PC has been very slow recently no idea why.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by Jamie (administrator) on BETRAYED (07-06-2018 19:27:01)
Running from D:\Users\Jamie\Desktop
Loaded Profiles: Jamie (Available Profiles: Jamie)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\pcupdateservice.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdmonitorapps.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalsystray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Dassault Systèmes SolidWorks Corp.) D:\Program Files\SOLIDWORKS\sldworks_fs.exe
(Corsair Components, Inc.) D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(Discord Inc.) C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe
(Rainmeter) D:\Program Files\Rainmeter\Rainmeter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
() D:\Program Files\Sublime Text 3\sublime_text.exe
() D:\Program Files\Sublime Text 3\plugin_host.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-4778-A5FC-0D0F1F219F12}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{C12EDCD9-A219-47 (the data entry has 36 more characters).
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9235936 2017-10-25] (Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [18630280 2018-05-07] (Logitech Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2409424 2018-04-24] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [597688 2018-05-15] (Razer Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3200800 2018-06-01] (Valve Corporation)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Discord] => C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3044848 2017-02-11] (Electronic Arts)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18364648 2018-05-24] (Piriform Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify] => C:\Users\Jamie\AppData\Roaming\Spotify\Spotify.exe [24023440 2018-06-07] (Spotify Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gaijin.Net Agent] => C:\Users\Jamie\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2115656 2017-10-15] (Gaijin Entertainment)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5345672 2017-12-21] (Nota Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Windscribe] => "C:\Program Files (x86)\Windscribe\Windscribe.exe" -os_restart
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [5852920 2018-05-02] (NordVPN)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify Web Helper] => C:\Users\Jamie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [781712 2018-06-07] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OBS Studio.lnk [2016-10-10]
ShortcutTarget: OBS Studio.lnk -> D:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2017 Fast Start.lnk [2017-12-08]
ShortcutTarget: SOLIDWORKS 2017 Fast Start.lnk -> C:\Windows\Installer\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2018-06-07]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-07-09]
ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{BD584BD8-9D46-4F4B-B346-6A00849ED96C}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ie/?ocid=iehp
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-04-29] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-29] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: dvfgafen.default
FF ProfilePath: C:\Users\Jamie\AppData\Roaming\Mozilla\Firefox\Profiles\dvfgafen.default [2018-06-01]
FF Plugin: 3ds.com/ComposerPlayerWebPlugin_x86_64 -> D:\Program Files\SOLIDWORKS Composer Player\Bin\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-29] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-04-24] (Adobe Systems)
FF Plugin-x32: 3ds.com/ComposerPlayerWebPlugin -> D:\Program Files\SOLIDWORKS Composer Player\Bin\x86\npcomposerplayerwebplugin.dll [2017-02-03] (Dassault Systemes)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-05-22] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-04-24] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR DefaultSearchKeyword: Default -> google.co.uk
CHR Profile: C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default [2018-06-07]
CHR Extension: (Heartbeat) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2017-01-24]
CHR Extension: (Slides) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]
CHR Extension: (YouTube) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]
CHR Extension: (uBlock Origin) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-05-26]
CHR Extension: (Tampermonkey) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-05-17]
CHR Extension: (Sheets) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (LoungeDestroyer) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2018-05-11]
CHR Extension: (Google Docs Offline) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2018-05-27]
CHR Extension: (Iron Man-Material Design) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nekeenfmlfhgoaojceionblcpbbjmnpk [2016-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Jamie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-01]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-04-24] (Adobe Systems Incorporated)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
R2 BdParental; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe [119512 2018-05-17] (Bitdefender)
R2 BdParentalUpdate; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\PCUpdateService.exe [62864 2018-05-17] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-06-04] ()
S3 CoordinatorServiceHost; D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe [81304 2017-02-04] (Dassault Systèmes SolidWorks Corporation)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-08] (EasyAntiCheat Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [206472 2018-05-07] (Logitech Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [430840 2018-05-02] ()
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
R3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-14] (NVIDIA Corporation)
S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-05-10] (The OpenVPN Project)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-11] (Electronic Arts)
S2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-11] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189776 2018-03-14] ()
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2017-12-08] (SolidWorks) [File not signed]
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bddevflt; C:\Windows\System32\DRIVERS\bddevflt.sys [106992 2018-05-17] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdfwfpf_pc.sys [142232 2018-05-17] (Bitdefender SRL)
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [564216 2017-04-25] (Intel Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2017-06-29] (LogMeIn Inc.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [67736 2018-05-07] (Logitech Inc.)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-06-07] (Malwarebytes)
R1 MpKsl068e207c; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E5A8B87F-6392-4BFC-BC73-997A840C6BF6}\MpKsl068e207c.sys [58120 2018-06-07] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-14] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [56064 2018-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
S3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [41720 2018-03-08] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137592 2018-03-19] (Razer, Inc.)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 tapnordvpn; C:\Windows\system32\DRIVERS\tapnordvpn.sys [75088 2017-03-29] (The OpenVPN Project)
S3 tapwindscribe0901; C:\Windows\system32\DRIVERS\tapwindscribe0901.sys [45560 2017-09-13] (The OpenVPN Project)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
U3 gzflt; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-07 19:26 - 2018-06-07 19:27 - 000000000 ____D C:\FRST
2018-06-07 18:49 - 2018-06-07 18:49 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-06-05 15:34 - 2018-06-05 15:34 - 000000000 ____D C:\ProgramData\LogiShrd
2018-06-05 15:33 - 2018-06-05 15:33 - 000000000 ____D C:\Users\Jamie\AppData\Local\Logitech
2018-06-05 15:31 - 2018-06-05 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-06-05 15:30 - 2018-06-05 15:31 - 000000000 ____D C:\Program Files\Logitech Gaming Software
2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logitech
2018-06-05 15:30 - 2018-06-05 15:30 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Logishrd
2018-06-05 00:49 - 2018-06-05 00:49 - 000001925 _____ C:\Users\Public\Desktop\NordVPN.lnk
2018-06-05 00:48 - 2018-06-05 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files\TAP-NordVPN
2018-06-05 00:48 - 2018-06-05 00:48 - 000000000 ____D C:\Program Files (x86)\NordVPN
2018-06-04 11:01 - 2018-06-04 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-04 11:01 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-06-03 15:22 - 2018-06-03 15:22 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsign9f5928a9196dbbd0
2018-06-02 21:32 - 2018-06-02 21:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc261ba133930a345
2018-06-01 13:43 - 2018-06-01 13:43 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-06-01 13:42 - 2018-06-01 13:42 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\ProgramData\AVAST Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-06-01 13:42 - 2018-06-01 13:42 - 000000000 ____D C:\Program Files\AVAST Software
2018-06-01 10:32 - 2018-06-01 10:32 - 000000000 ____D C:\Users\Jamie\AppData\Local\BattlEye
2018-05-24 17:14 - 2018-05-24 17:14 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-24 17:14 - 2018-05-22 21:09 - 000132392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2018-05-24 17:12 - 2018-05-23 19:24 - 040089632 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2018-05-24 17:12 - 2018-05-23 19:24 - 032359864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2018-05-24 17:12 - 2018-05-23 19:24 - 000056064 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2018-05-24 17:12 - 2018-05-23 19:23 - 040347168 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 035250536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 016997632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2018-05-24 17:12 - 2018-05-23 19:23 - 003964960 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 003496992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 002013784 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439793.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001562016 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439793.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001418840 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001216256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 001092000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000626776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000517536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-05-24 17:12 - 2018-05-23 19:23 - 000134688 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 031276288 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 025990096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 019080776 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 017782384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 015192624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 013727792 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 011273120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 001157208 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000913664 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000904904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000544472 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000462832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000420000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000182784 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000170192 _____ (NVIDIA Corporation) C:\Windows\system32\nvdlistx.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000164944 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000159896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000148512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdlist.dll
2018-05-24 17:12 - 2018-05-23 19:22 - 000142632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2018-05-24 17:12 - 2018-05-22 22:52 - 000227928 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2018-05-24 17:12 - 2018-05-22 22:52 - 000047648 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2018-05-23 14:09 - 2018-05-23 14:09 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
2018-05-23 14:08 - 2018-05-27 14:10 - 000000000 ____D C:\Users\Jamie\AppData\Local\Battle.net
2018-05-23 14:08 - 2018-05-25 22:25 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard Entertainment
2018-05-23 14:08 - 2018-05-25 22:12 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Battle.net
2018-05-23 14:08 - 2018-05-23 14:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2018-05-23 14:07 - 2018-05-27 13:30 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\Users\Jamie\AppData\Local\Blizzard
2018-05-23 14:06 - 2018-05-23 14:06 - 000000000 ____D C:\ProgramData\Battle.net
2018-05-19 23:48 - 2018-05-19 23:48 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignfe2295aadf1bbde7
2018-05-18 20:06 - 2018-05-24 17:13 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-05-18 20:06 - 2018-05-08 22:24 - 001990688 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439764.dll
2018-05-18 20:06 - 2018-05-08 22:24 - 001467992 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439764.dll
2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2018-05-18 20:06 - 2018-05-07 21:58 - 000000669 _____ C:\Windows\system32\nv-vk64.json
2018-05-17 16:35 - 2018-05-17 16:35 - 000106992 _____ (BitDefender LLC) C:\Windows\system32\Drivers\bddevflt.sys
2018-05-16 19:03 - 2018-05-16 19:03 - 000000000 ____D C:\Users\Jamie\AppData\Local\Tempzxpsignc1d1dccad7ed2609
2018-05-14 19:12 - 2018-03-19 19:26 - 000137592 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2018-05-14 19:12 - 2018-03-08 22:14 - 000041720 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2018-05-14 19:09 - 2018-05-14 19:09 - 000000000 ____D C:\Program Files (x86)\PKGInstaller
2018-05-11 20:05 - 2018-05-11 20:05 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS 2017
2018-05-09 13:36 - 2018-04-22 09:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 13:36 - 2018-04-22 08:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 13:36 - 2018-04-22 08:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 13:36 - 2018-04-22 07:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 13:36 - 2018-04-22 07:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 13:35 - 2018-04-22 10:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 13:35 - 2018-04-22 09:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 13:35 - 2018-04-22 08:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 13:35 - 2018-04-22 08:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 13:35 - 2018-04-22 08:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 13:35 - 2018-04-22 08:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 13:35 - 2018-04-22 08:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 13:35 - 2018-04-22 08:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 13:35 - 2018-04-22 07:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 13:35 - 2018-04-22 07:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 13:35 - 2018-04-22 07:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 13:35 - 2018-04-22 07:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 13:35 - 2018-04-22 07:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 13:35 - 2018-04-22 07:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 13:35 - 2018-04-22 07:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 13:35 - 2018-04-22 07:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 13:35 - 2018-04-22 07:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 13:35 - 2018-04-22 07:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 13:35 - 2018-04-22 07:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 13:35 - 2018-04-22 07:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 13:35 - 2018-04-22 07:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 13:35 - 2018-04-22 07:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 13:35 - 2018-04-22 07:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 13:35 - 2018-04-22 07:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 13:35 - 2018-04-22 07:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 13:35 - 2018-04-22 07:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 13:35 - 2018-04-15 17:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 13:35 - 2018-04-15 17:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 13:35 - 2018-04-11 02:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 13:35 - 2018-04-11 02:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 13:35 - 2018-04-11 02:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 13:35 - 2018-04-10 19:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 13:35 - 2018-04-10 19:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 13:35 - 2018-04-10 19:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 13:35 - 2018-04-10 18:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 13:35 - 2018-04-10 17:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 13:35 - 2018-04-07 17:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 13:35 - 2018-04-07 16:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 13:35 - 2018-04-07 16:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 13:35 - 2018-04-07 16:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 13:35 - 2018-04-07 16:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 13:35 - 2018-04-07 16:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 13:35 - 2018-04-07 16:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 13:35 - 2018-04-07 16:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 13:35 - 2018-04-06 22:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 13:35 - 2018-03-24 16:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 13:35 - 2018-03-24 16:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 13:35 - 2018-03-24 16:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 13:35 - 2018-03-24 16:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 13:35 - 2018-03-24 15:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 13:35 - 2018-03-24 15:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 13:35 - 2018-03-15 23:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 13:35 - 2018-03-10 21:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 13:35 - 2018-03-10 20:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 13:35 - 2018-03-10 18:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 13:35 - 2018-03-10 18:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 13:35 - 2018-03-10 18:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 13:35 - 2018-03-10 18:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 13:35 - 2018-03-10 17:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 13:35 - 2018-03-10 17:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 13:35 - 2018-03-10 17:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 13:35 - 2018-03-10 17:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 13:35 - 2018-03-10 17:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 13:35 - 2018-03-10 17:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 13:35 - 2018-03-10 17:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 13:35 - 2018-03-10 17:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 13:35 - 2018-03-10 17:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 13:35 - 2018-03-10 17:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 13:35 - 2018-03-10 17:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 13:35 - 2018-03-10 17:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 13:35 - 2018-03-09 19:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 13:35 - 2018-03-03 17:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 13:35 - 2018-03-03 17:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 13:35 - 2018-03-03 17:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 13:35 - 2018-03-03 17:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 13:35 - 2018-03-03 17:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 13:35 - 2018-03-03 17:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 13:35 - 2018-02-14 22:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 13:35 - 2018-02-14 15:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-06-07 19:18 - 2016-07-09 11:13 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\TS3Client
2018-06-07 18:56 - 2016-07-09 00:56 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1719391309-1542172637-2612288240-1001
2018-06-07 18:55 - 2014-03-18 16:26 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-07 18:55 - 2013-08-22 14:36 - 000000000 ____D C:\Windows\Inf
2018-06-07 18:53 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-07 18:52 - 2018-03-25 10:07 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\steelseries-engine-3-client
2018-06-07 18:49 - 2013-08-22 15:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-07 18:45 - 2016-07-10 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3 Launcher
2018-06-07 18:06 - 2016-10-09 21:54 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\obs-studio
2018-06-07 18:06 - 2016-07-10 11:41 - 000000000 ____D C:\Users\Jamie\AppData\Local\Arma 3
2018-06-07 18:02 - 2016-07-09 13:51 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\vlc
2018-06-07 17:41 - 2016-07-09 00:53 - 000003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5300C48B-BF93-4A18-917D-7F8F63F8C0CE}
2018-06-07 14:24 - 2016-07-09 13:11 - 000000000 ____D C:\Users\Jamie\AppData\Local\Spotify
2018-06-07 14:24 - 2016-07-09 13:09 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Spotify
2018-06-06 21:32 - 2016-07-09 10:58 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-06 11:29 - 2018-03-10 11:17 - 000000000 ___RD C:\Users\Jamie\Creative Cloud Files
2018-06-06 11:29 - 2016-07-22 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Local\Adobe
2018-06-05 18:45 - 2016-07-16 14:05 - 000000000 ____D C:\Users\Jamie\AppData\Local\CrashDumps
2018-06-05 15:32 - 2013-08-22 15:44 - 000457512 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-05 15:32 - 2013-08-22 14:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-06-05 00:50 - 2018-03-30 18:01 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\NordVPN
2018-06-04 11:01 - 2018-03-21 14:39 - 000000000 ____D C:\Program Files\Malwarebytes
2018-06-04 11:01 - 2017-01-09 17:50 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-02 02:28 - 2016-07-09 00:50 - 000000000 ____D C:\Users\Jamie
2018-06-02 02:24 - 2016-07-09 11:43 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\Skype
2018-06-01 20:42 - 2016-12-10 22:45 - 000000000 ____D C:\Users\Jamie\AppData\LocalLow\Mozilla
2018-06-01 13:42 - 2017-06-22 15:06 - 000000000 ____D C:\Program Files\CCleaner
2018-06-01 12:52 - 2016-07-22 16:50 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\discord
2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-25 11:41 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\AppReadiness
2018-05-24 17:19 - 2016-07-09 01:50 - 000000000 ____D C:\Users\Jamie\AppData\Local\NVIDIA
2018-05-24 17:14 - 2018-03-04 14:22 - 000000000 ____D C:\temp
2018-05-24 17:14 - 2016-07-09 01:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-24 17:14 - 2016-07-09 01:32 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-23 19:24 - 2016-07-09 10:41 - 001467800 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2018-05-23 19:23 - 2016-07-09 10:41 - 023298544 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2018-05-23 19:22 - 2017-10-25 18:41 - 015691136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2018-05-23 19:22 - 2016-10-21 16:59 - 000505736 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 020323544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 004613408 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-05-23 19:22 - 2016-07-09 10:41 - 004081624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-05-22 22:52 - 2015-11-10 02:48 - 001688848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2018-05-22 22:52 - 2015-11-10 01:13 - 000041598 _____ C:\Windows\system32\nvinfo.pb
2018-05-22 20:58 - 2016-07-09 01:32 - 002612520 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-05-22 20:57 - 2016-07-09 10:42 - 000633984 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-05-22 20:57 - 2016-07-09 10:42 - 000083240 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 005947328 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 001767360 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 000450960 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-05-22 20:57 - 2016-07-09 01:32 - 000124200 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-05-22 07:43 - 2016-07-09 01:32 - 008186102 _____ C:\Windows\system32\nvcoproc.bin
2018-05-18 20:07 - 2016-07-09 01:32 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-18 16:25 - 2016-07-09 10:57 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-18 16:25 - 2016-07-09 10:57 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\ProgramData\Razer
2018-05-14 19:12 - 2016-07-09 11:15 - 000000000 ____D C:\Program Files (x86)\Razer
2018-05-14 19:09 - 2016-07-09 11:16 - 000000000 ____D C:\Users\Jamie\AppData\Local\Razer
2018-05-14 19:07 - 2017-11-26 21:02 - 000000000 ____D C:\Users\Jamie\AppData\Local\LogMeIn Hamachi
2018-05-14 17:01 - 2017-10-25 17:44 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-05-11 20:05 - 2017-12-08 14:24 - 000000000 ____D C:\Users\Jamie\AppData\Roaming\SOLIDWORKS
2018-05-10 18:51 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\SysWOW64\en-GB
2018-05-09 21:43 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\system32\en-GB
2018-05-09 16:03 - 2016-07-17 13:38 - 000000000 ____D C:\Users\Jamie\.junique
2018-05-09 13:41 - 2013-08-22 16:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 13:40 - 2016-07-10 05:15 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 13:38 - 2017-10-11 14:34 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 13:38 - 2016-07-10 05:15 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 22:25 - 2016-07-09 01:32 - 000551680 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-05-08 22:25 - 2016-07-09 01:32 - 000456792 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
==================== Files in the root of some directories =======
2018-02-22 18:24 - 2018-04-29 12:18 - 000000033 _____ () C:\Users\Jamie\AppData\Roaming\AdobeWLCMCache.dat
2016-10-20 21:22 - 2017-02-12 00:45 - 000000301 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Login.ini
2016-07-09 19:08 - 2017-02-12 01:50 - 000001427 _____ () C:\Users\Jamie\AppData\Roaming\BreakingPoint_Options.ini
2016-11-08 00:45 - 2016-11-08 00:45 - 000000054 _____ () C:\Users\Jamie\AppData\Roaming\updater.cfg
2018-01-05 20:42 - 2018-01-05 20:42 - 000000600 _____ () C:\Users\Jamie\AppData\Roaming\winscp.rnd
2017-07-20 10:14 - 2017-09-28 18:36 - 000001456 _____ () C:\Users\Jamie\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-12-27 19:55 - 2017-12-27 19:55 - 000000600 _____ () C:\Users\Jamie\AppData\Local\PUTTY.RND
2016-07-09 21:05 - 2016-07-09 21:05 - 000007605 _____ () C:\Users\Jamie\AppData\Local\Resmon.ResmonCfg
2016-07-10 23:42 - 2016-07-10 23:42 - 000000003 _____ () C:\Users\Jamie\AppData\Local\updater.log
2016-07-10 23:42 - 2016-08-06 11:31 - 000000424 _____ () C:\Users\Jamie\AppData\Local\UserProducts.xml
Some files in TEMP:
====================
2018-06-05 18:45 - 2018-06-05 18:45 - 000000000 _____ () C:\Users\Jamie\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
2018-06-05 18:45 - 2018-06-05 18:45 - 000000017 _____ () C:\Users\Jamie\AppData\Local\Temp\df56b456466e87efef47cf1a2c9e2082.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-02 18:55
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by Jamie (07-06-2018 19:27:30)
Running from D:\Users\Jamie\Desktop
Windows 8.1 (Update) (X64) (2016-07-08 23:50:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1719391309-1542172637-2612288240-500 - Administrator - Disabled)
Guest (S-1-5-21-1719391309-1542172637-2612288240-501 - Limited - Disabled)
Jamie (S-1-5-21-1719391309-1542172637-2612288240-1001 - Administrator - Enabled) => C:\Users\Jamie
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe After Effects CC 2017 (HKLM-x32\...\AEFT_14_2_1) (Version: 14.2.1 - Adobe Systems Incorporated)
Adobe Character Animator CC (Beta) (HKLM-x32\...\ANMLBETA_1_0_6) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.5.0.331 - Adobe Systems Incorporated)
Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_0_1) (Version: 22.0.1 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_2) (Version: 11.1.2 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)
AutoHotkey 1.1.24.02 (HKLM\...\AutoHotkey) (Version: 1.1.24.02 - Lexikos)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Bitdefender Parental Advisor (HKLM\...\Bitdefender Parental Advisor) (Version: 1.2.0.291 - Bitdefender)
Breaking Point (HKLM-x32\...\{D94AC775-62AF-4630-8292-7EB26691AAAE}) (Version: 5.0.2.9 - The Zombie Infection) Hidden
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
CCleaner (HKLM\...\CCleaner) (Version: 5.43 - Piriform)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Discord (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 397.93 - NVIDIA Corporation) Hidden
Epic Games Launcher (HKLM-x32\...\{213B426C-5317-4F2D-8395-AC04B70711C4}) (Version: 1.1.133.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{5f313643-63c9-4660-8dae-eb4a80196cb4}) (Version: 10.1.2.19 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.6 (HKLM-x32\...\{2B710CA5-99F0-4D29-962C-29A7CFF7A989}) (Version: 2.6.0.32 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Kodi) (Version: - XBMC-Foundation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Logitech Gaming Software 9.00 (HKLM\...\Logitech Gaming Software) (Version: 9.00.42 - Logitech Inc.)
Magic Bullet Suite 64-bit (HKLM\...\{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Firefox 59.0.3 (x64 en-US) (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Mozilla Firefox 59.0.3 (x64 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MultiBit Classic 0.5.19 (HKLM\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)
MultiBit HD 0.3.0 (HKLM\...\6925-4794-5772-4956) (Version: 0.3.0 - Bitcoin Solutions Ltd)
NordVPN (HKLM-x32\...\{7296DD91-4FC7-47BB-B211-912D9E980FC7}) (Version: 6.13.13 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.13.13) (Version: 6.13.13 - NordVPN)
NVIDIA 3D Vision Controller Driver 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 397.93 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Graphics Driver 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 397.93 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 397.93 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 397.93 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 20.1.0 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
OpenVPN 2.3.11-I601 (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.11.0 - )
pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== ATTENTION
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PuTTY release 0.70 (64-bit) (HKLM\...\{45B3032F-22CC-40CD-9E97-4DA7095FA5A2}) (Version: 0.70.0.0 - Simon Tatham)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.19.529 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8279 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.1 - Rockstar Games)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SOLIDWORKS 2017 SP02 (HKLM\...\{BB965FD0-077F-4CA4-BFD1-39FFEFF15770}) (Version: 25.120.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2017 SP02 (HKLM-x32\...\SolidWorks Installation Manager 20170-40200-1100-100) (Version: 25.2.0.52 - SolidWorks Corporation)
SOLIDWORKS Composer Player 2017 SP02 (HKLM\...\{2F5D372A-EE3F-4201-8899-AA717AB91110}) (Version: 25.20.52 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2017 SP02 (HKLM\...\{061157FB-631D-480A-B8AB-529E455BA74D}) (Version: 17.2.0029 - Dassault Systèmes SolidWorks Corp) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
Spotify (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Spotify) (Version: 1.0.82.447.g975ad224 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.12.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.12.4 - SteelSeries ApS)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
TAP-NordVPN 9.21.2 (HKLM\...\TAP-NordVPN) (Version: 9.21.2 - NordVPN.com)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)
WPTx64 (HKLM-x32\...\{0B2C58EB-67A2-225B-60B2-D1990E55DD33}) (Version: 8.100.26866 - Microsoft)
XAMPP (HKLM-x32\...\xampp) (Version: 7.1.11-0 - Bitnami)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] ()
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext.dll [2016-07-08] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => D:\Program Files\WinRAR\rarext32.dll [2016-07-08] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06763BA6-162A-4D87-8ED8-08B3878D28B4} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {0C13D476-921D-4F35-9512-5C4315087486} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-03-14] (NVIDIA Corporation)
Task: {0F2E34F7-DF67-4931-8180-94601F02A3E7} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2018-04-11] (Adobe Systems Incorporated)
Task: {23662676-604F-4CE4-AE7C-D00D52DFEA81} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {26E992B5-1ABB-4578-BAB9-03F714E64610} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-03-14] (NVIDIA Corporation)
Task: {35386CF1-51D3-4CDB-AAE6-E4A831819BF8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {45D3124E-E400-4CB6-8A58-771FA7E08BE9} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
Task: {4A5586B0-A962-47A2-A999-59841DB478AB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {58BBA558-2959-42FC-9902-821282282918} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {6835F2CF-3C45-49FD-9B8C-1E2CB6649452} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {7259BD5C-A376-44C6-B17D-45C607A736F8} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-03-14] (NVIDIA Corporation)
Task: {74BFFE8C-382B-4AC2-A021-B884EDAA936A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {7893E9C3-9133-4D20-B35F-91A3976B8694} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-24] (Piriform Ltd)
Task: {7A55D264-0586-4C00-90D4-19FA9260642D} - System32\Tasks\AdobeGCInvoker-1.0-Betrayed-Jamie => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
Task: {8DB43842-0A6D-4138-85EE-E5847D9178EB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-03-14] (NVIDIA Corporation)
Task: {9156EE9B-FB63-45B3-A21B-97226934652A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {A09EF7C6-A025-4B84-B569-C478EAC89AB3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {AFACBA89-BFF1-4157-B006-B56889770DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-24] (Piriform Ltd)
Task: {BB55845E-C171-498D-A155-3C76D1EE5A30} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-03-14] (NVIDIA Corporation)
Task: {BDF43C40-AA3C-45A7-B70C-D9C32D8BBC42} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\Windows\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BFE19B39-EC2B-4708-8BE6-D9322CE361E1} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C47A6178-DF6F-4CBE-8183-97FBBE719CB4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {C945DA90-4C5E-4A02-B1E1-43D03C942852} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {CED85B6F-3F79-4416-B0AC-6EBE301C9D99} - System32\Tasks\Avast Software\Overseer => C:\Program Files\AVAST Software\Avast\setup\overseer.exe [2018-06-07] (AVAST Software)
Task: {FB746247-9F64-46DD-A92C-E8D3D4E07A99} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-03-14] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-08 16:29 - 2018-05-08 16:29 - 000992704 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpbr.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 000543344 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpdsp.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 003639000 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttpf.mdl
2018-05-08 16:29 - 2018-05-08 16:29 - 001527808 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02551_005\ashttprbl.mdl
2018-05-02 12:49 - 2018-05-02 12:49 - 000430840 _____ () C:\Program Files (x86)\NordVPN\nordvpn-service.exe
2018-02-27 20:08 - 2018-02-27 20:08 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-10-25 17:44 - 2018-03-14 14:05 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-14 20:13 - 2018-03-14 20:13 - 000189776 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 000117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2018-06-04 11:01 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2018-05-07 08:33 - 2018-05-07 08:33 - 001096840 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2018-05-07 08:33 - 2018-05-07 08:33 - 000241800 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-03-22 21:59 - 2018-03-14 14:04 - 000019904 _____ () c:\program files\nvidia corporation\nvstreamsrv\detoured.dll
2016-07-09 11:05 - 2016-06-08 18:07 - 000458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-09 11:05 - 2016-06-08 18:18 - 000709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2017-02-04 02:43 - 2017-02-04 02:43 - 000272280 _____ () D:\Program Files\SOLIDWORKS\sldBodyDiffu.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000174744 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2017-01-12 17:35 - 2018-02-17 22:07 - 000020632 _____ () D:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2017-01-12 17:35 - 2018-02-17 22:07 - 001981592 _____ () D:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000125592 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-06-23 12:02 - 2018-02-17 22:07 - 000150680 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2017-02-15 13:21 - 2017-02-15 13:21 - 000134144 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2017-01-12 17:35 - 2017-10-20 19:26 - 006282240 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll
2017-01-12 17:35 - 2016-11-09 19:09 - 000263680 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll
2017-01-12 17:35 - 2018-06-02 14:36 - 004021248 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll
2017-01-12 17:35 - 2017-02-16 20:19 - 000479744 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\soundboard.dll
2017-03-24 17:10 - 2017-07-21 13:03 - 000345880 _____ () C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2018-03-23 21:38 - 2018-06-06 22:52 - 005680568 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\driver\win_driver_installer.exe
2016-07-09 11:05 - 2016-06-08 18:12 - 000416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-09 11:05 - 2016-06-08 18:15 - 000130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 000158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 000050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-09 11:05 - 2016-06-08 18:15 - 000032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2018-06-06 21:32 - 2018-06-06 02:25 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libglesv2.dll
2018-06-06 21:32 - 2018-06-06 02:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libegl.dll
2016-10-07 13:18 - 2016-10-07 13:18 - 005971056 _____ () D:\Program Files\Sublime Text 3\sublime_text.exe
2016-10-07 13:18 - 2016-10-07 13:18 - 000672768 _____ () D:\Program Files\Sublime Text 3\plugin_host.exe
2018-04-25 12:08 - 2018-04-25 12:08 - 000254464 _____ () C:\Program Files (x86)\NordVPN\x86\Liberation.Native.Firewall.dll
2017-10-25 17:44 - 2018-03-14 14:05 - 001041344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-10-25 17:45 - 2018-03-14 14:04 - 081563584 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-02-26 20:03 - 2018-03-14 14:04 - 002478016 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libglesv2.dll
2018-02-26 20:03 - 2018-03-14 14:04 - 000125376 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\swiftshader\libegl.dll
2018-03-22 21:59 - 2018-03-14 14:05 - 000019904 _____ () c:\program files (x86)\nvidia corporation\nvstreamsrv\detoured.dll
2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 004969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2018-06-02 11:27 - 2018-06-01 20:02 - 002632480 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 001563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 001195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 005137696 _____ () D:\Program Files (x86)\Steam\libavcodec-57.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000695584 _____ () D:\Program Files (x86)\Steam\libavformat-57.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000351520 _____ () D:\Program Files (x86)\Steam\libavresample-3.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000847136 _____ () D:\Program Files (x86)\Steam\libavutil-55.dll
2018-03-21 21:50 - 2017-12-20 02:43 - 000783648 _____ () D:\Program Files (x86)\Steam\libswscale-4.dll
2018-06-02 11:27 - 2018-06-01 20:02 - 000979744 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-14 08:48 - 2016-07-04 23:17 - 000266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 001891672 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 001937752 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 18:14 - 2018-04-30 23:01 - 000095576 _____ () C:\Users\Jamie\AppData\Local\Discord\app-0.0.301\libegl.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 000091136 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 000224256 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 000200704 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2018-05-02 13:31 - 2018-05-23 13:54 - 009820504 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 13:31 - 2018-05-02 13:31 - 001530712 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 13:31 - 2018-05-02 13:31 - 000512856 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 13:31 - 2018-05-03 07:46 - 001578840 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-05-02 13:31 - 2018-05-02 13:31 - 002722648 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-05-02 13:31 - 2018-05-02 13:31 - 002760536 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 13:31 - 2018-05-02 13:31 - 001249112 _____ () \\?\C:\Users\Jamie\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-17 18:02 - 2018-05-01 08:32 - 000788256 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 083524384 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-10-14 08:48 - 2015-09-25 00:52 - 000119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 002253600 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2018-05-17 18:02 - 2018-05-14 20:39 - 000109856 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
2016-03-16 01:54 - 2016-03-16 01:54 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\AppData:CSM [472]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-10-25 17:29 - 000000002 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jamie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "OBS Studio.lnk"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Razer Synapse"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NetBalancer"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "NordVPN"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{43280E25-5FDA-4220-A4AE-5002A736D28B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B004BAD1-39D2-44EB-B190-2075321C648C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB9ED71A-662C-455F-87E9-0A790C95A5EC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{37271229-BE7A-47BC-BFB4-8C54924854FF}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{05F9763A-ED1A-4A80-9C2E-0F779D2D7450}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F3BF32E7-1337-46D7-89C5-72D92A81628D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7E95E14-D16D-46B5-8867-574F60FA4F27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{234A17CE-C1FC-40E0-B9C2-8D307AEE884E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0EF71D9A-6EBD-4FB3-B8AF-6213F01C9E46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EE668382-30B4-4F1B-A1AF-8C150FDF1865}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{798A58B1-B109-4ADD-8381-426C0FBD0E7E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{245F0650-001A-4902-9819-648CD12269EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{D78D9F29-C391-4F4D-B44C-EB43EAD3BBF9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A1BEA2B7-CE10-4D6E-998D-BC5D4F4C7834}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{4D20DBF2-0C1E-432E-AC59-DAEBB9F28C6C}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68AD369D-B8A4-494F-83AA-1926FA3263D0}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AD5458E8-667C-458E-9FF4-2EB84ABF8C42}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [UDP Query User{12590890-1217-4AA1-A426-BD3B1C29EA3E}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [TCP Query User{5E966F72-502D-4C81-954D-A28DC77BE3F0}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{EB1D1430-426B-4945-A818-02E532AE9977}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4F823053-4909-4AB2-9291-BD68248ADF32}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A0DA01A-C88E-4EEE-A304-3B115F5AA62E}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{094A09AB-4776-424C-A2E2-C232E04F7705}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{1221CC45-8FA2-471E-9947-9E0C2BFF8D9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{75EA8C07-E02B-42B2-859D-2A041D76B6D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{EDEBF04E-4D77-4140-9642-0F8F955531FF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{ADD96FA6-B2C5-4E0A-8489-756CD795492C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{51905D0F-9C42-4DA6-A34E-896A36FEA620}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{9CC85030-5885-4EAF-81BD-3B47F7F17C6E}] => (Allow) C:\Users\Jamie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{A12C97BC-7E5A-4F0B-A47B-6B87058C1773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2127FAC9-E30B-4FB4-BDDC-07D661F068F5}] => (Allow) LPort=2869
FirewallRules: [{E696FF9E-C112-4FF2-BF34-6A7060266C46}] => (Allow) LPort=1900
FirewallRules: [{2D3695A1-326F-4523-9C8A-25B32C2DF4EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{598F6D8E-24E5-401A-84AA-05B79FC20419}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EAD2AF8-5037-4106-822E-74BF9CB3CED4}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{15DBF988-5F71-4099-B7B4-CCA393546DB5}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{2A8C7067-B59E-49EA-A540-10687AD386EE}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{C59428CB-1F85-4957-ADB6-F8B9C42FDA22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3D955DC0-0228-475A-8253-724E6E51F3C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{45E440E8-F608-4CF0-939B-62A2569FB968}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CA3EA36B-DBD2-4096-BD8E-7DC75DF0D7A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CDA5438B-5EBF-4CD0-8035-D806C3F6617A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{1D8DD10C-926F-41E7-B2E7-9F796956ECEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{5D70229B-081B-4E3F-9F6B-F3A85EA32D15}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{04DD16C0-B189-4C7A-A05A-9C79D0A1B256}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{35D6B5A8-BBC8-4BB4-8437-C37302CFE7DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{3AC0E794-A4BB-4258-8A73-9AAA95B7BCFB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{221061C7-8755-4DEF-8822-67CA3FE03698}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{31D892F4-9BBD-45B4-B1F1-DFBD1DE1BD3E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{CAEB01B5-C51A-461B-A739-C6AC5AB00FB8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6DBADAEC-90BF-4150-9699-A1ACE2670A65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{65BCB92C-B7A7-40AB-B562-618EAB4B0A7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EF547CEC-C447-49E3-9CD4-1389A4015C2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3A85E5E7-F1BB-4852-ABDF-C9C041DEC30D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3EAF9153-995F-4A07-9483-53C6687072DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66108248-7899-4FA5-9652-D0A501EA97D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{735D853C-757E-4787-A993-DB3669620016}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [UDP Query User{39BF3FC7-1DB0-4AAF-946E-062467332DA7}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [TCP Query User{3D306803-4323-4135-B7AB-1A884466D43D}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{6272F8B5-5F4F-49A3-A028-7F2D061D22CA}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{B48D565B-1064-4A1E-B333-4F807DA52358}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{ACDD4940-14C5-4278-B928-392B3C2497B6}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{716510F5-2508-4E63-B021-D8FAB54E4A5E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{8A6DE1DC-7909-45AB-94DD-57F285AC9C7A}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{213D75CB-C013-4ECF-BA3E-11B2401C297B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4C95CAF3-85C6-4037-B23F-567A834C79FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3493E0EA-612A-465C-99FA-1F7FF368B1DD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BF2208F8-467B-4B5D-B728-6F4D65D12F35}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97BBEDEF-967C-4D34-B438-D9971445F5AC}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5B116891-FCD2-4BEA-A423-C0E475A24859}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1D6B41D-31AB-4D7B-B7D8-56D468FE1E35}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{361D7308-9B4B-4728-8920-C023FB8D020A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0525ABC2-2A74-4AF9-9A48-D7ABDEA9620A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{033CE73D-8BA2-4C62-96F7-1FE59B88B3BB}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{828E9277-E9B4-44FD-9688-53005615BAA0}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{E1920F54-4271-4054-88D8-985EA69CD803}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{5A5B3439-AB38-4242-B4C9-8457B117B963}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63F895A9-84B3-450E-943E-D7D51B2848F4}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{14A970D5-009F-4E35-9A24-A8380BE6568C}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A8888945-DFBA-4060-9078-E193C4EF79EA}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4331BA20-7EEB-41DF-A634-205837C07376}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{781F9E07-A98C-40E0-814B-317021B7FEB1}] => (Allow) C:\Users\Jamie\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{5DC4ACA9-1514-48D3-A39B-EB021E81B9D0}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{857A0648-8909-478B-ABC6-173A334FC21C}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{FE480A42-72FA-4680-A346-09753A5D8E1B}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{4C723CC6-37AE-496C-806A-D71D07B0F531}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{004115AC-3B0C-493C-B576-C89D3A280AFF}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{BF18A62D-0753-43EA-885C-1E5671905617}D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{D125098A-D45E-4A54-A218-8D9CDFF31E78}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{A8217E94-A114-4015-B913-609ED4AC54D9}C:\users\jamie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jamie\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C85FFB54-1D5A-4D33-ABF6-2BE90B03AA04}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{49284333-C5FE-43C9-B509-3530F0DFCBF3}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [TCP Query User{20514E74-B1ED-4E12-B373-D9D65809E67E}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [UDP Query User{083B28D4-19AD-4706-96C1-6281CE1CF523}D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
FirewallRules: [TCP Query User{C9BFA25B-EB89-49B1-809E-7EC8B093BD8E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{0D38522F-6E81-42C7-B8DF-09AD3ABA1986}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [TCP Query User{D188A311-7968-454B-B336-59DFA84F89B4}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{EAB7083F-9E7A-42FA-99F1-30ACC6B4E114}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [{092F6539-E3A1-4160-A8CC-8FF1B73F4787}] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [{629124B9-D933-47CC-9F19-146EC4B85BB0}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{C873AF50-7F01-49B7-A231-51F945298243}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{B1921B5F-529F-47C9-8FB8-07C9A0923695}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{882CB9CF-6B7F-461C-9F39-688B4FFD3C4D}] => (Allow) D:\Program Files (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [TCP Query User{066E391E-7B51-4A71-B1CF-D8A00967F0A8}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [UDP Query User{F82AFCEE-4BC0-4018-998E-7CAEABA4E20B}D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3server.exe
FirewallRules: [{BEE18A40-9D97-4ABD-B3CF-8A0B67B44C99}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{7BDE513E-B80B-4C92-95AE-108D37CA8078}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
FirewallRules: [{533F98D3-5FFC-443B-A1E1-F389F63FDB20}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F8512BAC-C8C3-4803-9AA7-77BAE031BD21}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4F35148F-8003-4C70-A9FA-143CA8F942CD}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3E2F95E2-048C-42F1-A9D7-EC059139AF44}] => (Allow) C:\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{488A0425-5FE3-4C17-8BBF-D5001D835247}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [UDP Query User{82EFAD9D-999E-4D0E-B86E-D1272FB4607F}C:\steam\steamapps\common\arma 3\arma3_x64.exe] => (Allow) C:\steam\steamapps\common\arma 3\arma3_x64.exe
FirewallRules: [TCP Query User{9DC5ED78-5D04-48D0-9FA7-EA29BF5896BE}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{2E3A6978-5338-4EF3-8911-6AAB0CAFB966}D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{AE0AC452-CA04-4D70-BB2D-9E8E43835B29}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{4C481E7A-CAD8-4F15-8EE9-793A3092D017}D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) D:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{7B21009D-D772-4400-A683-9E08F4FC515F}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{23FC5D17-D74C-4239-AAA8-48578A9DA88D}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe
FirewallRules: [{BB664711-245B-44BD-9817-169ECC150999}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{A5EC0E0E-627E-4F3F-941E-08A06536AE9C}] => (Allow) D:\Program Files\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [TCP Query User{230DF51C-9434-405B-BFE7-789798CCF1F6}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{A69E820D-3E7D-4328-94F5-AF0E93D30807}D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) D:\program files\epic games\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [TCP Query User{3D5F118E-1F63-449D-BB15-B9459D9088AF}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe
FirewallRules: [UDP Query User{08218CD5-D1B5-47CA-990E-FB41E8C3F3E5}C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe] => (Allow) C:\users\jamie\appdata\local\webtorrent\app-0.18.0\webtorrent.exe
FirewallRules: [{22C9C27D-2849-4B43-880E-273F86214724}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{A6568B11-F2FE-4950-BDFA-775ABC1026BB}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned_BE.exe
FirewallRules: [{BB8DA272-8E7E-42CB-828A-AB67873BD5F9}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{9B97AA94-89EC-4754-B2FE-2BB3AC604DF0}] => (Allow) C:\Steam\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{FC07EE0D-77DD-4957-97D8-73C6ACE0D514}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe
FirewallRules: [{1DFFB3ED-B4EF-423D-9F1B-8EAFF89386A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Hand Simulator\Hand Simulator.exe
FirewallRules: [{802848D8-4719-401B-957D-5F4429A42998}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{6A3CF025-CBDC-45B3-827E-375EF0A24E08}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix.exe
FirewallRules: [{7D366F10-ED1A-4E95-90FE-53E1E78E3E73}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{519D1C13-EBE4-452F-A54C-359390757C6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSix_BE.exe
FirewallRules: [{CAE475F6-34DF-433D-A607-A44620F17A56}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [{FBDD785F-AE5E-4A80-AE91-FAB8BF3481E6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\SNOW\Bin64\playSNOW.exe
FirewallRules: [TCP Query User{E90F7430-8330-48ED-A7A8-2B31A18F9F92}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{6348B783-2B4C-484C-BB83-4A31586DABAC}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{FF9C7F6B-C58E-4FB4-897D-9FCBE3C7B58C}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{B0117A2E-2EC7-4F22-A292-0E9EF3C3EA5B}D:\program files (x86)\mozilla firefox\firefox.exe] => (Block) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{9B1C6C9E-F85E-4305-92D1-B82D31AB1C37}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [UDP Query User{16E14B08-9E63-401C-8106-44DF17D6F517}C:\program files (x86)\windscribe\wsappcontrol.exe] => (Allow) C:\program files (x86)\windscribe\wsappcontrol.exe
FirewallRules: [{A254CEB6-7F57-4F5B-815B-CBE0B376B360}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{15C4A018-F9C8-4920-9DD9-41E732A536DA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\H1Z1_BE.exe
FirewallRules: [{93530B40-F7F8-4673-9A39-3C0A4785BDBC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85B192EF-23F1-4D7A-8B79-F175E276EA8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{782DF227-C230-4394-AE52-6BC12ED79DF2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AD490B2E-6603-4F57-80AC-8B32A46D6B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7724A776-72CB-43C0-AB77-725C8CFA6FF6}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{857D1CBC-2297-46A5-A9EC-C8E9C64F39B5}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [TCP Query User{3D890B6B-C098-45BF-B0CB-994EA0924A8B}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [UDP Query User{548E0E4D-B0B3-4091-81BD-9F62BA1E496D}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [{83BD2FE1-1838-4BFF-BA4B-6C3B9AA02FC0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{38B7AE44-B970-4525-B439-0F1D6DF67815}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{3CCB8C94-599E-4EC2-AE03-CB480A062217}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [{B9272BE8-E732-48F9-8E52-D29CBB577567}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Deceit\bin\win_x64\Deceit.exe
FirewallRules: [TCP Query User{087F2CE9-4B88-4E24-BF3A-AAD5513ECBEF}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe
FirewallRules: [UDP Query User{FBADBFA1-70CF-4295-BDA1-58F2F4D45A73}D:\program files\solidworks\swscheduler\dtsmonitor.exe] => (Block) D:\program files\solidworks\swscheduler\dtsmonitor.exe
FirewallRules: [TCP Query User{5659484D-2477-4881-B1A6-3EA36BE1467C}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [UDP Query User{7443F57F-6C6D-4B79-AB68-8A31F40B0D46}D:\overwatch\overwatch.exe] => (Allow) D:\overwatch\overwatch.exe
FirewallRules: [{8CAE3CF9-DC6A-4625-8C81-4F3DF424D88D}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8EF54A42-A0D6-4264-85E7-95BEF4D9F30A}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{F0728078-5C09-40F4-AF8C-97279CBAF06B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{615C2929-2C6B-4C17-840B-F94C0DB03646}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{B7771F36-2733-4AD5-B20F-D700150A3DF3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
05-06-2018 15:30:41 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
05-06-2018 15:30:47 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
07-06-2018 18:50:42 Installed DirectX
==================== Faulty Device Manager Devices =============
Name: 690LC
Description: 690LC
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/07/2018 01:11:36 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (06/06/2018 02:23:22 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
Error: (06/05/2018 06:45:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: obs64.exe, version: 0.0.0.0, time stamp: 0x59f0e828
Faulting module name: MSVCR120.dll, version: 12.0.21005.1, time stamp: 0x524f83ff
Exception code: 0xc0000409
Fault offset: 0x0000000000074a30
Faulting process ID: 0x23e8
Faulting application start time: 0x01d3fceb254a4461
Faulting application path: D:\Program Files (x86)\obs-studio\bin\64bit\obs64.exe
Faulting module path: C:\Windows\SYSTEM32\MSVCR120.dll
Report ID: 2d8ec43f-68e8-11e8-82e6-d8cb8a318c74
Faulting package full name:
Faulting package-relative application ID:
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service aswbIDSAgent since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswVmm.
System Error:
The system cannot find the file specified.
.
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
System Error:
The system cannot find the file specified.
.
Error: (06/05/2018 03:30:49 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswMonFlt.
System Error:
The system cannot find the file specified.
.
System errors:
=============
Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/07/2018 06:49:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
Error: (06/07/2018 02:29:52 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (06/07/2018 02:29:22 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (06/07/2018 01:31:55 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (06/07/2018 01:31:25 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Error: (06/07/2018 12:52:18 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
Error: (06/07/2018 12:51:48 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-06-07 13:33:34.511
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {E1E9627E-9B81-4485-9E04-F36C034C0793}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-07 12:52:53.570
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A034E8E0-854F-402D-8094-A62F4F15FF67}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-07 11:55:07.593
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {12E137EC-33E8-425C-88A6-8529A170699F}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-06 02:24:51.012
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {05B6D9DD-AB67-4C2B-9794-FFEC9A446119}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-05 17:56:40.524
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {23D42202-8E83-45E2-9F92-3E6240085120}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-06-01 10:32:10.520
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-01 10:32:10.520
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-06-01 10:32:10.520
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.269.148.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14901.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-04-12 16:34:08.834
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.265.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14700.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
Date: 2018-04-12 16:34:08.834
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.265.515.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14700.5
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
==================== Memory info ===========================
Processor: Intel® Core i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 16279.26 MB
Available physical RAM: 12134.22 MB
Total Virtual: 20887.26 MB
Available Virtual: 15866.49 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:57.59 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:426.73 GB) NTFS
\\?\Volume{3fad585b-9665-4141-80f4-c6d4b5b1ed84}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================