Solved Problems with PC randomly freezing and restarting

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Steve84b

Thread Starter
Joined
Aug 13, 2018
Messages
3
Hi there,

I've been having a problem with my PC randomly freezing and restarting (BSOD). Not really sure what to do as I can't seem to identify the cause. Have checked all drivers are up to date and have also done a clean install of my Nvidia graphics drivers.

From reading here I have done a sys info, pasted below, and because I thought earlier it might be a virus even though Sophos seems to say the PC is clean I installed and ran FRST and have pasted those logs below as well.

I really hope that someone can can help me and many thanks in advance,
Steve

Tech Support Guy System Info Utility version 1.0.0.4
OS Version: Microsoft Windows 10 Pro, 64 bit
Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz, Intel64 Family 6 Model 94 Stepping 3
Processor Count: 8
RAM: 16336 Mb
Graphics Card: NVIDIA GeForce GTX 970, -1 Mb
Hard Drives: C: 476 GB (258 GB Free);
Motherboard: MSI, Z170A KRAIT GAMING (MS-7984)
Antivirus: Sophos Anti-Virus, Enabled and Updated


FRST.txt



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Sophos Limited) C:\Program Files\Sophos\Clean\scsched.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
() C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Genie9) C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimeLineAgent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NETGEAR Inc.) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
() C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
(Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
(Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
(Slack Technologies) C:\Users\Steve\AppData\Local\slack\app-3.2.0\slack.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8520448 2015-07-29] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15053944 2016-01-06] (Logitech Inc.)
HKLM\...\Run: [ProxyCap] => C:\Program Files\Proxy Labs\ProxyCap\pcapui.exe
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-07-06] (Apple Inc.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1031120 2015-05-18] (MSI)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1516096 2018-03-23] (Sophos Limited)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [com.squirrel.slack.slack] => C:\Users\Steve\AppData\Local\slack\Update.exe [1584656 2018-06-09] ()
HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [610904 2018-03-20] (NETGEAR Inc.)
HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Run: [World of Tanks] => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [235928 2018-03-06] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\\sophos_detoured.dll [207864 2018-03-06] (Sophos Limited)
AppInit_DLLs-x32: ,C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [207864 2018-03-06] (Sophos Limited)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6bf4afe8-5695-4ee2-8319-eb938c60e729}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1995455828-1570911684-582075778-1001 -> {3076390F-718F-43C6-807B-5CFBDB156677} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll [2018-08-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-09] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-01] (Microsoft Corporation)

FireFox:
========
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files (x86)\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-07-30] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-07-30] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-11] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://uk.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2018-08-13]
CHR Extension: (Slides) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-28]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-28]
CHR Extension: (Google Search) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-28]
CHR Extension: (Sheets) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-28]
CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
CHR HKLM-x32\...\Chrome\Extension: [fabhkdeopjkcpkmofliimbjckmocfiom] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-07-05] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8851496 2018-07-22] (Microsoft Corporation)
R2 GenieTimelineService; C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe [671744 2016-12-18] (Genie9) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2016-01-06] (Logitech Inc.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [163280 2015-05-18] (MSI)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [233456 2017-07-04] (NETGEAR)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [764456 2018-07-30] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2308424 2018-07-27] (Overwolf LTD)
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [236384 2018-03-06] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [200064 2018-03-06] (Sophos Limited)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-04-12] (Microsoft Corporation)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [773080 2018-03-23] (Sophos Limited)
R2 Sophos Client Firewall; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFService.exe [852640 2015-07-09] (Sophos Limited)
R2 Sophos Client Firewall Manager; C:\Program Files (x86)\Sophos\Sophos Client Firewall\SCFManager.exe [170280 2015-07-09] (Sophos Limited)
R2 SophosCleanScheduler; C:\Program Files\Sophos\Clean\scsched.exe [135488 2018-08-13] (Sophos Limited)
R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2499872 2016-08-30] (Sophos Limited)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [475384 2018-03-06] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3620968 2018-03-06] (Sophos Limited)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] () [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 EvoMouseDriverFilterHidUsb; C:\WINDOWS\System32\drivers\EvoMouseDriverFilterHidUsb.sys [29936 2016-01-29] (Evoluent)
S3 EvoMouseDriverMini; C:\WINDOWS\system32\drivers\EvoMouseDriverMini.sys [22584 2012-08-02] ()
R3 iaLPSS2_GPIO2; C:\WINDOWS\System32\drivers\iaLPSS2_GPIO2.sys [98976 2017-06-28] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super Charger\ipadtst_64.sys [20464 2013-11-11] (Windows (R) Win 7 DDK provider)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2018-05-05] (CACE Technologies, Inc.)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_52ac7eb8f32780d5\nvlddmkm.sys [17211376 2018-08-01] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30656 2018-07-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
R1 SAVOnAccess; C:\WINDOWS\System32\DRIVERS\savonaccess.sys [204328 2017-10-11] (Sophos Limited)
R1 SFWCallout; C:\WINDOWS\system32\DRIVERS\SFWCallout.sys [65280 2015-07-09] (Sophos Limited)
S4 SophosBootDriver; C:\WINDOWS\system32\DRIVERS\SophosBootDriver.sys [45840 2017-10-11] (Sophos Limited)
R1 swi_callout; C:\WINDOWS\system32\DRIVERS\swi_callout.sys [47760 2017-10-11] (Sophos Limited)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-13 18:08 - 2018-08-13 18:08 - 000022798 _____ C:\Users\Steve\Downloads\FRST.txt
2018-08-13 18:06 - 2018-08-13 18:08 - 000000000 ____D C:\FRST
2018-08-13 18:06 - 2018-08-13 18:06 - 002412544 _____ (Farbar) C:\Users\Steve\Downloads\FRST64.exe
2018-08-13 14:06 - 2018-08-13 14:06 - 026716179 _____ C:\Users\Steve\Downloads\R7800-V1.0.2.52.zip
2018-08-13 13:53 - 2018-08-13 13:53 - 000002061 _____ C:\Users\Public\Desktop\Sophos Clean.lnk
2018-08-13 13:53 - 2018-08-13 13:53 - 000000000 ____D C:\Program Files\Sophos
2018-08-13 13:52 - 2018-08-13 13:52 - 011766440 _____ (Sophos Limited) C:\Users\Steve\Downloads\SophosClean_x64.exe
2018-08-13 13:45 - 2018-08-13 13:45 - 000000000 ___HD C:\OneDriveTemp
2018-08-13 12:02 - 2018-08-13 12:13 - 000000000 ____D C:\Users\Steve\Desktop\Y.O.U steff
2018-08-12 11:34 - 2018-08-12 11:34 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-08-12 11:34 - 2018-07-30 18:50 - 000132488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-08-12 11:33 - 2018-08-12 11:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-08-12 11:32 - 2018-08-01 10:50 - 004352880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 003769016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 002002448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439882.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 001565048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 001467920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439882.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 001420576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 001218528 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 001094128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 000749936 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 000628920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 000608544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-08-12 11:32 - 2018-08-01 10:50 - 000518488 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 040346808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 035250008 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 031250184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 025966552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 013728728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 011273816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 001159120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 000906808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 000816392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 000654760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-08-12 11:32 - 2018-08-01 10:49 - 000635968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 017756224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 015170808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 001358720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 001349384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 001071568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-08-12 11:32 - 2018-08-01 10:48 - 001065688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-08-12 11:32 - 2018-08-01 10:47 - 004128280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-08-12 11:32 - 2018-07-30 20:14 - 000047648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2018-08-12 11:26 - 2018-08-12 11:34 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-08-12 11:26 - 2018-08-01 10:52 - 000553376 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-08-12 11:26 - 2018-08-01 10:52 - 000458312 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 005947600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 002612264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 001767632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 000634352 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 000450768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 000124216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-08-12 11:26 - 2018-07-30 18:41 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-08-12 11:26 - 2018-07-24 10:03 - 008253772 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-08-12 11:25 - 2018-08-12 12:25 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA Corporation
2018-08-12 11:25 - 2018-08-12 11:38 - 000001443 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-08-12 11:25 - 2018-08-12 11:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-08-12 11:25 - 2018-08-12 11:25 - 000000000 ____D C:\Users\Steve\AppData\Local\NVIDIA
2018-08-12 11:25 - 2018-07-30 20:14 - 001936424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 001311784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 000206760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 000185256 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-08-12 11:25 - 2018-07-30 20:14 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-08-12 11:25 - 2018-06-08 02:59 - 000069544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2018-08-12 11:25 - 2018-04-24 18:29 - 000065792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2018-08-12 11:24 - 2018-08-13 17:53 - 000000000 ____D C:\ProgramData\NVIDIA
2018-08-12 11:24 - 2018-08-12 11:37 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-08-12 11:08 - 2018-08-12 11:08 - 000000000 ____D C:\Users\Steve\Downloads\[Guru3D.com]-DDU
2018-08-12 11:07 - 2018-08-12 11:07 - 001117531 _____ C:\Users\Steve\Downloads\[Guru3D.com]-DDU.zip
2018-08-12 11:02 - 2018-08-12 11:02 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2018-08-12 11:02 - 2018-08-12 11:02 - 000000000 ____D C:\Program Files (x86)\NirSoft
2018-08-12 11:01 - 2018-08-12 11:01 - 000141864 _____ C:\Users\Steve\Downloads\bluescreenview_setup.exe
2018-08-12 10:46 - 2018-08-12 09:47 - 001014260 _____ C:\Users\Steve\Desktop\081218-3421-01.dmp
2018-08-12 09:47 - 2018-08-13 14:29 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-11 17:58 - 2018-08-11 17:58 - 000002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-11 17:58 - 2018-08-11 17:58 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-11 17:57 - 2018-08-11 17:57 - 000003418 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-11 17:57 - 2018-08-11 17:57 - 000003294 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-09 09:01 - 2018-08-09 09:01 - 000291170 _____ C:\Users\Steve\Downloads\YOU Pitch script - final v2.pdf
2018-08-01 18:53 - 2018-08-01 18:53 - 000000000 ____D C:\Users\Steve\Downloads\potter 5 dale-20180801T165153Z-001
2018-08-01 17:56 - 2018-08-01 17:57 - 1528295514 _____ C:\Users\Steve\Downloads\potter 5 dale-20180801T165153Z-001.zip
2018-08-01 15:40 - 2018-08-01 15:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-01 13:24 - 2018-08-01 13:24 - 000489442 _____ C:\Users\Steve\Downloads\Y.O.U.eps
2018-07-31 15:02 - 2018-06-24 16:40 - 000440768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NVStWiz.exe
2018-07-31 14:59 - 2018-08-12 11:37 - 000000000 ____D C:\Temp
2018-07-31 14:53 - 2018-08-12 11:37 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-31 14:53 - 2018-08-12 11:37 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-31 14:53 - 2018-08-12 11:37 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-07-31 14:53 - 2018-07-30 20:14 - 002340392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-07-31 13:26 - 2018-07-31 13:31 - 000226933 _____ C:\Users\Steve\Desktop\Account expenses1 2016-17.xlsx
2018-07-30 15:38 - 2018-07-30 16:57 - 000240743 _____ C:\Users\Steve\Desktop\Start up costs .xlsx
2018-07-30 15:38 - 2018-07-30 15:38 - 000161077 _____ C:\Users\Steve\Downloads\Start Up Cost (2).xlsx
2018-07-30 15:27 - 2018-07-30 15:27 - 000161458 _____ C:\Users\Steve\Downloads\Start Up Cost (1).xlsx
2018-07-30 15:27 - 2018-07-30 15:27 - 000158883 _____ C:\Users\Steve\Downloads\Copy of Start Up Cost.xlsx
2018-07-17 16:18 - 2017-10-11 09:10 - 000047760 _____ (Sophos Limited) C:\WINDOWS\system32\Drivers\swi_callout.sys
2018-07-16 17:13 - 2018-07-16 17:13 - 000215053 _____ C:\Users\Steve\Desktop\Start Up Cost.xlsx
2018-07-16 17:11 - 2018-07-16 17:11 - 000161606 _____ C:\Users\Steve\Downloads\Start Up Cost.xlsx
2018-07-16 16:02 - 2018-07-16 16:02 - 000483196 _____ C:\Users\Steve\Downloads\Statement--161015-10040237--12-09-2017-11-12-2017.pdf
2018-07-15 22:22 - 2018-07-15 22:22 - 000013339 _____ C:\Users\Steve\Downloads\Download.CSV
2018-07-15 22:10 - 2018-07-15 22:13 - 000001087 _____ C:\Users\Steve\Downloads\payouts_export.csv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-13 17:52 - 2018-05-05 19:56 - 000000000 ____D C:\Users\Steve\AppData\Local\NETGEARGenie
2018-08-13 17:52 - 2017-10-07 17:03 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Slack
2018-08-13 17:52 - 2016-01-27 01:30 - 000000000 ___RD C:\Users\Steve\OneDrive
2018-08-13 17:51 - 2018-05-23 07:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-13 17:51 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-13 17:38 - 2018-05-23 07:39 - 000000000 ____D C:\Users\Steve
2018-08-13 16:48 - 2018-05-23 07:46 - 000838560 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-13 16:48 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-08-13 16:44 - 2018-05-23 07:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-13 16:44 - 2017-06-10 09:10 - 000000142 _____ C:\WINDOWS\ODBC.INI
2018-08-13 16:35 - 2018-02-23 21:48 - 000000000 ____D C:\Users\Steve\AppData\Roaming\.purple
2018-08-13 14:29 - 2018-05-23 07:37 - 000403856 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-13 14:29 - 2016-01-27 01:21 - 000658956 ____N C:\WINDOWS\Minidump\081318-3390-01.dmp
2018-08-13 13:53 - 2018-04-17 11:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-08-13 13:52 - 2017-06-10 09:09 - 000000000 ____D C:\ProgramData\Sophos
2018-08-13 13:18 - 2016-01-28 22:53 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-08-13 12:00 - 2016-01-28 22:15 - 000000000 ____D C:\Users\Steve\Documents\Outlook Files
2018-08-12 11:42 - 2016-01-28 20:24 - 000000000 ____D C:\Users\Steve\AppData\Roaming\discord
2018-08-12 11:38 - 2017-07-11 10:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-08-12 11:37 - 2018-05-23 07:43 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2018-05-23 07:43 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2018-05-23 07:43 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2018-05-23 07:43 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2018-05-23 07:43 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2018-05-23 07:43 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-08-12 11:37 - 2017-07-11 10:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-08-12 11:26 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2018-08-12 09:58 - 2017-12-14 19:00 - 000007624 _____ C:\Users\Steve\AppData\Local\Resmon.ResmonCfg
2018-08-11 23:06 - 2016-12-19 22:44 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Mumble
2018-08-11 19:36 - 2018-03-20 17:34 - 000001083 _____ C:\Users\Steve\Desktop\Mumble.lnk
2018-08-11 17:58 - 2016-01-27 19:26 - 000000000 ____D C:\Program Files (x86)\Google
2018-08-11 17:38 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-11 17:38 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-10 19:23 - 2017-12-12 08:32 - 000002233 _____ C:\Users\Steve\Desktop\Discord.lnk
2018-08-10 19:23 - 2017-03-04 10:25 - 000000752 _____ C:\Users\Steve\Desktop\EVE Launcher.lnk
2018-08-10 19:07 - 2016-04-18 19:39 - 000000000 ____D C:\Users\Steve\AppData\Roaming\TS3Client
2018-08-09 15:47 - 2016-01-28 16:11 - 000000000 ____D C:\Users\Steve\AppData\Local\CrashDumps
2018-08-09 08:59 - 2017-11-30 12:03 - 000000000 ____D C:\Users\Steve\AppData\Local\Packages
2018-08-09 08:33 - 2018-05-23 07:43 - 000003366 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1995455828-1570911684-582075778-1001
2018-08-09 08:33 - 2018-05-23 07:39 - 000002363 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-09 07:49 - 2016-12-20 13:56 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-08-09 07:49 - 2016-12-20 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-09 07:49 - 2016-12-20 13:56 - 000000000 ____D C:\Program Files (x86)\Java
2018-08-09 07:42 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-08 14:13 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-08 08:54 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-01 15:40 - 2016-01-28 21:29 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-01 15:40 - 2016-01-28 21:29 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-01 15:40 - 2016-01-28 21:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-01 10:47 - 2017-11-09 04:25 - 004858224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-07-31 15:05 - 2018-07-11 12:20 - 000000000 ____D C:\ProgramData\Packages
2018-07-31 15:02 - 2018-06-04 17:24 - 000000000 ____D C:\Users\Steve\AppData\Local\D3DSCache
2018-07-30 20:14 - 2017-11-09 04:38 - 001688848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco6420103.dll
2018-07-30 20:14 - 2017-11-09 04:38 - 000227928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2018-07-30 20:14 - 2017-11-09 03:57 - 000044271 _____ C:\WINDOWS\system32\nvinfo.pb
2018-07-30 18:03 - 2018-04-04 16:23 - 000000000 ____D C:\Users\Steve\Documents\HPScan
2018-07-30 07:39 - 2016-04-18 19:39 - 000000000 ____D C:\Program Files (x86)\Overwolf

==================== Files in the root of some directories =======

2017-12-14 19:00 - 2018-08-12 09:58 - 000007624 _____ () C:\Users\Steve\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-08-09 07:48 - 2018-08-09 07:48 - 001906040 _____ (Oracle Corporation) C:\Users\Steve\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-08-12 11:33 - 2017-10-27 17:06 - 000370296 _____ (NVIDIA Corporation) C:\Users\Steve\AppData\Local\Temp\nvStInst.exe
2018-08-13 13:19 - 2018-08-13 13:19 - 000369152 _____ () C:\Users\Steve\AppData\Local\Temp\xuninst.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-23 07:37

==================== End of FRST.txt ============================




Addition.txt


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.08.2018
Ran by Steve (13-08-2018 18:08:37)
Running from C:\Users\Steve\Downloads
Windows 10 Pro Version 1803 17134.165 (X64) (2018-05-23 06:43:15)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1995455828-1570911684-582075778-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1995455828-1570911684-582075778-503 - Limited - Disabled)
Guest (S-1-5-21-1995455828-1570911684-582075778-501 - Limited - Disabled)
SophosSAUSTEVEI7-aaa (S-1-5-21-1995455828-1570911684-582075778-1008 - Limited - Enabled)
Steve (S-1-5-21-1995455828-1570911684-582075778-1001 - Administrator - Enabled) => C:\Users\Steve
WDAGUtilityAccount (S-1-5-21-1995455828-1570911684-582075778-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Sophos Anti-Virus (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Sophos Anti-Virus (Enabled - Up to date) {44CC060E-FAA8-498C-EC02-591EA8C240B2}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Sophos Client Firewall (Disabled) {C79666CF-96FD-475A-FDED-CB592D964D74}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Apple Application Support (32-bit) (HKLM-x32\...\{E5347310-C82F-4833-AA36-8D11E5A8A86A}) (Version: 6.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D745E014-74DD-43A3-98DF-E7D38164B681}) (Version: 6.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C29B636B-9015-4ED1-A12F-6375A337F23B}) (Version: 11.4.1.46 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
Discord (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.82 - NVIDIA Corporation) Hidden
Dungeons & Dragons Online v2600.0045.4801.4249 (HKLM-x32\...\bc8a6440-918f-11dd-ad8b-0800200c9a66_is1) (Version: 2600.0045.4801.4249 - Atari, Inc.)
EVE Online (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\{d5d30c07-afb5-4741-b9c7-8a82678ddc40}) (Version: 1.0.0 - CCP)
EVEMon (HKLM-x32\...\EVEMon) (Version: 3.0.3 - EVEMon Development Team)
GARPA Topographical Survey (HKLM\...\{DAF45687-983B-4990-9AB9-502B220555CE}) (Version: 3.2.1.1 - GARPA)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Help Desk (HKLM-x32\...\{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1508.1802 - Micro-Star International Co., Ltd.) Hidden
Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1508.1802 - Micro-Star International Co., Ltd.)
HFSExplorer 0.23.1 (HKLM-x32\...\HFSExplorer) (Version: 0.23.1 - Catacombae Software)
HP Color LaserJet MFP M278-M281 Help (HKLM-x32\...\{3DF29BF3-A40D-4BDC-BE5D-FA592999A767}) (Version: 0.00.0005 - HP)
HP ColorLaserJet MFP M278-M281 Basic Device Software (HKLM\...\{61F983A9-6F6F-40F0-B4AA-FF2B17BAB911}) (Version: 44.1.2549.17189 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
I.R.I.S OCR (HKLM-x32\...\{3913CCF7-436B-4A7A-A265-62E9FFDD03D9}) (Version: 15.2.10.1114 - HP Inc.)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
iTunes (HKLM\...\{AA3C449E-F61D-4214-A6E0-603560D607DE}) (Version: 12.8.0.150 - Apple Inc.)
Java 8 Update 181 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Logitech Gaming Software 8.78 (HKLM\...\Logitech Gaming Software) (Version: 8.78.129 - Logitech Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20082 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.01 - MSI)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Mumble 1.2.18 (HKLM-x32\...\{6A56D9E2-AD64-4D11-819B-5308DD2DB5F1}) (Version: 1.2.18 - Thorvald Natvig)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.48.00 - NETGEAR Inc.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.14.1.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.1.48 - NVIDIA Corporation)
NVIDIA Graphics Driver 398.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.82 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20082 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.116.3.50 - Overwolf Ltd.)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.12.0 - )
Product Improvement Study for HP ColorLaserJet MFP M278-M281 (HKLM\...\{8ADB6C99-9D2B-4069-B9C7-995E517EFE28}) (Version: 44.1.2549.17189 - HP Inc.)
pyfa version 1.26.0 (YC118.10 1.2) (HKLM-x32\...\{3DA39096-C08D-49CD-90E0-1D177F32C8AA}_is1) (Version: 1.26.0 (YC118.10 1.2) - pyfa)
ReadySHARE Vault (HKLM-x32\...\ReadySHARE Vault) (Version: 7.0 - Genie9)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\slack) (Version: 3.2.0 - Slack Technologies)
Sonos Controller (HKLM-x32\...\{7BBA9BF8-05DF-47D8-8880-82A9B99505B9}) (Version: 39.2.47170 - Sonos, Inc.)
Sophos Anti-Virus (HKLM-x32\...\{6654537D-935E-41C0-A18A-C55C2BF77B7E}) (Version: 10.8.1.316 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54}) (Version: 5.11.206 - Sophos Limited)
Sophos Clean (HKLM\...\SophosClean) (Version: 3.7.20.286 - Sophos Limited)
Sophos Client Firewall (HKLM-x32\...\{A805FB2A-A844-4CBA-8088-CA64087D59E1}) (Version: 3.0.4 - Sophos Limited)
Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.1 - Sophos Limited)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.1 - TeamSpeak Systems GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl [2016-12-18] ()
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
ContextMenuHandlers2: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9)
ContextMenuHandlers2: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
ContextMenuHandlers3: [Genie-Soft Timeline Backup Context Menu Extension] -> {D821600B-0B5D-4D7E-B1CC-034C652E8288} => C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineContextMenu.gtl [2016-12-18] (Genie9)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-07-30] (NVIDIA Corporation)
ContextMenuHandlers6: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2018-03-06] (Sophos Limited)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {037E98F0-60E8-4837-A7C1-BA059CF6C2E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-11] (Google Inc.)
Task: {0920424E-0C1E-4B9E-85F3-719B86A54AB0} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-07-27] (Overwolf LTD)
Task: {098CC859-0434-434D-87AD-9F05E8A4104A} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-07-30] (NVIDIA Corporation)
Task: {0FC629E9-D65B-4D60-A7C5-8B03F16A8EB4} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
Task: {1150A846-C13A-4BB1-B6C3-DC0A37BAAD6D} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-30] (NVIDIA Corporation)
Task: {168C4FFC-B56B-4D1A-ABB3-7F13A119D85A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-01] (Microsoft Corporation)
Task: {19ED9E66-9AE6-4396-BB6B-75926D82DA04} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {2382E603-8DA3-4AC9-87BB-06D6A386618E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-01] (Microsoft Corporation)
Task: {3768DC39-953F-4DD1-8791-30CD1ED00461} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-07-30] (NVIDIA Corporation)
Task: {40ACD4D6-0176-4948-8A7F-8747D42A7B8B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2018-07-11] (Microsoft Corporation)
Task: {45C97E1D-AD75-4ECD-947D-F229062F8D9A} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2015-08-18] (Micro-Star International Co., Ltd.)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C44C0F6-F513-4B7A-A2B2-04D0BF0F47C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {707EB11C-75F5-4972-ADF1-F3EB90A40793} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-01] (Microsoft Corporation)
Task: {7116F9E4-98B6-4DCF-8981-4FA8DA72DA61} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-30] (NVIDIA Corporation)
Task: {8F603BAC-9246-418B-8399-5F37709A4A0D} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-07-30] (NVIDIA Corporation)
Task: {9085DEA8-DAA6-4367-B6A4-C90794F8C0AC} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-07-30] (NVIDIA Corporation)
Task: {A15C8FFE-E83F-4024-B110-39C82116AEF1} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
Task: {A775172C-1CCE-4699-86FB-F8885D0375CF} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
Task: {ACD471D1-2E7C-4941-AD4C-364D67F13ED4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-07-30] (NVIDIA Corporation)
Task: {B4B3D6FB-CD8F-4913-BE19-1C99D51AFA69} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-11] (Google Inc.)
Task: {BDE4FA70-C226-497D-BEAA-906A8BA41847} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
Task: {C2D6A83A-3F1E-4D05-96BA-E2064EFAC8CC} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {CA281FB8-914C-477B-A959-7E38463360FB} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-07-30] (NVIDIA Corporation)
Task: {CD7518D9-2F85-4DDF-A28D-629BFF2534C8} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)
Task: {CED16E4D-58EB-49A2-96FC-7072AE8860A3} - System32\Tasks\HPCustParticipation HP ColorLaserJet MFP M278-M281 => C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPCustPartic.exe [2017-07-08] (HP Inc.)
Task: {EE9D7502-F11D-4DF0-BDD6-538512DD16D1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-07-22] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-06-23 06:56 - 2018-06-23 06:56 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-13 11:18 - 2016-12-13 11:18 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000332800 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\OnlineHandler.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000491520 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000087552 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\QueueManager.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000741376 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSBackupManager.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000211968 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000371200 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSWatcher4.dll
2016-12-13 11:19 - 2016-12-13 11:19 - 000058368 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLibrariesManager.dll
2012-02-02 10:16 - 2012-02-02 10:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.dll
2013-02-03 12:40 - 2013-02-03 12:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.dll
2016-12-13 11:19 - 2016-12-13 11:19 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.dll
2016-12-18 13:38 - 2016-12-18 13:38 - 000054784 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogManager.dll
2013-02-03 12:40 - 2013-02-03 12:40 - 000010752 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\VSSEngine_Proxy.dll
2013-02-03 10:21 - 2013-02-03 10:21 - 000045056 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcre.dll
2013-02-03 10:21 - 2013-02-03 10:21 - 000097792 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\pcrebase.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 001314856 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-05-11 08:12 - 2015-05-11 08:12 - 000248736 _____ () C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-05-05 19:57 - 2016-12-18 13:38 - 000163328 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl
2018-05-05 19:57 - 2016-12-13 11:18 - 000045568 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSLogging.gtl
2018-05-05 19:57 - 2016-12-18 13:38 - 000211968 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\Settings.gtl
2018-05-05 19:57 - 2016-12-13 11:19 - 000089600 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSEncryption.gtl
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-05-05 19:57 - 2016-12-18 13:38 - 000491520 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSIndexDB.gtl
2018-05-05 19:57 - 2013-02-03 12:40 - 000011264 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\RWLock.gtl
2018-05-05 19:57 - 2012-02-02 10:16 - 000740864 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\sqlite3.gtl
2016-12-18 13:38 - 2016-12-18 13:38 - 000063488 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\XBalloonMsgDll.dll
2016-12-13 11:19 - 2016-12-13 11:19 - 000093696 _____ () C:\Program Files\NETGEAR\ReadySHARE Vault\GSCurl.dll
2018-07-11 12:22 - 2018-07-06 07:55 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-17 16:58 - 2018-07-17 16:58 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-07-17 16:58 - 2018-07-17 16:58 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-17 16:58 - 2018-07-17 16:58 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-07-17 16:58 - 2018-07-17 16:58 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-08-11 17:58 - 2018-08-08 01:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-11 17:58 - 2018-08-08 01:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 095437352 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 003029032 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 000149544 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 001095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-01-06 20:43 - 2016-01-06 20:43 - 000240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-07-06 02:00 - 2018-07-06 02:00 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 001962552 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\ffmpeg.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 000149048 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\runas\build\Release\runas.node
2018-06-09 09:23 - 2018-06-09 09:23 - 000116792 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-03-20 06:25 - 2018-03-20 06:25 - 000080472 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\genie2_tray.exe
2018-06-09 09:23 - 2018-06-09 09:23 - 003695160 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\libglesv2.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 000025144 _____ () C:\Users\Steve\AppData\Local\slack\app-3.2.0\libegl.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 000408632 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\slack-calls.node
2018-06-09 09:23 - 2018-06-09 09:23 - 007595576 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\CallsCore.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 000230968 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\protobuf_lite.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 001491512 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@slack\slack-calls-prebuilt\modules\@slack\slack-calls\build\Release\boringssl.dll
2018-06-09 09:23 - 2018-06-09 09:23 - 000164408 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-06-09 09:23 - 2018-06-09 09:23 - 000490040 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-06-09 09:23 - 2018-06-09 09:23 - 000096312 _____ () \\?\C:\Users\Steve\AppData\Local\slack\app-3.2.0\resources\app.asar.unpacked\node_modules\@paulcbetts\system-idle-time\build\Release\system_idle_time.node
2015-08-07 02:09 - 2015-08-07 02:09 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-08-12 11:25 - 2018-07-30 20:14 - 001032744 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2014-12-21 17:07 - 2014-12-21 17:07 - 000119822 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll
2014-12-21 17:07 - 2014-12-21 17:07 - 001026062 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll
2018-03-19 08:18 - 2018-03-19 08:18 - 000673792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll
2018-03-16 06:15 - 2018-03-16 06:15 - 001686528 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll
2018-02-07 07:27 - 2018-02-07 07:27 - 000168448 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll
2018-02-07 07:27 - 2018-02-07 07:27 - 000590848 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll
2018-02-07 07:31 - 2018-02-07 07:31 - 006887936 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll
2016-02-26 11:07 - 2016-02-26 11:07 - 000049152 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll
2016-08-15 09:28 - 2016-08-15 09:28 - 001125888 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll
2018-02-07 07:24 - 2018-02-07 07:24 - 002977792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000111616 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 002285056 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll
2018-02-07 07:27 - 2018-02-07 07:27 - 000911360 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll
2016-02-22 09:25 - 2016-02-22 09:25 - 000116224 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll
2018-03-16 06:16 - 2018-03-16 06:16 - 001242112 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll
2018-02-07 11:55 - 2018-02-07 11:55 - 011873792 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll
2018-03-16 11:16 - 2018-03-16 11:16 - 002577920 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll
2018-03-05 06:49 - 2018-03-05 06:49 - 000247808 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll
2018-02-07 07:32 - 2018-02-07 07:32 - 000849408 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll
2018-02-07 07:32 - 2018-02-07 07:32 - 000414720 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll
2016-01-15 03:06 - 2016-01-15 03:06 - 000057344 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000146944 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll
2015-08-24 09:41 - 2015-08-24 09:41 - 002360622 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000072192 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000074752 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll
2016-03-03 05:17 - 2016-03-03 05:17 - 000136704 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000219648 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000049664 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000070144 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000037376 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll
2012-06-27 23:23 - 2012-06-27 23:23 - 000051200 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll
2018-02-07 07:33 - 2018-02-07 07:33 - 000633344 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll
2018-02-07 07:33 - 2018-02-07 07:33 - 000433664 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll
2016-01-15 03:23 - 2016-01-15 03:23 - 000026112 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll
2016-04-12 07:13 - 2016-04-12 07:13 - 000067072 _____ () C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-01-28 14:55 - 2016-01-28 14:55 - 000000851 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1995455828-1570911684-582075778-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DC07E3D7-DEE7-46A4-9D92-BA0465E3D469}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{DF792FF4-4E9B-45D8-87C6-FCBDDF48FDF8}] => (Allow) LPort=5357
FirewallRules: [{FA5E4A93-3B37-4F85-8CE1-BBDB9EA6B7F7}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\Bin\DeviceSetup.exe
FirewallRules: [{76885414-C883-4E40-9927-A52020419F4B}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxPrinterUtility.exe
FirewallRules: [{235384F9-C91A-405E-8420-1EA8A70C755F}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\SendAFax.exe
FirewallRules: [{D6992AF8-5852-4653-A28C-5AFC450AB021}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\DigitalWizards.exe
FirewallRules: [{17AEAD08-F1DE-4B7D-B72E-8735B67FFDF4}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\FaxApplications.exe
FirewallRules: [{8BAA0010-1CA1-4D6A-97AC-FE4335AE1049}] => (Allow) C:\Program Files\HP\HP ColorLaserJet MFP M278-M281\bin\EWSProxy.exe
FirewallRules: [{8C003C9B-E9AB-49A2-A6A0-45E55FA8C0D0}] => (Allow) C:\Users\Steve\AppData\Local\Temp\7zS6AFD\HP.EasyStart.exe
FirewallRules: [{926620F9-2F25-4983-B0DA-B81B1C8A5766}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E34DF1DE-0079-4200-9DC9-0F1C2E411782}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{4A1F5A1F-6C54-41DF-9FDF-5841CAB4660A}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [{D4BD6CEE-16D1-44E7-B1CC-30BF4E9A378A}] => (Allow) C:\Program Files (x86)\Sonos\Sonos.exe
FirewallRules: [UDP Query User{1C5E8837-63D9-46C8-BD58-1A8BB52E71DE}C:\eve\launcher\loglite.exe] => (Allow) C:\eve\launcher\loglite.exe
FirewallRules: [TCP Query User{57C63736-7E79-4B5C-857B-C28ECED9D10B}C:\eve\launcher\loglite.exe] => (Allow) C:\eve\launcher\loglite.exe
FirewallRules: [UDP Query User{DB13A174-5A28-4639-B2C4-ADFEF64A1E03}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{B3AAF8C4-08D8-49D0-B834-ED248093BFDB}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{886F5977-A48C-48A6-B4E1-291C8B8F82FF}C:\eve\sharedcache\sisi\bin\exefile.exe] => (Block) C:\eve\sharedcache\sisi\bin\exefile.exe
FirewallRules: [TCP Query User{9873DE2D-96B7-4A47-8BD5-52B276F8BBBA}C:\eve\sharedcache\sisi\bin\exefile.exe] => (Block) C:\eve\sharedcache\sisi\bin\exefile.exe
FirewallRules: [UDP Query User{73B5671B-4438-4218-871B-801A70313DF1}C:\program files (x86)\pyfa\pyfa.exe] => (Block) C:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [TCP Query User{B5E22858-3801-4D7D-A4CC-FC855D71A097}C:\program files (x86)\pyfa\pyfa.exe] => (Block) C:\program files (x86)\pyfa\pyfa.exe
FirewallRules: [UDP Query User{47F7B405-6C01-4D9C-82C9-732EF3DA8396}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
FirewallRules: [TCP Query User{4FD39BEE-CE03-4B58-AC90-B551422FC55A}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
FirewallRules: [UDP Query User{36879C96-9776-4C4F-807F-A96B5F1FCEA2}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\steve\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{A498BF82-F8F9-417A-BE09-8326A99A9B5C}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\steve\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{C7BF16D2-8052-4AF9-8BC0-F7801644BD96}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [TCP Query User{0532E3C7-36E4-435D-A721-ACA3333D0C98}C:\eve\sharedcache\tq\bin\exefile.exe] => (Allow) C:\eve\sharedcache\tq\bin\exefile.exe
FirewallRules: [UDP Query User{EDAF74E4-6C4D-41B8-8AAD-7E3CF17C5A03}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{85AF17C1-13C4-491B-AA08-CB28D00CEE9B}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{361748BA-16E0-4063-B548-FC7A4E9464EC}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\steve\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AABDF557-6977-42A3-880E-C59D45601D76}C:\users\steve\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\steve\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0A02FAB6-9E3A-47E9-9476-3BE8D2CB6455}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
FirewallRules: [UDP Query User{597A46CA-CFAB-40F1-A5D6-CC2AE22566F6}C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe] => (Allow) C:\program files (x86)\turbine\dungeons & dragons online\dndclient.exe
FirewallRules: [TCP Query User{F21C3B27-A834-4FE6-BD8C-A1F3AD7291BE}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [UDP Query User{D2EBFFD8-FD2F-48C8-BD97-6CB35E76C688}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe
FirewallRules: [{9AEF1CBB-35C6-4EC2-90FB-3A511FB312C2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2D254314-29F3-48D1-AEFB-EAFDD8FE3413}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{39709D68-4DB5-4BE4-BD06-2B813FC0277E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{08A82C8F-B247-4978-8C67-4910D776AB00}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{3ABC88EA-5D84-45C5-9A2F-A526D9595968}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98191463-72E0-4BCC-90BE-55C0961BEF09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A58BCEFA-15C1-40E5-A5DD-7B9AF58D33A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2AA6F92E-DF9C-45B9-B89F-DDAC6214F119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{F705A054-BB6D-43CB-BDF0-B18A202591E4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{67ACEED8-E954-4A54-8E12-F8247ACFBD54}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{605F8464-BDCD-4521-AB0C-6F1CA56EC656}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0FCAE9F-F32B-486D-A62A-508B516D637E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{82F48C57-56A6-47F5-848D-2171854319A8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F0D44E66-C4DF-4B92-953B-AFDDD5FED317}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5D5DA3E6-EF28-4DF9-A8EE-D8353925C7B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{722BB7E6-F5C4-4B92-8D30-A45AA036B736}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B89A0217-FA96-41AD-A23F-656F67DFB355}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{48A2F1D5-BE6D-4892-8179-F5371FFC4672}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4605F5D9-96DB-4F7E-A0B9-3755740ADE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-07-2018 08:09:22 Scheduled Checkpoint
08-08-2018 14:25:29 Scheduled Checkpoint
12-08-2018 08:48:35 Removed Evoluent Mouse Manager
12-08-2018 11:09:16 DDU Restore Point
13-08-2018 13:17:39 Removed ProxyCap

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/13/2018 01:45:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
Exception code: 0xc0000005
Fault offset: 0x000000000001d979
Faulting process id: 0xe00
Faulting application start time: 0x01d432f545c3b69b
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 0108d31e-9b61-4f40-99a9-68e64eead7b5
Faulting package full name:
Faulting package-relative application ID:

Error: (08/13/2018 01:18:52 PM) (Source: YSearchUtilSvc) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/13/2018 11:56:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
Exception code: 0xc0000005
Fault offset: 0x000000000001d979
Faulting process id: 0x3a74
Faulting application start time: 0x01d432cdbf5ba86c
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: e517ebd5-78b4-4db9-b8e4-5d81be4f2a49
Faulting package full name:
Faulting package-relative application ID:

Error: (08/13/2018 07:23:09 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/13/2018 07:20:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GenieTimelineService.exe, version: 7.0.1.100, time stamp: 0x5856675f
Faulting module name: ntdll.dll, version: 10.0.17134.165, time stamp: 0xf4df6dc2
Exception code: 0xc0000005
Fault offset: 0x000000000001d979
Faulting process id: 0xd0c
Faulting application start time: 0x01d4322593cdc5a3
Faulting application path: C:\Program Files\NETGEAR\ReadySHARE Vault\GenieTimelineService.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 42c02b24-76b2-4ff8-99b7-346d50796785
Faulting package full name:
Faulting package-relative application ID:

Error: (08/12/2018 11:24:26 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2320

Start Time: 01d432264ac56817

Termination Time: 4

Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Report Id: b3afcdc5-afb4-4cb0-ba02-781e3272e1da

Faulting package full name:

Faulting package-relative application ID:

Error: (08/12/2018 11:09:16 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {db97861a-ae93-48cc-8b86-f26ea58d238d}

Error: (08/12/2018 09:51:57 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 18 2.1.168.192.in-addr.arpa. PTR STEVEi7-PC.local.


System errors:
=============
Error: (08/13/2018 05:52:01 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/13/2018 04:44:12 PM) (Source: volmgr) (EventID: 161) (User: )
Description: Dump file creation failed due to error during dump creation.

Error: (08/13/2018 04:44:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 4:29:56 PM on ‎8/‎13/‎2018 was unexpected.

Error: (08/13/2018 03:35:24 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/13/2018 02:29:53 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (08/13/2018 01:45:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Genie Timeline Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

Error: (08/13/2018 01:45:04 PM) (Source: DCOM) (EventID: 10016) (User: STEVEI7-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user STEVEI7-PC\Steve SID (S-1-5-21-1995455828-1570911684-582075778-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (08/13/2018 12:05:33 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================

Date: 2018-08-13 11:58:43.260
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-13 11:58:43.258
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-13 11:58:43.256
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-13 11:58:43.254
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-13 11:58:43.252
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-13 11:58:40.494
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-08-11 17:56:26.148
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

Date: 2018-08-11 17:56:26.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
Percentage of memory in use: 29%
Total physical RAM: 16336.4 MB
Available physical RAM: 11505.27 MB
Total Virtual: 17360.4 MB
Available Virtual: 11370.29 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:476.39 GB) (Free:258.75 GB) NTFS

\\?\Volume{22e5bf40-cbb1-4e80-8538-c44b04e78dab}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{c9d41cdd-0d76-42e9-85d3-09aaa7a4b952}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================
 

AmateurJohn

AmateurJohn
Joined
Jul 19, 2018
Messages
165
What are your computers temps? Overheating can cause restarting problems. A buildup of windows updates can cause BSODs sometimes.
 

Steve84b

Thread Starter
Joined
Aug 13, 2018
Messages
3
What are your computers temps? Overheating can cause restarting problems. A buildup of windows updates can cause BSODs sometimes.
Hi John.

Installed core temp and had it running when the PC froze at which time the maximum temp was on Core 1 and was 56 degrees which I think should be fine. Have restarted and temp is slightly higher at 61 but still doesn't seem too bad.

As for the windows updates am not sure what to do or check regarding that.

Cheers,
Steve
 

AmateurJohn

AmateurJohn
Joined
Jul 19, 2018
Messages
165
To view your Windows Updates:
  1. Click the Windows icon in the bottom right of your screen
  2. Type "Settings" in the windows search bar, and click the Settings option(it might say Trusted Windows Store App under it)
  3. You should see stuff like "System" and "Devices", go to the one that says "Update and Security"
  4. Then a new window should open and it should say "Windows Updates" towards the top
  5. Click the grey "Check for updates" button, and let it run
  6. If there is an update, do not turn off your computer or restart it, just let it run sometimes updates will take hours
  7. You can also view previous updates from the same page you check for updates
  8. You just click the the "View update history" link and it will show you what updates failed or were successful, driver updates, quality updates etc
Note: Make sure you close out of any programs, save your progress, and bookmark your webpages, and stuff. After updating, your computer will probably ask you to restart it. You have also been having BSODs, so just make sure you don't lose progress that can be saved.
 

Macboatmaster

Trusted Advisor
Spam Fighter
Joined
Jan 14, 2010
Messages
24,593
I think your problems may well be related to
1. Sophos AV and Firewall

2. Net Gear as below
Date: 2018-08-11 17:56:26.146
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\NETGEAR\ReadySHARE Vault\GSTimelineIconOverlay.gtl that did not meet the Microsoft signing level requirements.

that error regarding NETGEAR Ready Share not meeting Microsoft driver signing level requirements is repeated many times and may be found in your FRST txt under the heading
CodeIntegrity:

3. You have installed this
Slack (HKU\S-1-5-21-1995455828-1570911684-582075778-1001\...\slack) (Version: 3.2.0 - Slack Technologies)
I strongly recommend you uninstall it.
=================================
Therefore I see the three above a possible culprits for your problems
The fact that you may have used them without problems previously is irrelevant, as changes to files in Windows via updates that include aspects of these programs, may well then cause them to produce problems

My recommendations are - to be followed in the order shown
1. You uninstall SOPHOS and all related software - -the firewall
https://support.home.sophos.com/hc/...Uninstalling-Sophos-Home-on-Windows-computers

That link information is actually incorrect for windows 10 an uninstall of a product is not now done through Programs and features but as shown here
https://support.microsoft.com/en-gb/help/4028054/windows-10-repair-or-remove-programs

NOTE you must UNINSTALL the Sophos Firewall and REBOOT before uninstalling the Sophos AV
Then REBOOT again.
Check that Windows Defender and Windows Firewall are now running and update Defender.

Run a quick scan.
IF it finds anything post details please BEFORE proceeding.

If all is well with the scan - test the system to see if the problem of freezing etc still exists
When I say test the system - just use it as normal for gaming, browsing etc.

2. IF the problem still exists LEAVE SOPHOS uninstalled for the time being and update if such is available that Netgear Ready Share. IF such update or whatever is not available then uninstall it.
The uninstall of the Netgear Ready Share software should not effect the backups of course.
Test the system

3. If the problem still exists uninstall the Slack Technologies software
Although I recommend that you do that in any case.

IF you are going to follow that recommendation to uninstall Slack
https://slack.com/release-notes/windows
then you may wish to try that possible solution first.
======================================

Finally I suspect SOPHOS - good as it is as an AV, causes problems on 10, especially after major windows updates, as do many 3rd party antivirus programs and indeed Firewalls. I notice there are recent reports of problems with Windows updates when using Sophos.
IF I am wrong you can of course always reinstall it without problems especially if it is the free edition
 

Steve84b

Thread Starter
Joined
Aug 13, 2018
Messages
3
Thanks for the messages. Have unistalled the Sophos and slack and also dowloaded and used CCleaner and the problem seems to have resolved itself for now.

Fingers crossed it stays this way and thanks again for all the help.

Steve
 

Macboatmaster

Trusted Advisor
Spam Fighter
Joined
Jan 14, 2010
Messages
24,593
Cheers
CCleaner is unnecessary on 10 as a system maintenance tool and if you run it in default mode you will have problems and if you run the registry cleaner you will likely ruin the windows system.

My advice is not to run CCleaner
drive defrag or optimization is automatic on 10
Drive checking is automatic on 10
I advise you confine yourself to disk cleanup - and one week after major updates when you are sure all is well a diskcleanup of system files
These utilities are included in windows of course and can be found
https://support.microsoft.com/en-gb/help/4026616/windows-10-disk-cleanup

Although the link says - if you need more space - the cleanup of system files after major updates - when you are sure all is ok - that is why I suggest one week - is good practice - space issue aside
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top