Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Infection?


  • Please log in to reply

#1
Jaysea29

Jaysea29

    New Member

  • Member
  • Pip
  • 2 posts

Hey all, lately I've been having some minor issues with my PC. When I put it in sleep mode the computer just hangs and the fans keep spinning. The screen goes black but the PC never powers down. Also just experiencing some overall slow performance, but that could very well be my SSD going out as recent benchmarks have put it near the bottom of other benchmarks of the same same ssd. Just want to make sure I don't have anything lurking in the background, as MBAM, Kaspersky, and other free tools have come up clean.  

 

Thanks, 

 

Logs below

 

"Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01

Ran by Josh (administrator) on JOSH-PC (27-05-2018 16:20:29)
Running from C:\Users\Josh\Desktop
Loaded Profiles: Josh (Available Profiles: Josh)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17987704 2017-10-19] (Logitech Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\MountPoints2: {481ad12a-3abd-11e7-ba53-485b3975fb89} - F:\setup.exe
GroupPolicy: Restriction ? <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{58612CDC-FF52-4FE6-87FB-3F886BCA267D}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
 
Internet Explorer:
==================
HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-16] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-16] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: wrdobvwy.default
FF ProfilePath: C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\wrdobvwy.default [2018-05-22]
FF user.js: detected! => C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\wrdobvwy.default\user.js [2018-02-17]
FF Extension: (Adblock Plus) - C:\Users\Josh\AppData\Roaming\Mozilla\Firefox\Profiles\wrdobvwy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-22]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-16] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @EDVR/WebClient -> C:\windows\system32\WebClient\npwebclient.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default [2018-05-27]
CHR Extension: (BetterTTV) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-02-04]
CHR Extension: (Docs) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-18]
CHR Extension: (Google Drive) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-24]
CHR Extension: (YouTube) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-24]
CHR Extension: (Honey) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-05-21]
CHR Extension: (Adblock Plus) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-17]
CHR Extension: (Google Docs Offline) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-24]
CHR Extension: (Chrome Media Router) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-05]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 acCAMService; C:\Program Files (x86)\NZXT\CAM\Service\CAMService.exe [31344 2017-03-16] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-03-26] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-18] (EasyAntiCheat Ltd)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [342456 2018-04-20] (Futuremark)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-10-19] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2120032 2017-10-08] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3000168 2017-10-08] (Electronic Arts)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2017-05-12] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 HiPatchService; J:\Downloasdz\HiPatchService.exe [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [92536 2018-04-25] (Advanced Micro Devices, Inc.)
S3 cpuz141; C:\Users\Josh\AppData\Local\Temp\cpuz141\cpuz141_x64.sys [46400 2018-04-30] (CPUID) <==== ATTENTION
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-10-19] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 niks4m2audio; C:\Windows\System32\Drivers\niks4m2audio.sys [382920 2015-09-04] (Native Instruments GmbH)
S3 niks4m2usb; C:\Windows\System32\DRIVERS\niks4m2usb.sys [104304 2015-09-04] (Native Instruments GmbH)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [467368 2017-04-25] (IDRIX)
S3 ALSysIO; \??\C:\Users\Josh\AppData\Local\Temp\ALSysIO64.sys [X] <==== ATTENTION
S0 MBAMSwissArmy; System32\Drivers\mbamswissarmy.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-27 16:20 - 2018-05-27 16:20 - 000011057 _____ C:\Users\Josh\Desktop\FRST.txt
2018-05-27 16:17 - 2018-04-25 07:36 - 000092536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\amdkmpfd.sys
2018-05-27 16:16 - 2018-05-27 16:16 - 000043109 _____ C:\Users\Josh\Downloads\Addition.txt
2018-05-27 16:15 - 2018-05-27 16:16 - 000031334 _____ C:\Users\Josh\Downloads\FRST.txt
2018-05-27 16:15 - 2018-05-27 16:15 - 002413056 _____ (Farbar) C:\Users\Josh\Desktop\FRST64.exe
2018-05-27 16:15 - 2018-05-27 16:15 - 000003146 _____ C:\Windows\System32\Tasks\StartCN
2018-05-27 16:15 - 2018-05-27 16:15 - 000003060 _____ C:\Windows\System32\Tasks\StartDVR
2018-05-27 16:15 - 2018-05-27 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-05-27 16:15 - 2018-05-27 16:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2018-05-27 16:14 - 2018-05-27 16:14 - 000000000 ____D C:\Program Files (x86)\AMD
2018-05-27 16:13 - 2018-05-27 16:13 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-27 15:56 - 2018-05-27 15:56 - 000000000 ____D C:\Users\Josh\AppData\Local\AdvinstAnalytics
2018-05-27 15:50 - 2018-05-27 15:50 - 000000000 ____D C:\Windows\system32\appmgmt
2018-05-22 19:29 - 2018-05-22 19:29 - 000000000 ____D C:\Users\Josh\Desktop\WebClient(4)
2018-05-22 17:47 - 2018-05-22 19:29 - 000000000 ____D C:\Windows\SysWOW64\webclient
2018-05-16 15:25 - 2018-05-16 15:25 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdihk64.dll
2018-05-16 15:25 - 2018-05-16 15:25 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdihk32.dll
2018-05-16 12:25 - 2018-05-16 12:25 - 001232264 _____ (AMD) C:\Windows\system32\coinst_18.10.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 012517800 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 009990664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000200008 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000177312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000164440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000146960 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000009936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2018-05-16 12:24 - 2018-05-16 12:24 - 000009936 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 011894144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdvt.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000544136 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2018-05-16 12:23 - 2018-05-16 12:23 - 000476552 _____ (AMD) C:\Windows\system32\atitmm64.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000469896 _____ C:\Windows\system32\dgtrayicon.exe
2018-05-16 12:23 - 2018-05-16 12:23 - 000448392 _____ C:\Windows\system32\GameManager64.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000356744 _____ C:\Windows\SysWOW64\GameManager32.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2018-05-16 12:23 - 2018-05-16 12:23 - 000115592 _____ (AMD) C:\Windows\system32\atimuixx.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 016363808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 013544168 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 012427184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6t.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 012412240 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 011882832 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000704392 _____ (AMD) C:\Windows\system32\atieclxx.exe
2018-05-16 12:22 - 2018-05-16 12:22 - 000472968 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2018-05-16 12:22 - 2018-05-16 12:22 - 000458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000405896 _____ C:\Windows\system32\atieah64.exe
2018-05-16 12:22 - 2018-05-16 12:22 - 000342920 _____ C:\Windows\system32\clinfo.exe
2018-05-16 12:22 - 2018-05-16 12:22 - 000326024 _____ C:\Windows\SysWOW64\atieah32.exe
2018-05-16 12:22 - 2018-05-16 12:22 - 000226184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000196488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000175288 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000166280 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000153640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000146824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000142216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000120680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000111440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000105736 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2018-05-16 12:22 - 2018-05-16 12:22 - 000092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 067909512 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 044673416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2018-05-16 12:21 - 2018-05-16 12:21 - 031604104 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 016489352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 003128200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 002726792 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 001997352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 001581720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 001059720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 001059720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000556936 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Rapidfire64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000467848 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\Rapidfire.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000437128 _____ C:\Windows\system32\amdgfxinfo64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000352648 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2018-05-16 12:21 - 2018-05-16 12:21 - 000305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2018-05-16 12:21 - 2018-05-16 12:21 - 000171400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000150920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000148360 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000141704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000126344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000124296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2018-05-16 12:21 - 2018-05-16 12:21 - 000060296 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000036744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\RapidFireServer64.dll
2018-05-16 12:21 - 2018-05-16 12:21 - 000033672 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\RapidFireServer.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 053600648 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 029714312 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 025181064 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 016095624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 014063496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 013600136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000866184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000694152 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000543624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000373640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000157576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000139144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000135560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2018-05-16 12:20 - 2018-05-16 12:20 - 000117128 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2018-05-16 12:19 - 2018-05-16 12:19 - 035889032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2018-05-16 11:41 - 2018-05-16 11:41 - 003471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2018-05-16 11:41 - 2018-05-16 11:41 - 003437632 _____ C:\Windows\system32\atiumd6a.cap
2018-05-16 11:36 - 2018-05-16 11:36 - 000890728 _____ C:\Windows\SysWOW64\atiapfxx.blb
2018-05-16 11:36 - 2018-05-16 11:36 - 000890728 _____ C:\Windows\system32\atiapfxx.blb
2018-05-10 19:26 - 2018-05-27 16:18 - 000000000 ____D C:\Users\Josh\AppData\LocalLow\AMD
2018-05-10 19:26 - 2018-05-10 19:26 - 000000000 ____D C:\6749525315573233238
2018-05-09 20:29 - 2018-05-09 20:29 - 000000000 ____D C:\Users\Josh\AppData\Local\RadeonSettings
2018-05-09 18:56 - 2018-05-09 18:56 - 000003114 _____ C:\Windows\System32\Tasks\{39BBCDEF-86DD-4B54-8329-41B5550421B2}
2018-05-09 18:56 - 2018-05-09 18:56 - 000000000 ____D C:\Swsetup
2018-05-06 21:53 - 2018-05-06 21:53 - 000000000 ____D C:\Users\Josh\Desktop\fluxion-master
2018-05-06 21:37 - 2018-05-06 21:37 - 000967800 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Josh\Downloads\rufus-2.18.exe
2018-05-05 11:18 - 2018-05-05 11:18 - 000000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2018-05-05 11:18 - 2018-05-05 11:18 - 000000000 ____D C:\Program Files (x86)\Marvell
2018-05-05 11:14 - 2018-05-05 11:14 - 000000000 ____D C:\Users\Josh\Desktop\updatesata
2018-04-30 22:06 - 2018-04-30 22:06 - 000262144 ____N C:\Windows\Minidump\043018-11388-01.dmp
2018-04-30 22:04 - 2018-04-30 22:04 - 000262144 ____N C:\Windows\Minidump\043018-11856-01.dmp
2018-04-30 20:34 - 2018-04-30 20:34 - 000001090 _____ C:\Users\Josh\Desktop\MSI Afterburner.lnk
2018-04-30 20:34 - 2018-04-30 20:34 - 000000000 ____D C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2018-04-30 20:34 - 2018-04-30 20:34 - 000000000 ____D C:\Program Files (x86)\MSI Afterburner
2018-04-30 20:31 - 2018-04-30 20:31 - 000000000 ____D C:\Users\Josh\Desktop\openhardwaremonitor-v0.8.0-beta
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-27 16:20 - 2017-02-25 18:25 - 000000000 ____D C:\FRST
2018-05-27 16:18 - 2018-03-18 12:23 - 000003244 _____ C:\Windows\System32\Tasks\IORRT
2018-05-27 16:18 - 2017-11-19 16:47 - 001315228 _____ C:\Windows\ntbtlog.txt
2018-05-27 16:17 - 2017-04-24 19:49 - 000000000 ____D C:\Program Files\AMD
2018-05-27 16:17 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-27 16:17 - 2009-07-13 21:45 - 000277040 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-27 16:17 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-05-27 16:16 - 2009-07-13 22:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-27 16:16 - 2009-07-13 21:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-27 16:16 - 2009-07-13 21:45 - 000016864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-27 16:10 - 2017-04-24 20:01 - 000000000 ____D C:\Users\Josh\AppData\Local\AMD
2018-05-27 16:04 - 2017-10-01 03:59 - 000000060 _____ C:\ProgramData\SoftwareUpdateTemp.xml
2018-05-27 16:04 - 2015-06-07 21:42 - 000000000 ____D C:\AMD
2018-05-27 15:57 - 2017-04-24 19:59 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2018-05-27 15:52 - 2018-04-09 00:29 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2018-05-27 15:51 - 2018-04-09 00:29 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-27 15:50 - 2018-02-17 19:37 - 000000000 ____D C:\Users\Josh\AppData\Local\AOL
2018-05-23 22:29 - 2017-04-24 22:01 - 000000000 ____D C:\Users\Josh\AppData\Local\Battle.net
2018-05-23 22:29 - 2017-04-24 20:01 - 000000000 ____D C:\Users\Josh\AppData\Roaming\TS3Client
2018-05-23 20:02 - 2017-05-10 23:29 - 000002158 _____ C:\Users\Josh\Desktop\Discord.lnk
2018-05-23 20:02 - 2017-05-10 23:29 - 000000000 ____D C:\Users\Josh\AppData\Roaming\discord
2018-05-23 20:02 - 2017-05-10 23:29 - 000000000 ____D C:\Users\Josh\AppData\Local\Discord
2018-05-23 19:01 - 2016-05-28 13:17 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-05-23 18:58 - 2016-05-28 13:26 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-05-22 19:29 - 2018-01-28 00:23 - 000000000 ____D C:\Users\Josh\AppData\LocalLow\Mozilla
2018-05-22 17:53 - 2018-01-28 00:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-22 17:53 - 2018-01-28 00:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-21 20:11 - 2017-04-26 00:23 - 000000024 _____ C:\Users\Josh\jagexappletviewer.preferences
2018-05-21 20:10 - 2017-04-26 00:24 - 000000043 _____ C:\Users\Josh\jagex_cl_oldschool_LIVE.dat
2018-05-17 20:42 - 2017-09-13 22:59 - 000000614 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2018-05-17 18:00 - 2017-04-24 19:46 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-17 18:00 - 2017-04-24 19:46 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-16 18:55 - 2017-04-24 19:46 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 18:55 - 2017-04-24 19:46 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 12:21 - 2017-04-10 10:31 - 001468808 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2018-05-13 21:03 - 2017-12-23 17:31 - 000000000 ____D C:\Program Files (x86)\StarCraft
2018-05-10 19:27 - 2017-04-24 19:46 - 000061208 _____ C:\Users\Josh\AppData\Local\GDIPFONTCACHEV1.DAT
2018-05-09 19:33 - 2017-04-24 20:01 - 000000000 ____D C:\Users\Josh\Desktop\TeamSpeak 3 Client
2018-05-06 21:56 - 2018-03-22 17:44 - 000000400 __RSH C:\ProgramData\ntuser.pol
2018-05-06 21:41 - 2017-04-30 20:19 - 000000000 ____D C:\Users\Josh\AppData\Roaming\qBittorrent
2018-05-05 11:15 - 2017-08-17 01:44 - 000000000 ____D C:\Program Files (x86)\Intel
2018-05-05 11:14 - 2017-04-24 19:44 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-04-30 22:06 - 2017-05-01 01:16 - 000000000 ____D C:\Windows\Minidump
2018-04-30 21:58 - 2017-05-01 01:26 - 000000938 _____ C:\Users\Josh\Desktop\PerformanceTest.lnk
2018-04-30 21:58 - 2017-05-01 01:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2018-04-30 21:58 - 2017-05-01 01:25 - 000000000 ____D C:\Program Files\PerformanceTest
 
==================== Files in the root of some directories =======
 
2018-03-09 22:27 - 2018-03-09 22:27 - 000002689 _____ () C:\Users\Josh\AppData\Local\recently-used.xbel
 
Some files in TEMP:
====================
2018-02-20 18:23 - 2018-02-20 18:23 - 000000180 _____ () C:\Users\Josh\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-02-20 18:23 - 2018-05-23 21:17 - 000000016 _____ () C:\Users\Josh\AppData\Local\Temp\8a2878f6d1bf1e1adf67c44d53dee46b.dll
2018-03-18 12:03 - 2018-05-27 16:10 - 001179016 _____ () C:\Users\Josh\AppData\Local\Temp\AMDCleanupUtility.exe
2018-03-18 12:03 - 2018-05-27 16:10 - 000250248 _____ () C:\Users\Josh\AppData\Local\Temp\Cleanup.dll
2018-03-18 12:03 - 2018-05-27 16:10 - 000065536 _____ (Windows ® Server 2003 DDK provider) C:\Users\Josh\AppData\Local\Temp\ddu.exe
2018-03-18 12:03 - 2018-05-27 16:10 - 000414152 _____ (Microsoft Corporation) C:\Users\Josh\AppData\Local\Temp\difxapi.dll
2018-05-17 20:42 - 2018-05-17 20:42 - 032912552 _____ (ArenaNet) C:\Users\Josh\AppData\Local\Temp\Gw2.exe
2018-03-18 12:03 - 2018-05-27 16:10 - 000516096 _____ (Microsoft Corporation) C:\Users\Josh\AppData\Local\Temp\msvcm80.dll
2018-03-18 12:03 - 2018-05-27 16:10 - 001061376 _____ (Microsoft Corporation) C:\Users\Josh\AppData\Local\Temp\msvcp80.dll
2018-03-18 12:03 - 2018-05-27 16:10 - 000796672 _____ (Microsoft Corporation) C:\Users\Josh\AppData\Local\Temp\msvcr80.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll
[2017-05-12 23:44] - [2017-12-23 17:32] - 001008640 _____ (Microsoft Corporation) 2C353B6CE0C8D03225CAA2AF33B68D79
 
C:\Windows\SysWOW64\User32.dll
[2017-05-12 23:44] - [2017-12-23 17:32] - 000833024 _____ (Microsoft Corporation) 861C4346F9281DC0380DE72C8D55D6BE
 
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-19 18:02
 
==================== End of FRST.txt ============================"
 
 
"Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Josh (27-05-2018 16:20:46)
Running from C:\Users\Josh\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2017-04-25 02:28:19)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3267846572-1136073672-2533522779-500 - Administrator - Disabled)
Guest (S-1-5-21-3267846572-1136073672-2533522779-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3267846572-1136073672-2533522779-1002 - Limited - Enabled)
Josh (S-1-5-21-3267846572-1136073672-2533522779-1000 - Administrator - Enabled) => C:\Users\Josh
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark (HKLM\...\{62A3D06F-97B8-4CD0-9B7F-3B06C4DF377B}) (Version: 2.4.4264.0 - Futuremark) Hidden
3DMark (HKLM-x32\...\{0034a3c4-a299-491d-b683-791a538a7db4}) (Version: 2.4.4264.0 - Futuremark)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.5.1 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Blizzard App (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CAM (HKLM-x32\...\{92C0C6D2-8ACA-42D7-9B87-B2AEC579223E}) (Version: 3.3.1 - NZXT)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
Core Temp 1.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.7 - ALCPU)
CPUID ROG CPU-Z 1.78 (HKLM\...\CPUID ROG CPU-Z_is1) (Version: 1.78 - CPUID, Inc.)
Discord (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Epic Games Launcher (HKLM-x32\...\{6F15D7C1-3079-4135-B8E9-8D3EA033EE3A}) (Version: 1.1.129.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{DF98C3ED-A8C6-40B6-9EDC-D6D37FA0A461}) (Version: 5.8.663.0 - Futuremark)
GIMP 2.8.22 (HKLM\...\GIMP-2_is1) (Version: 2.8.22 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Guild Wars (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\Guild Wars) (Version:  - )
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.88 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Excel 2010 (HKLM\...\Office14.EXCEL) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0 - Mozilla)
MSI Afterburner 4.5.0 (HKLM-x32\...\Afterburner) (Version: 4.5.0 - MSI Co., LTD)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.8.2.281 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.9.132 - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.9.0.1257 - Native Instruments)
Native Instruments Traktor Kontrol S4 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 Driver) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S4 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S4 MK2 Driver) (Version:  - Native Instruments)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 18.0.1 - OBS Project)
OldSchool RuneScape Launcher 1.2.7 (HKLM-x32\...\{FEDDCE73-34B8-4980-90B8-8619A78C902C}) (Version: 1.2.7 - Jagex Ltd)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.3.59240 - Electronic Arts, Inc.)
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
PerformanceTest v9.0 (HKLM\...\PerformanceTest 9_is1) (Version: 9.0.1025.0 - Passmark Software)
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
qBittorrent 3.3.12 (HKLM-x32\...\qBittorrent) (Version: 3.3.12 - The qBittorrent project)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
Rules of Survival version 1.140497.141609 (HKLM-x32\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.140497.141609 - Hong Kong Netease Interactive Entertainment Limited)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
RuneScape Launcher 2.2.4 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.4 - Jagex Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0016-0000-1000-0000000FF1CE}_Office14.EXCEL_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 5.1.4574.1 - Hi-Rez Studios)
Soda Player (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\sodaplayer) (Version: 1.1.4 - Soda Player)
Spotify (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\Spotify) (Version: 1.0.63.617.g5aca9a2a - Spotify AB)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
TeamSpeak 3 Client (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.6.3.0 - Zenimax Online Studios)
TP-LINK TL-WDN4800 Driver (HKLM-x32\...\{70D605C7-C823-4750-BA72-BEB835713612}) (Version: 1.3.1 - TP-LINK)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.19 - IDRIX)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-3) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-2) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-3) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0-4) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
WebClient (HKLM-x32\...\WebClient) (Version:  - )
WhatsApp (HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\...\WhatsApp) (Version: 0.2.6426 - WhatsApp)
WinRAR 5.50 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.1 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-04-24] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-04-24] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-05-16] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-04-24] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-04-24] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {11831A62-B050-4F73-ADC5-551423711B8E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {2FCA3379-59CB-4AE1-8AE7-137C9458A87C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {43760EE4-61F8-438C-ADA9-82333598D142} - System32\Tasks\{F23AF80F-E996-4A59-AD5E-380F134618B1} => J:\steam\Steam.exe
Task: {4B6DE76E-CDAF-495C-ADA5-2EA428C0791F} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2017-05-28] () <==== ATTENTION
Task: {574762D9-39D7-428B-9CDA-FD281955E7E8} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2017-05-12] ()
Task: {6AB6ED67-84A0-405B-980E-FB7DDF831D5E} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2018-02-04] ()
Task: {7F97228E-BC3E-43D5-A174-13A328E5A29A} - System32\Tasks\{39BBCDEF-86DD-4B54-8329-41B5550421B2} => C:\Windows\system32\pcalua.exe -a C:\Users\Josh\Downloads\sp80253.exe -d C:\Users\Josh\Downloads
Task: {A0D3DB56-12C2-499D-950C-0C3538830CBC} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2017-05-28] () <==== ATTENTION
Task: {B772E247-B9B2-43A0-8A04-19B3A63FFD53} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-05-16] (Advanced Micro Devices, Inc.)
Task: {D1C39B84-6D91-4CE9-96B4-6A95EA242B99} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2018-04-09] (AO Kaspersky Lab)
Task: {E045098A-2A25-4EB7-B19E-CF1B6F6BFF6E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.)
Task: {E2F56AB9-901E-4532-9BF2-62AC29181583} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe [2017-03-17] ()
Task: {EF805B4D-9AFB-4144-9C2C-FF8A9631148E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-24] (Google Inc.)
Task: {F4150CDD-AAC6-4C02-810B-8C98AB897298} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {F7450EC7-4DC5-4E9D-9891-1CA9ACB61090} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-05-16] (Advanced Micro Devices, Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Josh\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\b8da4a38624bbb1e\Feedback.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gfdkimpbcpahaombhbimeihdjnejgicl
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-05-09 00:44 - 2017-05-09 00:44 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-06 17:07 - 2015-03-06 17:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-10-19 20:29 - 2017-10-19 20:29 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-02-11 23:38 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-05-17 17:59 - 2018-05-14 20:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-17 17:59 - 2018-05-14 20:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Public\AppData:CSM [470]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3267846572-1136073672-2533522779-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: acCAMService => 2
MSCONFIG\startupreg: AIM for Windows => "C:\Users\Josh\AppData\Local\AOL\AIM\aim.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Spotify => C:\Users\Josh\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Josh\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{2CB155ED-9CF1-4409-AECF-75A2EFA5D5BA}] => (Allow) J:\steam\Steam.exe
FirewallRules: [{EF5C0CB9-B2C6-442A-A447-FDD0FFC3F383}] => (Allow) J:\steam\Steam.exe
FirewallRules: [{CF9FAA17-7361-4C86-808A-B3E2C3D76696}] => (Allow) J:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E49971D8-8335-4024-B6ED-6BC628BB81AC}] => (Allow) J:\steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{89DE51B3-3490-4905-B096-03B66EB9661B}C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C7BA0CF4-67B3-4869-9FD9-764147AFA5D3}C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{E61154EF-5632-4026-8129-B4D361A56FA8}] => (Allow) LPort=9143
FirewallRules: [{B6C41653-CC1B-42F3-84A6-A97110B84604}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{E4404B33-2C1E-4A99-8B67-6A18D618FA45}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{9782537E-BFFE-49AD-A50B-ED157E768ECC}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{E296D067-DA23-4F5A-89B5-13CC900929E0}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{79BC22CA-8D59-469D-B72A-8101CE38D7A5}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{FA4466E8-9526-4BC9-9256-FDAE88940080}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{0B0EBA54-DED2-497B-AD0C-8612548C2D6E}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{171A7DE0-88F4-40F9-8C55-BD235D6968A9}C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{C9E497F3-F1E8-4E28-8C0B-5913C58E9F99}C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\player\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{26C27BB8-C2B3-449B-8BF7-1765F867D61E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{51C3951D-E81C-46F2-96BF-27B85A669039}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{3EDC717C-BE23-4DE7-B5A7-796A205821CA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{FF9E124B-4266-4771-B961-0B3F3D35962B}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{9F3CC43B-D735-4259-A6C8-87A09A3287CB}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{16E126D3-9B5C-47DF-8E31-B85BC607FFB6}C:\program files\qbittorrent\qbittorrent.exe] => (Allow) C:\program files\qbittorrent\qbittorrent.exe
FirewallRules: [{ED51E7F2-765C-44A0-B7F8-346562F72A9E}] => (Allow) J:\steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{7C8D545B-7F1B-4711-BA95-FE989B2ECB9F}] => (Allow) J:\steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{CCF257E7-4EEE-496D-ADE5-EFBE8BE1C9F6}] => (Allow) J:\steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{3D07D12B-5566-4779-BC5B-F786E4FAEB78}] => (Allow) J:\steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{3D94A835-E449-4807-922D-94604A2ADD09}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2261AC8-6726-4EA0-8E9B-E258FAB93C45}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DB229391-0BC6-43CA-B5BA-48A6F4650D8A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{636C6807-4161-48CB-BF66-1F5B4DEEF10E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{84336D94-C194-4624-BDAF-6C70898BBB9C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A6988305-58D8-4C78-90FE-A3D3FB93444B}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1511768F-4052-4594-82E4-403D3453BE8E}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1F463166-95D8-44E7-AFE4-FFF3A947EA45}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{8283331B-860D-4F14-BCA5-D83C569CAA20}C:\users\josh\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\josh\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{40310BC2-11A4-44BF-8D78-54CF1AD9CB1E}C:\users\josh\appdata\local\sodaplayer\app-1.1.4\soda player.exe] => (Allow) C:\users\josh\appdata\local\sodaplayer\app-1.1.4\soda player.exe
FirewallRules: [UDP Query User{DF0B9178-AA81-42CF-B2D8-25AB009738BA}C:\users\josh\appdata\local\sodaplayer\app-1.1.4\soda player.exe] => (Allow) C:\users\josh\appdata\local\sodaplayer\app-1.1.4\soda player.exe
FirewallRules: [{E4AB46F6-CC48-4567-B764-3E9468A78DDB}] => (Allow) C:\Player\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{19F28593-2D3F-484F-9E52-B05AAFD501AA}] => (Allow) C:\Player\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [TCP Query User{E2CA0C44-6B89-402D-9A70-5F5E290CF0CD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{67570184-703C-451D-91F6-460D7EC047D5}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{17DBFBBA-57AD-4FE6-B8F2-2574031377A2}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{767C91DB-773C-4E03-B84B-D33CDD78FE17}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{8A8ABD69-66DD-4648-AE4B-23183463C5A5}J:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) J:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{07E86D75-2FF5-46E6-8FAC-416B38CF72E8}J:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) J:\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{7FBA4DB4-1988-4C33-BB3D-AEF5CA03B389}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{40C23527-A7D5-4FE7-8A5F-45339CC25814}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{7669B6AC-D024-435C-9D5C-3BA1DEB2940A}] => (Allow) C:\Program Files (x86)\ArcheRage NA\Launcher.exe
FirewallRules: [{BE1D667B-0964-4A98-B83D-DBD0563FFFD0}] => (Allow) J:\steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [{9AB61627-F124-413A-8A56-46E15F4A61C6}] => (Allow) J:\steam\SteamApps\common\Rust\Rust.exe
FirewallRules: [TCP Query User{E45EAE14-30D0-4492-90F0-5CEE7CBCBD5E}J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{978EBEF1-E2EE-4B63-9B79-74C70F57CCDE}J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe] => (Allow) J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{4D2B10F3-D955-4623-B3B5-97A97FCBB61B}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [UDP Query User{8A1F065E-0380-40C4-906D-434F4656F8B7}C:\program files (x86)\starcraft\starcraft.exe] => (Allow) C:\program files (x86)\starcraft\starcraft.exe
FirewallRules: [TCP Query User{1686825D-B54A-498B-AE52-F0590B07953A}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{77BB4454-FC92-4BE9-A04B-4A4E7A7A3F05}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{1789738F-F677-4DFD-BE64-0B8DD57E2E0B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DCF9683F-6265-40C2-860B-7C68B22D9F87}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C60CB6DD-A08E-47D1-BE87-A424E4E4DCF1}J:\downloasdz\hirezgames\smite\binaries\win32\smite.exe] => (Allow) J:\downloasdz\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [UDP Query User{C2531943-C10B-40CD-937C-64DC9A982E71}J:\downloasdz\hirezgames\smite\binaries\win32\smite.exe] => (Allow) J:\downloasdz\hirezgames\smite\binaries\win32\smite.exe
FirewallRules: [TCP Query User{7908EBF1-41C0-4DE8-A70B-D67C5EA3E479}J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame_be.exe] => (Allow) J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame_be.exe
FirewallRules: [UDP Query User{15DE096E-A11D-4F81-BE13-F6B61A6AB20B}J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame_be.exe] => (Allow) J:\steam\steamapps\common\pubg_test\tslgame\binaries\win64\tslgame_be.exe
FirewallRules: [TCP Query User{95CEC2A2-8A63-4DF6-8A78-1C0465964EFB}J:\downloasdz\overwatch test\overwatch.exe] => (Allow) J:\downloasdz\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{F846D487-FD25-46CA-9325-21171E8C50A2}J:\downloasdz\overwatch test\overwatch.exe] => (Allow) J:\downloasdz\overwatch test\overwatch.exe
FirewallRules: [{02D49E82-BAD8-4374-9F8E-7A21B30E47B8}] => (Allow) C:\Player\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{9BB17C6F-E696-4643-9806-903947C71F9A}] => (Allow) C:\Player\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0AE0508F-E3E6-42D6-AF6C-695A0542BB96}] => (Allow) J:\steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{92B648A7-6528-449F-A46D-668676D3BE97}] => (Allow) J:\steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{2A97D970-8F2A-4A34-B0B2-3F74291CE6CC}J:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) J:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E4DA7E5C-F236-4816-B7DF-F88EB50C0035}J:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) J:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{59BD6C34-F458-42EB-9FF9-336B35D92D21}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe
FirewallRules: [UDP Query User{E3572862-C778-41E2-97A2-E2529581EAD9}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe
FirewallRules: [TCP Query User{20D5BEFA-5DA1-4454-8B0A-1D1793AE3BE8}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe
FirewallRules: [UDP Query User{FBDD1055-08F9-4394-82FC-EBF426795604}C:\ros\ccmini\ccmini.exe] => (Allow) C:\ros\ccmini\ccmini.exe
FirewallRules: [{FED4172A-B8BF-4D7F-BE95-8D7F96611127}] => (Allow) J:\steam\SteamApps\common\Horizon Source\GameClient.exe
FirewallRules: [{7ECCA89A-90E8-4F02-AE52-E46F43606BF8}] => (Allow) J:\steam\SteamApps\common\Horizon Source\GameClient.exe
FirewallRules: [{397C5CF1-DB7C-4522-8393-C407B6302EA4}] => (Allow) J:\steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{AA8551AA-C515-4881-9613-BBD3999FA130}] => (Allow) J:\steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{AD10754F-824D-4C3B-9370-90FAE2508E06}J:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) J:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{CAE5FED5-A59F-467D-A6E0-9122B2B92B79}J:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe] => (Allow) J:\steam\steamapps\common\pubg_closed_experimental\tslgame\binaries\win64\tslgame.exe
FirewallRules: [{3C355AA5-A365-405B-BB0F-DE36FBD66450}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
27-05-2018 15:50:05 Removed 4K Video Downloader 4.3
27-05-2018 15:55:35 Removed Reddit Wallpaper Changer
27-05-2018 16:07:14 Windows Update
27-05-2018 16:10:30 AMDCleanupUtility Restore Point
 
==================== Faulty Device Manager Devices =============
 
Name: MBAMSwissArmy
Description: MBAMSwissArmy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MBAMSwissArmy
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/27/2018 04:19:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/27/2018 04:17:55 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (05/27/2018 04:13:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/27/2018 04:11:59 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (05/27/2018 04:10:41 PM) (Source: ATIeRecord) (EventID: 16387) (User: )
Description: ATI EEU Service event error
 
Error: (05/27/2018 03:59:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (05/27/2018 03:58:16 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Windows license activation failed. Error 0x80070005.
 
Error: (05/27/2018 03:49:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (05/27/2018 04:18:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (05/27/2018 04:18:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (05/27/2018 04:18:11 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
MBAMSwissArmy
 
Error: (05/27/2018 04:18:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (05/27/2018 04:18:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (05/27/2018 04:13:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (05/27/2018 04:12:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMSwissArmy service failed to start due to the following error: 
The system cannot find the file specified.
 
Error: (05/27/2018 04:12:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
MBAMSwissArmy
 
 
Windows Defender:
===================================
Date: 2017-06-25 11:19:17.117
Description: 
Windows Defender scan has been stopped before completion.
Scan ID:{523C1C9E-C2C4-4798-9460-8BEA1502E8DE}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
 
CodeIntegrity:
===================================
 
Date: 2018-03-13 23:33:21.856
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.817
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.779
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.735
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.682
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.643
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.605
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-03-13 23:33:21.563
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\VeraCryptVolumeJ\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 23%
Total physical RAM: 12279.11 MB
Available physical RAM: 9391.73 MB
Total Virtual: 24556.41 MB
Available Virtual: 20806.5 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:238.47 GB) (Free:31.99 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: () (Fixed) (Total:59.62 GB) (Free:10.17 GB) NTFS ==>[system with boot components (obtained from drive)]
 
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 59.6 GB) (Disk ID: 499D8926)
Partition 1: (Active) - (Size=59.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E18E4B42)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: B89E27FD)
Partition 1: (Active) - (Size=238.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================"
 

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt
notepad %UserProfile%\desktop\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.


 


  • 0

#3
Jaysea29

Jaysea29

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Finished SFC and corrected some errors. 
 
Here's the rest:
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2018 12:00:21 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 28/05/2018 7:00:05 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The SPP Notification Service service terminated with the following error:  Access is denied.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 28/05/2018 12:02:38 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 82.75 0 K 24 K 0
Bless.exe 13.16 2,557,104 K 2,306,712 K 5340 Bless Client ⓒNEOWIZ BLESS STUDIO Corp. (Verified) NEOWIZ GAMES CORP.
procexp (1)64.exe 1.33 34,932 K 54,532 K 692 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.56 0 K 0 K n/a Hardware Interrupts and DPCs
ts3client_win64.exe 0.50 67,748 K 76,276 K 4032 TeamSpeak 3 Client TeamSpeak Systems GmbH (Verified) TeamSpeak Systems GmbH
audiodg.exe 0.41 18,312 K 18,660 K 3972 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 0.28 31,308 K 60,528 K 2076 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.21 12,392 K 19,536 K 592 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
Steam.exe 0.13 131,036 K 167,100 K 2400 Steam Client Bootstrapper Valve Corporation (Verified) Valve
System 0.13 124 K 308 K 4
steamwebhelper.exe 0.10 70,808 K 382,136 K 2948 Steam Client WebHelper Valve Corporation (Verified) Valve
chrome.exe 0.10 473,808 K 515,580 K 624 Google Chrome Google Inc. (Verified) Google Inc
SndVol.exe 0.06 9,932 K 12,088 K 2304 Volume Mixer Microsoft Corporation (Verified) Microsoft Windows
steamwebhelper.exe 0.06 42,400 K 85,396 K 2816 Steam Client WebHelper Valve Corporation (Verified) Valve
AwesomiumProxy.exe 0.04 6,252 K 28,284 K 1324 (Verified) NEOWIZ GAMES CORP.
atieclxx.exe 0.04 3,448 K 9,424 K 1608 AMD External Events Client Module AMD (Verified) Advanced Micro Devices
LCore.exe 0.04 31,552 K 46,740 K 2388 Logitech Gaming Framework Logitech Inc. (Verified) Logitech Inc
svchost.exe 0.04 28,668 K 32,368 K 340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.03 14,280 K 29,428 K 5272 Google Chrome Google Inc. (Verified) Google Inc
GameOverlayUI.exe 0.02 28,960 K 27,292 K 6520 gameoverlayui.exe Valve Corporation (Verified) Valve
explorer.exe 0.02 57,716 K 82,112 K 2104 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 32,340 K 47,312 K 596 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
amddvr.exe 0.01 164,588 K 22,432 K 3488 AMD ReLive: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
chrome.exe 0.01 205,332 K 236,996 K 5520 Google Chrome Google Inc. (Verified) Google Inc
AppleMobileDeviceService.exe < 0.01 4,500 K 11,764 K 1644 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 15,072 K 27,144 K 500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 147,592 K 199,736 K 3420 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe < 0.01 106,200 K 136,016 K 4732 Google Chrome Google Inc. (Verified) Google Inc
wmpnetwk.exe < 0.01 12,972 K 11,804 K 3384 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
SteamService.exe < 0.01 7,112 K 12,292 K 3168 Steam Client Service Valve Corporation (Verified) Valve
taskhost.exe < 0.01 10,156 K 14,104 K 2040 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 133,948 K 149,060 K 1780 Google Chrome Google Inc. (Verified) Google Inc
svchost.exe < 0.01 10,820 K 19,196 K 492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 17,688 K 19,072 K 1268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
RadeonSettings.exe < 0.01 152,768 K 14,120 K 2380 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
SearchIndexer.exe < 0.01 55,400 K 35,248 K 3132 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,828 K 5,156 K 508 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 8,392 K 14,896 K 3636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
TrayTipAgentE.exe < 0.01 6,336 K 7,552 K 2704 (Certificate expired)
WmiPrvSE.exe 4,724 K 9,052 K 6740 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,460 K 7,412 K 7736 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3,836 K 8,436 K 956 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 2,112 K 5,176 K 584 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 8,208 K 15,280 K 3312 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 4,724 K 6,912 K 5920 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,644 K 6,376 K 7312 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,248 K 11,828 K 764 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 55,248 K 38,320 K 3820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 14,068 K 17,192 K 4036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16,600 K 20,092 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,764 K 9,792 K 848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,360 K 6,336 K 1400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 5,048 K 8,544 K 1768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 3,120 K 6,804 K 3844 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
steamwebhelper.exe 14,284 K 19,932 K 5260 Steam Client WebHelper Valve Corporation (Verified) Valve
steamwebhelper.exe 12,240 K 13,852 K 2828 Steam Client WebHelper Valve Corporation (Verified) Valve
sppsvc.exe 3,004 K 8,932 K 3096 Microsoft Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 7,636 K 13,080 K 1496 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 764 K 1,456 K 328 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
services.exe 7,044 K 10,856 K 632 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
procexp (1).exe 2,552 K 7,776 K 5440 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
OSPPSVC.EXE 5,304 K 12,584 K 1392 Microsoft Office Software Protection Platform Service Microsoft Corporation (Verified) Microsoft Corporation
nusb3mon.exe 2,224 K 5,880 K 2688 USB 3.0 Monitor NEC Electronics Corporation (No signature was present in the subject) NEC Electronics Corporation
notepad.exe 2,024 K 6,956 K 7028 Notepad Microsoft Corporation (Verified) Microsoft Windows
NIHardwareService.exe 30,272 K 38,272 K 1868 NIHardwareService Native Instruments GmbH (Verified) NATIVE INSTRUMENTS GmbH
mDNSResponder.exe 3,328 K 7,016 K 1740 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsm.exe 3,216 K 4,972 K 660 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 5,708 K 13,440 K 652 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
LogiRegistryService.exe 1,984 K 5,296 K 1816 Logitech Surround Sound Service Logitech Inc. (Verified) Logitech Inc
dllhost.exe 3,164 K 7,232 K 7196 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 2,060 K 4,524 K 6600 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 135,620 K 168,920 K 6432 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 35,916 K 45,540 K 7604 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 63,604 K 87,124 K 5508 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 179,212 K 191,132 K 5624 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 58,444 K 74,416 K 5816 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 113,152 K 156,536 K 1716 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 108,964 K 134,792 K 5312 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 78,996 K 112,784 K 4184 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 109,952 K 143,284 K 5868 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 61,840 K 83,460 K 4856 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 72,420 K 104,516 K 6280 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 98,776 K 126,948 K 2560 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 87,788 K 115,920 K 3568 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3,476 K 7,216 K 860 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 3,808 K 7,984 K 4196 Google Chrome Google Inc. (Verified) Google Inc
atiesrxx.exe 2,164 K 5,788 K 908 AMD External Events Service Module AMD (Verified) Advanced Micro Devices
amdow.exe 3,416 K 6,672 K 4400 AMD ReLive: Desktop Overlay Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices
 
 
 
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       328 N/A                                         
csrss.exe                      508 N/A                                         
wininit.exe                    584 N/A                                         
csrss.exe                      592 N/A                                         
services.exe                   632 N/A                                         
lsass.exe                      652 KeyIso, SamSs                               
lsm.exe                        660 N/A                                         
svchost.exe                    764 DcomLaunch, PlugPlay, Power                 
svchost.exe                    848 RpcEptMapper, RpcSs                         
atiesrxx.exe                   908 AMD External Events Utility                 
winlogon.exe                   956 N/A                                         
svchost.exe                    340 AudioSrv, Dhcp, eventlog,                   
                                   HomeGroupProvider, lmhosts, wscsvc          
svchost.exe                    500 AudioEndpointBuilder, CscService, hidserv,  
                                   HomeGroupListener, Netman, PcaSvc, TrkWks,  
                                   UxSms, Wlansvc, wudfsvc                     
svchost.exe                    492 EventSystem, fdPHost, FontCache, netprofm,  
                                   nsi, WdiServiceHost                         
svchost.exe                    596 AeLookupSvc, Appinfo, BITS, Browser,        
                                   EapHost, gpsvc, IKEEXT, iphlpsvc,           
                                   LanmanServer, MMCSS, ProfSvc, Schedule,     
                                   SENS, ShellHWDetection, Themes, Winmgmt,    
                                   wuauserv                                    
svchost.exe                   1268 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
spoolsv.exe                   1496 Spooler                                     
svchost.exe                   1532 BFE, DPS, MpsSvc                            
atieclxx.exe                  1608 N/A                                         
AppleMobileDeviceService.     1644 Apple Mobile Device Service                 
mDNSResponder.exe             1740 Bonjour Service                             
svchost.exe                   1768 DiagTrack                                   
LogiRegistryService.exe       1816 LogiRegistryService                         
NIHardwareService.exe         1868 NIHardwareService                           
taskhost.exe                  2040 N/A                                         
dwm.exe                       2076 N/A                                         
explorer.exe                  2104 N/A                                         
RadeonSettings.exe            2380 N/A                                         
LCore.exe                     2388 N/A                                         
Steam.exe                     2400 N/A                                         
nusb3mon.exe                  2688 N/A                                         
TrayTipAgentE.exe             2704 N/A                                         
steamwebhelper.exe            2816 N/A                                         
steamwebhelper.exe            2828 N/A                                         
svchost.exe                   1400 stisvc                                      
OSPPSVC.EXE                   1392 osppsvc                                     
SearchIndexer.exe             3132 WSearch                                     
SteamService.exe              3168 Steam Client Service                        
wmpnetwk.exe                  3384 WMPNetworkSvc                               
amddvr.exe                    3488 N/A                                         
svchost.exe                   3636 FDResPub, SSDPSRV, upnphost                 
svchost.exe                   3820 WinDefend                                   
svchost.exe                   3844 PolicyAgent                                 
svchost.exe                   4036 p2pimsvc, p2psvc, PNRPsvc                   
amdow.exe                     4400 N/A                                         
steamwebhelper.exe            5260 N/A                                         
sppsvc.exe                    3096 sppsvc                                      
audiodg.exe                   3972 N/A                                         
ts3client_win64.exe           4032 N/A                                         
chrome.exe                    3420 N/A                                         
chrome.exe                     860 N/A                                         
chrome.exe                    4196 N/A                                         
chrome.exe                    1780 N/A                                         
chrome.exe                    5816 N/A                                         
chrome.exe                    5624 N/A                                         
chrome.exe                    1716 N/A                                         
chrome.exe                    4732 N/A                                         
chrome.exe                    2560 N/A                                         
chrome.exe                    5312 N/A                                         
chrome.exe                    4856 N/A                                         
chrome.exe                    3568 N/A                                         
chrome.exe                    5508 N/A                                         
chrome.exe                    5520 N/A                                         
chrome.exe                     624 N/A                                         
chrome.exe                    5272 N/A                                         
chrome.exe                    6280 N/A                                         
SndVol.exe                    2304 N/A                                         
taskhost.exe                  5920 N/A                                         
chrome.exe                    5868 N/A                                         
steamwebhelper.exe            2948 N/A                                         
chrome.exe                    6432 N/A                                         
chrome.exe                    4184 N/A                                         
TrustedInstaller.exe          3312 TrustedInstaller                            
Bless.exe                     5340 N/A                                         
AwesomiumProxy.exe            1324 N/A                                         
conhost.exe                   6600 N/A                                         
GameOverlayUI.exe             6520 N/A                                         
chrome.exe                    7604 N/A                                         
notepad.exe                   7028 N/A                                         
WmiPrvSE.exe                  7736 N/A                                         
SearchProtocolHost.exe        5328 N/A                                         
SearchFilterHost.exe          1724 N/A                                         
notepad.exe                   6544 N/A                                         
dllhost.exe                   7752 N/A                                         
dllhost.exe                   7372 N/A                                         
cmd.exe                       5532 N/A                                         
conhost.exe                   1676 N/A                                         
tasklist.exe                  7980 N/A                                         
WmiPrvSE.exe                  7088 N/A                                         
 
 
 
 
 

 


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,068 posts
  • MVP

No Speccy file?

 

Process Explorer says you have something called bless running and it's using a lot of CPU time.

 

Bless.exe 13.16 2,557,104 K 2,306,712 K 5340 Bless Client ⓒNEOWIZ BLESS STUDIO Corp. (Verified) NEOWIZ GAMES CORP.
 
 

 

 

Other than that it should be fairly quick.

 

This error:

 

Log: 'System' Date/Time: 28/05/2018 7:00:05 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The SPP Notification Service service terminated with the following error:  Access is denied.
 

 

 

 
Is your copy of Windows licensed?

  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP