _____ C:\Users\Steve\Downloads\Copy of Start Up Cost.xlsx
    2018-07-17 16:18 - 2017-10-11 09:10 - 000047760 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
    2018-07-16 17:13 - 2018-07-16 17:13 - 000215053 _____ C:\Users\Steve\Desktop\Start Up Cost.xlsx
    2018-07-16 17:11 - 2018-07-16 17:11 - 000161606 _____ C:\Users\Steve\Downloads\Start Up Cost.xlsx
    2018-07-16 16:02 - 2018-07-16 16:02 - 000483196 _____ C:\Users\Steve\Downloads\Statement--161015-10040237--12-09-2017-11-12-2017.pdf
    2018-07-15 22:22 - 2018-07-15 22:22 - 000013339 _____ C:\Users\Steve\Downloads\Download.CSV
    2018-07-15 22:10 - 2018-07-15 22:13 - 000001087 _____ C:\Users\Steve\Downloads\payouts_export.csv

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2018-08-13 17:52 - 2018-05-05 19:56 - 000000000 ____D C:\Users\Steve\AppData\Local\NETGEARGenie
    2018-08-13 17:52 - 2017-10-07 17:03 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Slack
    2018-08-13 17:52 - 2016-01-27 01:30 - 000000000 ___RD C:\Users\Steve\OneDrive
    2018-08-13 17:51 - 2018-05-23 07:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
    2018-08-13 17:51 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2018-08-13 17:38 - 2018-05-23 07:39 - 000000000 ____D C:\Users\Steve
    2018-08-13 16:48 - 2018-05-23 07:46 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2018-08-13 16:48 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
    2018-08-13 16:44 - 2018-05-23 07:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2018-08-13 16:44 - 2017-06-10 09:10 - 000000142 _____ C:\WINDOWS\ODBC.INI
    2018-08-13 16:35 - 2018-02-23 21:48 - 000000000 ____D C:\Users\Steve\AppData\Roaming\.purple
    2018-08-13 14:29 - 2018-05-23 07:37 - 000403856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2018-08-13 14:29 - 2016-01-27 01:21 - 000658956 ____N C:\WINDOWS\Minidump\081318-3390-01.dmp
    2018-08-13 13:53 - 2018-04-17 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
    2018-08-13 13:52 - 2017-06-10 09:09 - 000000000 ____D C:\ProgramData\Sophos
    2018-08-13 13:18 - 2016-01-28 22:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer
    2018-08-13 12:00 - 2016-01-28 22:15 - 000000000 ____D C:\Users\Steve\Documents\Outlook Files
    2018-08-12 11:42 - 2016-01-28 20:24 - 000000000 ____D C:\Users\Steve\AppData\Roaming\discord
    2018-08-12 11:38 - 2017-07-11 10:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
    2018-08-12 11:37 - 2018-05-23 07:43 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2018-05-23 07:43 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2018-05-23 07:43 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2018-05-23 07:43 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2018-05-23 07:43 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2018-05-23 07:43 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
    2018-08-12 11:37 - 2017-07-11 10:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
    2018-08-12 11:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
    2018-08-12 09:58 - 2017-12-14 19:00 - 000007624 _____ C:\Users\Steve\AppData\Local\Resmon.ResmonCfg
    2018-08-11 23:06 - 2016-12-19 22:44 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Mumble
    2018-08-11 19:36 - 2018-03-20 17:34 - 000001083 _____ C:\Users\Steve\Desktop\Mumble.lnk
    2018-08-11 17:58 - 2016-01-27 19:26 - 000000000 ____D C:\Program Files (x86)\Google
    2018-08-11 17:38 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
    2018-08-11 17:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
    2018-08-10 19:23 - 2017-12-12 08:32 - 000002233 _____ C:\Users\Steve\Desktop\Discord.lnk
    2018-08-10 19:23 - 2017-03-04 10:25 - 000000752 _____ C:\Users\Steve\Desktop\EVE Launcher.lnk
    2018-08-10 19:07 - 2016-04-18 19:39 - 000000000 ____D C:\Users\Steve\AppData\Roaming\TS3Client
    2018-08-09 15:47 - 2016-01-28 16:11 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
    2018-08-09 08:59 - 2017-11-30 12:03 - 000000000 ____D C:\Users\Steve\AppData\Local\Packages
    2018-08-09 08:33 - 2018-05-23 07:43 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1995455828-1570911684-582075778-1001
    2018-08-09 08:33 - 2018-05-23 07:39 - 000002363 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2018-08-09 07:49 - 2016-12-20 13:56 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
    2018-08-09 07:49 - 2016-12-20 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2018-08-09 07:49 - 2016-12-20 13:56 - 000000000 ____D C:\Program Files (x86)\Java
    2018-08-09 07:42 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
    2018-08-08 14:13 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
    2018-08-08 08:54 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
    2018-08-01 15:40 - 2016-01-28 21:29 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
    2018-08-01 15:40 - 2016-01-28 21:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
    2018-08-01 10:47 - 2017-11-09 04:25 - 004858224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
    2018-07-31 15:05 - 2018-07-11 12:20 - 000000000 ____D C:\ProgramData\Packages
    2018-07-31 15:02 - 2018-06-04 17:24 - 000000000 ____D C:\Users\Steve\AppData\Local\D3DSCache
    2018-07-30 20:14 - 2017-11-09 04:38 - 001688848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
    2018-07-30 20:14 - 2017-11-09 04:38 - 000227928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
    2018-07-30 20:14 - 2017-11-09 03:57 - 000044271 _____ C:\WINDOWS\system32\nvinfo.pb
    2018-07-30 18:03 - 2018-04-04 16:23 - 000000000 ____D C:\Users\Steve\Documents\HPScan
    2018-07-30 07:39 - 2016-04-18 19:39 - 000000000 ____D C:\Program Files (x86)\Overwolf

    ==================== Files in the root of some directories =======

    2017-12-14 19:00 - 2018-08-12 09:58 - 000007624 _____ () C:\Users\Steve\AppData\Local\Resmon.ResmonCfg

    Some files in TEMP:
    ====================
    2018-08-09 07:48 - 2018-08-09 07:48 - 001906040 _____ (Oracle Corporation) C:\Users\Steve\AppData\Local\Temp\jre-8u181-windows-au.exe
    2018-08-12 11:33 - 2017-10-27 17:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Steve\AppData\Local\Temp\nvStInst.exe
    2018-08-13 13:19 - 2018-08-13 13:19 - 000369152 _____ () C:\Users\Steve\AppData\Local\Temp\xuninst.exe

    ==================== Bamital & volsnap ======================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

    LastRegBack: 2018-05-23 07:37

    ==================== End of FRST.txt ============================




    Addition.txt


    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
    Ran by Steve (13-08-2018 18:08:37)
    Running from C:\Users\Steve\Downloads
    Windows 10 Pro Version 1803 17134.165 (X64) (2018-05-23 06:43:15)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-1995455828-1570911684-582075778-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1995455828-1570911684-582075778-503 - Limited - Disabled)
    Guest (S-1-5-21-1995455828-1570911684-582075778-501 - Limited - Disabled)
    SophosSAUSTEVEI7-aaa (S-1-5-21-1995455828-1570911684-582075778-1008 - Limited - Enabled)
    Steve (S-1-5-21-1995455828-1570911684-582075778-1001 - Administrator - Enabled) => C:\Users\Steve
    WDAGUtilityAccount (S-1-5-21-1995455828-1570911684-582075778-504 - Limited - Disabled)

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Sophos Anti-Virus (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Sophos Anti-Virus (Enabled - Up to date) {44CC060E-FAA8-498C-EC02-591EA8C240B2}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Sophos Client Firewall (Disabled) {C79666CF-96FD-475A-FDED-CB592D964D74}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
    Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
    CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
    Discord (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
    DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
    Dungeons & Dragons Online v2600.0045.4801.4249 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.4801.4249 - Atari, Inc.)
    EVE Online (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\{d5d30c07-afb5-4741-b9c7-8a82678ddc40}) (Version: 1.0.0 - CCP)
    EVEMon (HKLM-x32\...\EVEMon) (Version: 3.0.3 - EVEMon Development Team)
    GARPA Topographical Survey (HKLM\...\{DAF45687-983B-4990-9AB9-502B220555CE}) (Version: 3.2.1.1 - GARPA)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
    Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1508.1802 - Micro-Star International Co., Ltd.) Hidden
    Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1508.1802 - Micro-Star International Co., Ltd.)
    HFSExplorer 0.23.1 (HKLM-x32\...\HFSExplorer) (Version: 0.23.1 - Catacombae Software)
    HP Color LaserJet MFP M278-M281 Help (HKLM-x32\...\{3DF29BF3-A40D-4BDC-BE5D-FA592999A767}) (Version: 0.00.0005 - HP)
    HP ColorLaserJet MFP M278-M281 Basic Device Software (HKLM\...\{61F983A9-6F6F-40F0-B4AA-FF2B17BAB911}) (Version: 44.1.2549.17189 - HP Inc.)
    HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
    HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
    HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
    HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
    HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
    HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
    I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
    Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
    Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
    Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
    Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
    iTunes (HKLM\...\{AA3C449E-F61D-4214-A6E0-603560D607DE}) (Version: 12.8.0.150 - Apple Inc.)
    Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
    Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
    Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20082 - Microsoft Corporation)
    Microsoft OneDrive (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
    MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.01 - MSI)
    MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
    Mumble 1.2.18 (HKLM-x32\...\{6A56D9E2-AD64-4D11-819B-5308DD2DB5F1}) (Version: 1.2.18 - Thorvald Natvig)
    NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.)
    NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
    NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
    NVIDIA 3D Vision Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.82 - NVIDIA Corporation)
    NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
    NVIDIA Graphics Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
    NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
    Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
    Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
    Overwolf (HKLM-x32\...\Overwolf) (Version: 0.116.3.50 - Overwolf Ltd.)
    Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
    Product Improvement Study for HP ColorLaserJet MFP M278-M281 (HKLM\...\{8ADB6C99-9D2B-4069-B9C7-995E517EFE28}) (Version: 44.1.2549.17189 - HP Inc.)
    pyfa version 1.26.0 (YC118.10 1.2) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.26.0 (YC118.10 1.2) - pyfa)
    ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
    Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
    Slack (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\slack) (Version: 3.2.0 - Slack Technologies)
    Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.2.47170 - Sonos, Inc.)
    Sophos Anti-Virus (HKLM-x32\...\{6654537D-935E-41C0-A18A-C55C2BF77B7E}) (Version: 10.8.1.316 - Sophos Limited)
    Sophos AutoUpdate (HKLM-x32\...\{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54}) (Version: 5.11.206 - Sophos Limited)
    Sophos Clean (HKLM\...\SophosClean) (Version: 3.7.20.286 - Sophos Limited)
    Sophos Client Firewall (HKLM-x32\...\{A805FB2A-A844-4CBA-8088-CA64087D59E1}) (Version: 3.0.4 - Sophos Limited)
    Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.1 - Sophos Limited)
    Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
    TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers1: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
    ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9)
    ContextMenuHandlers2: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
    ContextMenuHandlers3: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9)
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
    ContextMenuHandlers4: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation)
    ContextMenuHandlers6: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {037E98F0-60E8-4837-A7C1-BA059CF6C2E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-11] (Google Inc.)
    Task: {0920424E-0C1E-4B9E-85F3-719B86A54AB0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-07-27] (Overwolf LTD)
    Task: {098CC859-0434-434D-87AD-9F05E8A4104A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-30] (NVIDIA Corporation)
    Task: {0FC629E9-D65B-4D60-A7C5-8B03F16A8EB4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
    Task: {1150A846-C13A-4BB1-B6C3-DC0A37BAAD6D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-30] (NVIDIA Corporation)
    Task: {168C4FFC-B56B-4D1A-ABB3-7F13A119D85A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-01] (Microsoft Corporation)
    Task: {19ED9E66-9AE6-4396-BB6B-75926D82DA04} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
    Task: {2382E603-8DA3-4AC9-87BB-06D6A386618E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-01] (Microsoft Corporation)
    Task: {3768DC39-953F-4DD1-8791-30CD1ED00461} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-30] (NVIDIA Corporation)
    Task: {40ACD4D6-0176-4948-8A7F-8747D42A7B8B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-07-11] (Microsoft Corporation)
    Task: {45C97E1D-AD75-4ECD-947D-F229062F8D9A} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2015-08-18] (Micro-Star International Co., Ltd.)
    Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
    Task: {6C44C0F6-F513-4B7A-A2B2-04D0BF0F47C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
    Task: {707EB11C-75F5-4972-ADF1-F3EB90A40793} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
    Task: {7116F9E4-98B6-4DCF-8981-4FA8DA72DA61} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-30] (NVIDIA Corporation)
    Task: {8F603BAC-9246-418B-8399-5F37709A4A0D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-30] (NVIDIA Corporation)
    Task: {9085DEA8-DAA6-4367-B6A4-C90794F8C0AC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-30] (NVIDIA Corporation)
    Task: {A15C8FFE-E83F-4024-B110-39C82116AEF1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
    Task: {A775172C-1CCE-4699-86FB-F8885D0375CF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
    Task: {ACD471D1-2E7C-4941-AD4C-364D67F13ED4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-30] (NVIDIA Corporation)
    Task: {B4B3D6FB-CD8F-4913-BE19-1C99D51AFA69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-11] (Google Inc.)
    Task: {BDE4FA70-C226-497D-BEAA-906A8BA41847} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
    Task: {C2D6A83A-3F1E-4D05-96BA-E2064EFAC8CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    Task: {CA281FB8-914C-477B-A959-7E38463360FB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
    Task: {CD7518D9-2F85-4DDF-A28D-629BFF2534C8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
    Task: {CED16E4D-58EB-49A2-96FC-7072AE8860A3} - System32\Tasks\HPCustParticipation HP ColorLaserJet MFP M278-M281 => C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPCustPartic.exe [2017-07-08] (HP Inc.)
    Task: {EE9D7502-F11D-4DF0-BDD6-538512DD16D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Shortcuts & WMI ========================

    (The entries could be listed to be restored or removed.)


    ==================== Loaded Modules (Whitelisted) ==============

    2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2016-12-13 11:18 - 2016-12-13 11:18 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000491520 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000087552 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000741376 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000211968 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000371200 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.dll
    2016-12-13 11:19 - 2016-12-13 11:19 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll
    2012-02-02 10:16 - 2012-02-02 10:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll
    2013-02-03 12:40 - 2013-02-03 12:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll
    2016-12-13 11:19 - 2016-12-13 11:19 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll
    2016-12-18 13:38 - 2016-12-18 13:38 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.dll
    2013-02-03 12:40 - 2013-02-03 12:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.dll
    2013-02-03 10:21 - 2013-02-03 10:21 - 000045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
    2013-02-03 10:21 - 2013-02-03 10:21 - 000097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2015-05-11 08:12 - 2015-05-11 08:12 - 000248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
    2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
    2018-05-05 19:57 - 2016-12-18 13:38 - 000163328 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
    2018-05-05 19:57 - 2016-12-13 11:18 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
    2018-05-05 19:57 - 2016-12-18 13:38 - 000211968 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
    2018-05-05 19:57 - 2016-12-13 11:19 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
    2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
    2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
    2018-05-05 19:57 - 2016-12-18 13:38 - 000491520 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
    2018-05-05 19:57 - 2013-02-03 12:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
    2018-05-05 19:57 - 2012-02-02 10:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
    2016-12-18 13:38 - 2016-12-18 13:38 - 000063488 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll
    2016-12-13 11:19 - 2016-12-13 11:19 - 000093696 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll
    2018-07-11 12:22 - 2018-07-06 07:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2018-07-17 16:58 - 2018-07-17 16:58 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
    2018-07-17 16:58 - 2018-07-17 16:58 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
    2018-07-17 16:58 - 2018-07-17 16:58 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
    2018-07-17 16:58 - 2018-07-17 16:58 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
    2018-08-11 17:58 - 2018-08-08 01:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
    2018-08-11 17:58 - 2018-08-08 01:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
    2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
    2016-01-06 20:43 - 2016-01-06 20:43 - 001095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
    2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
    2016-01-06 20:43 - 2016-01-06 20:43 - 000240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
    2018-07-06 02:00 - 2018-07-06 02:00 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
    2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 001962552 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\ffmpeg.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 000149048 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\runas\build\Release\runas.node
    2018-06-09 09:23 - 2018-06-09 09:23 - 000116792 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
    2018-03-20 06:25 - 2018-03-20 06:25 - 000080472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
    2018-06-09 09:23 - 2018-06-09 09:23 - 003695160 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\libglesv2.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 000025144 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\libegl.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 000408632 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\slack-calls.node
    2018-06-09 09:23 - 2018-06-09 09:23 - 007595576 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\CallsCore.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 000230968 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\protobuf_lite.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 001491512 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\boringssl.dll
    2018-06-09 09:23 - 2018-06-09 09:23 - 000164408 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
    2018-06-09 09:23 - 2018-06-09 09:23 - 000490040 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
    2018-06-09 09:23 - 2018-06-09 09:23 - 000096312 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
    2015-08-07 02:09 - 2015-08-07 02:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2018-08-12 11:25 - 2018-07-30 20:14 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
    2014-12-21 17:07 - 2014-12-21 17:07 - 000119822 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
    2014-12-21 17:07 - 2014-12-21 17:07 - 001026062 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
    2018-03-19 08:18 - 2018-03-19 08:18 - 000673792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
    2018-03-16 06:15 - 2018-03-16 06:15 - 001686528 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
    2018-02-07 07:27 - 2018-02-07 07:27 - 000168448 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
    2018-02-07 07:27 - 2018-02-07 07:27 - 000590848 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
    2018-02-07 07:31 - 2018-02-07 07:31 - 006887936 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
    2016-02-26 11:07 - 2016-02-26 11:07 - 000049152 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
    2016-08-15 09:28 - 2016-08-15 09:28 - 001125888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
    2018-02-07 07:24 - 2018-02-07 07:24 - 002977792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000111616 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 002285056 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
    2018-02-07 07:27 - 2018-02-07 07:27 - 000911360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
    2016-02-22 09:25 - 2016-02-22 09:25 - 000116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
    2018-03-16 06:16 - 2018-03-16 06:16 - 001242112 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
    2018-02-07 11:55 - 2018-02-07 11:55 - 011873792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
    2018-03-16 11:16 - 2018-03-16 11:16 - 002577920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
    2018-03-05 06:49 - 2018-03-05 06:49 - 000247808 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
    2018-02-07 07:32 - 2018-02-07 07:32 - 000849408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
    2018-02-07 07:32 - 2018-02-07 07:32 - 000414720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
    2016-01-15 03:06 - 2016-01-15 03:06 - 000057344 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
    2016-03-03 05:17 - 2016-03-03 05:17 - 000146944 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
    2015-08-24 09:41 - 2015-08-24 09:41 - 002360622 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
    2016-03-03 05:17 - 2016-03-03 05:17 - 000072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
    2016-03-03 05:17 - 2016-03-03 05:17 - 000074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
    2016-03-03 05:17 - 2016-03-03 05:17 - 000136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000219648 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000049664 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000070144 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000037376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
    2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
    2018-02-07 07:33 - 2018-02-07 07:33 - 000633344 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
    2018-02-07 07:33 - 2018-02-07 07:33 - 000433664 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
    2016-01-15 03:23 - 2016-01-15 03:23 - 000026112 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
    2016-04-12 07:13 - 2016-04-12 07:13 - 000067072 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"

    ==================== Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2016-01-28 14:55 - 2016-01-28 14:55 - 000000851 _____ C:\WINDOWS\system32\Drivers\etc\hosts


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
    Windows Firewall is disabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\StartupApproved\Run: => "Skype"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{DC07E3D7-DEE7-46A4-9D92-BA0465E3D469}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPNetworkCommunicatorCom.exe
    FirewallRules: [{DF792FF4-4E9B-45D8-87C6-FCBDDF48FDF8}] => (Allow) LPort=5357
    FirewallRules: [{FA5E4A93-3B37-4F85-8CE1-BBDB9EA6B7F7}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\DeviceSetup.exe
    FirewallRules: [{76885414-C883-4E40-9927-A52020419F4B}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxPrinterUtility.exe
    FirewallRules: [{235384F9-C91A-405E-8420-1EA8A70C755F}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\SendAFax.exe
    FirewallRules: [{D6992AF8-5852-4653-A28C-5AFC450AB021}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\DigitalWizards.exe
    FirewallRules: [{17AEAD08-F1DE-4B7D-B72E-8735B67FFDF4}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxApplications.exe
    FirewallRules: [{8BAA0010-1CA1-4D6A-97AC-FE4335AE1049}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\EWSProxy.exe
    FirewallRules: [{8C003C9B-E9AB-49A2-A6A0-45E55FA8C0D0}] => (Allow) C:\Users\Steve\AppData\Local\Temp\7zS6AFD\HP.EasyStart.exe
    FirewallRules: [{926620F9-2F25-4983-B0DA-B81B1C8A5766}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
    FirewallRules: [{E34DF1DE-0079-4200-9DC9-0F1C2E411782}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
    FirewallRules: [{4A1F5A1F-6C54-41DF-9FDF-5841CAB4660A}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
    FirewallRules: [{D4BD6CEE-16D1-44E7-B1CC-30BF4E9A378A}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
    FirewallRules: [UDP Query User{1C5E8837-63D9-46C8-BD58-1A8BB52E71DE}C:\eve\launcher\loglite.exe] => (Allow) C:\eve\launcher\loglite.exe
    FirewallRules: [TCP Query User{57C63736-7E79-4B5C-857B-C28ECED9D10B}C:\eve\launcher\loglite.exe] => (Allow) C:\eve\launcher\loglite.exe
    FirewallRules: [UDP Query User{DB13A174-5A28-4639-B2C4-ADFEF64A1E03}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [TCP Query User{B3AAF8C4-08D8-49D0-B834-ED248093BFDB}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
    FirewallRules: [UDP Query User{886F5977-A48C-48A6-B4E1-291C8B8F82FF}C:\eve\sharedcache\sisi\bin\exefile.exe] => (Block) C:\eve\sharedcache\sisi\bin\exefile.exe
    FirewallRules: [TCP Query User{9873DE2D-96B7-4A47-8BD5-52B276F8BBBA}C:\eve\sharedcache\sisi\bin\exefile.exe] => (Block) C:\eve\sharedcache\sisi\bin\exefile.exe
    FirewallRules: [UDP Query User{73B5671B-4438-4218-871B-801A70313DF1}C:\program files (x86)\pyfa\pyfa.exe] => (Block) C:\program files (x86)\pyfa\pyfa.exe
    FirewallRules: [TCP Query User{B5E22858-3801-4D7D-A4CC-FC855D71A097}C:\program files (x86)\pyfa\pyfa.exe] => (Block) C:\program files (x86)\pyfa\pyfa.exe
    FirewallRules: [UDP Query User{47F7B405-6C01-4D9C-82C9-732EF3DA8396}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
    FirewallRules: [TCP Query User{4FD39BEE-CE03-4B58-AC90-B551422FC55A}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
    FirewallRules: [UDP Query User{36879C96-9776-4C4F-807F-A96B5F1FCEA2}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\steve\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{A498BF82-F8F9-417A-BE09-8326A99A9B5C}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\steve\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{C7BF16D2-8052-4AF9-8BC0-F7801644BD96}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
    FirewallRules: [TCP Query User{0532E3C7-36E4-435D-A721-ACA3333D0C98}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
    FirewallRules: [UDP Query User{EDAF74E4-6C4D-41B8-8AAD-7E3CF17C5A03}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{85AF17C1-13C4-491B-AA08-CB28D00CEE9B}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [TCP Query User{361748BA-16E0-4063-B548-FC7A4E9464EC}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\steve\appdata\local\akamai\netsession_win.exe
    FirewallRules: [UDP Query User{AABDF557-6977-42A3-880E-C59D45601D76}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\steve\appdata\local\akamai\netsession_win.exe
    FirewallRules: [TCP Query User{0A02FAB6-9E3A-47E9-9476-3BE8D2CB6455}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
    FirewallRules: [UDP Query User{597A46CA-CFAB-40F1-A5D6-CC2AE22566F6}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
    FirewallRules: [TCP Query User{F21C3B27-A834-4FE6-BD8C-A1F3AD7291BE}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
    FirewallRules: [UDP Query User{D2EBFFD8-FD2F-48C8-BD97-6CB35E76C688}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
    FirewallRules: [{9AEF1CBB-35C6-4EC2-90FB-3A511FB312C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{2D254314-29F3-48D1-AEFB-EAFDD8FE3413}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
    FirewallRules: [{39709D68-4DB5-4BE4-BD06-2B813FC0277E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{08A82C8F-B247-4978-8C67-4910D776AB00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    FirewallRules: [{3ABC88EA-5D84-45C5-9A2F-A526D9595968}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{98191463-72E0-4BCC-90BE-55C0961BEF09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{A58BCEFA-15C1-40E5-A5DD-7B9AF58D33A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{2AA6F92E-DF9C-45B9-B89F-DDAC6214F119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [TCP Query User{F705A054-BB6D-43CB-BDF0-B18A202591E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [UDP Query User{67ACEED8-E954-4A54-8E12-F8247ACFBD54}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
    FirewallRules: [{605F8464-BDCD-4521-AB0C-6F1CA56EC656}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{E0FCAE9F-F32B-486D-A62A-508B516D637E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{82F48C57-56A6-47F5-848D-2171854319A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{F0D44E66-C4DF-4B92-953B-AFDDD5FED317}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{5D5DA3E6-EF28-4DF9-A8EE-D8353925C7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{722BB7E6-F5C4-4B92-8D30-A45AA036B736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{B89A0217-FA96-41AD-A23F-656F67DFB355}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
    FirewallRules: [{48A2F1D5-BE6D-4892-8179-F5371FFC4672}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{4605F5D9-96DB-4F7E-A0B9-3755740ADE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

    ==================== Restore Points =========================

    27-07-2018 08:09:22 Scheduled Checkpoint
    08-08-2018 14:25:29 Scheduled Checkpoint
    12-08-2018 08:48:35 Removed Evoluent Mouse Manager
    12-08-2018 11:09:16 DDU Restore Point
    13-08-2018 13:17:39 Removed ProxyCap

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (08/13/2018 01:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
    Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d979
    Faulting process id: 0xe00
    Faulting application start time: 0x01d432f545c3b69b
    Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: 0108d31e-9b61-4f40-99a9-68e64eead7b5
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/13/2018 01:18:52 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (08/13/2018 11:56:30 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
    Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d979
    Faulting process id: 0x3a74
    Faulting application start time: 0x01d432cdbf5ba86c
    Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: e517ebd5-78b4-4db9-b8e4-5d81be4f2a49
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/13/2018 07:23:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
    Description: Event-ID 0

    Error: (08/13/2018 07:20:29 AM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
    Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
    Exception code: 0xc0000005
    Fault offset: 0x000000000001d979
    Faulting process id: 0xd0c
    Faulting application start time: 0x01d4322593cdc5a3
    Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
    Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
    Report Id: 42c02b24-76b2-4ff8-99b7-346d50796785
    Faulting package full name:
    Faulting package-relative application ID:

    Error: (08/12/2018 11:24:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
    Description: The program iexplore.exe version 11.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

    Process ID: 2320

    Start Time: 01d432264ac56817

    Termination Time: 4

    Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

    Report Id: b3afcdc5-afb4-4cb0-ba02-781e3272e1da

    Faulting package full name:

    Faulting package-relative application ID:

    Error: (08/12/2018 11:09:16 AM) (Source: VSS) (EventID: 8194) (User: )
    Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
    .
    This is often caused by incorrect security settings in either the writer or requestor process.


    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {db97861a-ae93-48cc-8b86-f26ea58d238d}

    Error: (08/12/2018 09:51:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
    Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 2.1.168.192.in-addr.arpa. PTR STEVEi7-PC.local.


    System errors:
    =============
    Error: (08/13/2018 05:52:01 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (08/13/2018 04:44:12 PM) (Source: volmgr) (EventID: 161) (User: )
    Description: Dump file creation failed due to error during dump creation.

    Error: (08/13/2018 04:44:14 PM) (Source: EventLog) (EventID: 6008) (User: )
    Description: The previous system shutdown at 4:29:56 PM on ‎8/‎13/‎2018 was unexpected.

    Error: (08/13/2018 03:35:24 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (08/13/2018 02:29:53 PM) (Source: volmgr) (EventID: 46) (User: )
    Description: Crash dump initialization failed!

    Error: (08/13/2018 01:45:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: The Genie Timeline Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

    Error: (08/13/2018 01:45:04 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
    Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
    {D63B10C5-BB46-4990-A94F-E40B9D520160}
    and APPID
    {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
    to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

    Error: (08/13/2018 12:05:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    Windows.SecurityCenter.WscBrokerManager
    and APPID
    Unavailable
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


    CodeIntegrity:
    ===================================

    Date: 2018-08-13 11:58:43.260
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-13 11:58:43.258
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-13 11:58:43.256
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-13 11:58:43.254
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-13 11:58:43.252
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-13 11:58:40.494
    Description:
    Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2018-08-11 17:56:26.148
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    Date: 2018-08-11 17:56:26.146
    Description:
    Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
    Percentage of memory in use: 29%
    Total physical RAM: 16336.4 MB
    Available physical RAM: 11505.27 MB
    Total Virtual: 17360.4 MB
    Available Virtual: 11370.29 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:476.39 GB) (Free:258.75 GB) NTFS

    \\?\Volume{22e5bf40-cbb1-4e80-8538-c44b04e78dab}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
    \\?\Volume{c9d41cdd-0d76-42e9-85d3-09aaa7a4b952}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

    Partition: GPT.

    ==================== End of Addition.txt ============================
     
  2. AmateurJohn

    AmateurJohn

    Joined:
    Jul 19, 2018
    Messages:
    165
    First Name:
    AmateurJohn
    What are your computers temps? Overheating can cause restarting problems. A buildup of windows updates can cause BSODs sometimes.
     
  3. Steve84b

    Steve84b Thread Starter

    Joined:
    Aug 13, 2018
    Messages:
    3
    Hi John.

    Installed core temp and had it running when the PC froze at which time the maximum temp was on Core 1 and was 56 degrees which I think should be fine. Have restarted and temp is slightly higher at 61 but still doesn't seem too bad.

    As for the windows updates am not sure what to do or check regarding that.

    Cheers,
    Steve
     
  4. dmccoy

    dmccoy

    Joined:
    Oct 7, 2017
    Messages:
    4,489
    First Name:
    Darrin
    AmateurJohn likes this.
  5. AmateurJohn

    AmateurJohn

    Joined:
    Jul 19, 2018
    Messages:
    165
    First Name:
    AmateurJohn
    To view your Windows Updates:
    1. Click the Windows icon in the bottom right of your screen
    2. Type "Settings" in the windows search bar, and click the Settings option(it might say Trusted Windows Store App under it)
    3. You should see stuff like "System" and "Devices", go to the one that says "Update and Security"
    4. Then a new window should open and it should say "Windows Updates" towards the top
    5. Click the grey "Check for updates" button, and let it run
    6. If there is an update, do not turn off your computer or restart it, just let it run sometimes updates will take hours
    7. You can also view previous updates from the same page you check for updates
    8. You just click the the "View update history" link and it will show you what updates failed or were successful, driver updates, quality updates etc
    Note: Make sure you close out of any programs, save your progress, and bookmark your webpages, and stuff. After updating, your computer will probably ask you to restart it. You have also been having BSODs, so just make sure you don't lose progress that can be saved.
     
  6. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,232
    I think your problems may well be related to
    1. Sophos AV and Firewall

    2. Net Gear as below

    that error regarding NETGEAR Ready Share not meeting Microsoft driver signing level requirements is repeated many times and may be found in your FRST txt under the heading
    CodeIntegrity:

    3. You have installed this
    I strongly recommend you uninstall it.
    =================================
    Therefore I see the three above a possible culprits for your problems
    The fact that you may have used them without problems previously is irrelevant, as changes to files in Windows via updates that include aspects of these programs, may well then cause them to produce problems

    My recommendations are - to be followed in the order shown
    1. You uninstall SOPHOS and all related software - -the firewall
    https://support.home.sophos.com/hc/...Uninstalling-Sophos-Home-on-Windows-computers

    That link information is actually incorrect for windows 10 an uninstall of a product is not now done through Programs and features but as shown here
    https://support.microsoft.com/en-gb/help/4028054/windows-10-repair-or-remove-programs

    NOTE you must UNINSTALL the Sophos Firewall and REBOOT before uninstalling the Sophos AV
    Then REBOOT again.
    Check that Windows Defender and Windows Firewall are now running and update Defender.

    Run a quick scan.
    IF it finds anything post details please BEFORE proceeding.

    If all is well with the scan - test the system to see if the problem of freezing etc still exists
    When I say test the system - just use it as normal for gaming, browsing etc.

    2. IF the problem still exists LEAVE SOPHOS uninstalled for the time being and update if such is available that Netgear Ready Share. IF such update or whatever is not available then uninstall it.
    The uninstall of the Netgear Ready Share software should not effect the backups of course.
    Test the system

    3. If the problem still exists uninstall the Slack Technologies software
    Although I recommend that you do that in any case.

    IF you are going to follow that recommendation to uninstall Slack
    https://slack.com/release-notes/windows
    then you may wish to try that possible solution first.
    ======================================

    Finally I suspect SOPHOS - good as it is as an AV, causes problems on 10, especially after major windows updates, as do many 3rd party antivirus programs and indeed Firewalls. I notice there are recent reports of problems with Windows updates when using Sophos.
    IF I am wrong you can of course always reinstall it without problems especially if it is the free edition
     
    AmateurJohn likes this.
  7. Steve84b

    Steve84b Thread Starter

    Joined:
    Aug 13, 2018
    Messages:
    3
    Thanks for the messages. Have unistalled the Sophos and slack and also dowloaded and used CCleaner and the problem seems to have resolved itself for now.

    Fingers crossed it stays this way and thanks again for all the help.

    Steve
     
    AmateurJohn likes this.
  8. Macboatmaster

    Macboatmaster Trusted Advisor Spam Fighter

    Joined:
    Jan 14, 2010
    Messages:
    23,232
    Cheers
    CCleaner is unnecessary on 10 as a system maintenance tool and if you run it in default mode you will have problems and if you run the registry cleaner you will likely ruin the windows system.

    My advice is not to run CCleaner
    drive defrag or optimization is automatic on 10
    Drive checking is automatic on 10
    I advise you confine yourself to disk cleanup - and one week after major updates when you are sure all is well a diskcleanup of system files
    These utilities are included in windows of course and can be found
    https://support.microsoft.com/en-gb/help/4026616/windows-10-disk-cleanup

    Although the link says - if you need more space - the cleanup of system files after major updates - when you are sure all is ok - that is why I suggest one week - is good practice - space issue aside
     
    AmateurJohn likes this.
  9. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1214409

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice