Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018 Ran by Anne Hedonia (06-03-2018 07:27:33) Running from C:\Users\Anne Hedonia\Desktop Windows 10 Home Version 1709 16299.248 (X64) (2018-03-04 15:29:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1969818623-1811360263-1274306350-500 - Administrator - Disabled) Anne Hedonia (S-1-5-21-1969818623-1811360263-1274306350-1001 - Administrator - Enabled) => C:\Users\Anne Hedonia DefaultAccount (S-1-5-21-1969818623-1811360263-1274306350-503 - Limited - Disabled) Guest (S-1-5-21-1969818623-1811360263-1274306350-501 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1969818623-1811360263-1274306350-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.) Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Dell Data Vault (HKLM\...\{2E55EEFD-2162-4A7D-9158-EDB0305603A6}) (Version: 4.4.2.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{7294961D-6EC1-4418-9017-0180A0C78A91}) (Version: 3.2.1006.0 - Dell Products, LP) Dell Help & Support (HKLM\...\{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Hidden Dell Help & Support (HKLM-x32\...\InstallShield_{E8669F4E-F2BE-48A9-B5A5-0BC12CA4CB4F}) (Version: 2.4.18.0 - Dell Inc.) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.668 - Dell) Dell SupportAssist Remediation (HKLM\...\{EEB1E6AD-5E5E-46C0-B60C-BF208CE755A3}) (Version: 3.1.1.3834 - Dell Inc.) Hidden Dell SupportAssist Remediation (HKLM-x32\...\{61737d36-07ae-47a4-a2f5-3f2979f77e50}) (Version: 3.1.1.3834 - Dell Inc.) Dell SupportAssistAgent (HKLM\...\{8D7B279C-A661-465C-9658-F62FBD6A6B91}) (Version: 2.1.3.5 - Dell) Dell Update - SupportAssist Update Plugin (HKLM\...\{2228BC43-73DA-4F9A-BEE6-8E9C15328513}) (Version: 3.1.1.3832 - Dell Inc.) Dell Update (HKLM-x32\...\{632610E3-5B12-403C-9C93-EF533ED1C113}) (Version: 1.10.5.0 - Dell Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 44.4.58 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.65.1 - Dropbox, Inc.) Hidden DSC/AA Factory Installer (HKLM\...\{F7A70D00-F283-45C8-B163-49EC365D7E27}) (Version: 1.3.6855.212 - PC-Doctor, Inc.) Hidden GlassWire 2.0 (remove only) (HKLM-x32\...\GlassWire 2.0) (Version: 2.0.91 - SecureMix LLC) Intel(R) Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10207.5567 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000010-0200-1033-84C8-B8D95FA3C8C3}) (Version: 20.10.0 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{2f5f8f8e-11d9-4c64-b002-b60607ac3a29}) (Version: 20.10.1 - Intel Corporation) iTunes (HKLM\...\{1D7D1271-5258-4F5A-B8C1-7176BF398782}) (Version: 12.7.3.46 - Apple Inc.) Malwarebytes version 3.4.4.2398 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.4.2398 - Malwarebytes) Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.8942.2 - Waves Audio Ltd.) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.9029.2167 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1969818623-1811360263-1274306350-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1969818623-1811360263-1274306350-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03062018071544254\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Mozilla Firefox 58.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 58.0.2 (x64 en-US)) (Version: 58.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 58.0.2 - Mozilla) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.9029.2167 - Microsoft Corporation) Hidden PP助手5.0 (HKLM-x32\...\PP助手5.0) (Version: 5.9.0.4112 - 广州爱禾网络技术有限公司) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.17.019 - Dell Inc.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7989 - Realtek Semiconductor Corp.) Realtek PC Camera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 10.0.14393.11242 - Realtek Semiconductor Corp.) SmartByte Drivers and Services (HKLM\...\{6B8F24C5-68BD-4169-94A4-133AF60A5606}) (Version: 1.1.511 - Rivet Networks) True Color (HKLM\...\{843D1B75-7A4E-4C8C-8348-BDF6C6EC3333}) (Version: 1.0.1.1 - Entertainment Experience LLC) Hidden True Color (HKLM-x32\...\{c38d939e-31d4-44fa-a07a-d28915046b7d}) (Version: 7.9.0.0 - Entertainment Experience) True Color XML Tables (HKLM\...\{EAE8B515-AC0E-46A8-AA41-CAD18E4094CD}) (Version: 7.10.0.0 - Entertainment Experience LLC) Hidden TrueColorXMLTables (HKLM-x32\...\{bf377b78-c440-4ce9-a962-2fde04e6d4cd}) (Version: 7.10.0.0 - Entertainment Experience) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9C4F3AF4-21D8-43BD-A69C-517BB96012CF}) (Version: 2.12.0.0 - Microsoft Corporation) Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.19.0.dll [2018-02-26] (Dropbox, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125183.inf_amd64_cb49708b33bad074\igfxDTCM.dll [2017-11-14] (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {302744C5-89C5-45E4-A376-05C76E75ED4F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation) Task: {3B0C79A3-BE36-4759-9726-A09646B3C167} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-09-14] (PC-Doctor, Inc.) Task: {483EC41D-059E-402C-A740-421DBC698F6D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-18] (Dropbox, Inc.) Task: {4AA9E329-D0BC-4431-A1C8-41C50C493577} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-10-11] (Intel(R) Corporation) Task: {5EDCAD29-0E12-4FBE-8B97-4FBFC9EA59F5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-04] (Microsoft Corporation) Task: {684E87B7-3949-4EC7-B433-3A3DA25FDD0F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-04] (Microsoft Corporation) Task: {897C55E4-7652-4AE4-B528-60ADEAEFE789} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-04] (Microsoft Corporation) Task: {9A2D7543-6F7C-420B-9452-270E8C5AF524} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-04] (Microsoft Corporation) Task: {9DE453D1-DCEC-4C23-9FC4-9E3485E8D60B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-03-04] (Microsoft Corporation) Task: {B4817069-CD81-4126-8178-5201069C940C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-02-18] (Dropbox, Inc.) Task: {BC23E492-5614-41A4-A56D-23598B971D70} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18022-0\MpCmdRun.exe [2018-03-04] (Microsoft Corporation) Task: {BD6212D5-CE9C-42AA-BA05-64F9FECA8238} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-12-22] (Dell Inc.) Task: {DFDD1E5C-0A30-4A38-8A83-8E1FCAA6A0A9} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-09-14] (PC-Doctor, Inc.) Task: {E3AA5FF3-3A0A-474E-AD85-382493E2DFB7} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [2017-09-25] (DELL) Task: {EA338606-7376-4757-A1A5-E8D4D685779E} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {ECD776CC-6360-4BAE-928C-ABF11DAD4CBD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-02-22] (Microsoft Corporation) Task: {F0E366F5-FA05-437A-BF32-AAD66CB709B1} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {F4FDB1D2-4A36-4CAA-A5A2-F55E5AE350E6} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2016-11-17] (Realtek Semiconductor) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help SupportWORKGROUP KLAUSVOMAC ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-09-29 07:41 - 2017-09-29 07:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-05-17 22:31 - 2016-05-17 22:31 - 000140288 _____ () C:\WINDOWS\system32\DPPPlugin.dll 2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-12-12 17:57 - 2016-12-12 17:57 - 000093072 _____ () C:\Program Files\TrueColor\TrueColorALS.exe 2018-03-04 19:57 - 2018-02-09 22:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2018-03-04 19:56 - 2018-02-09 22:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll 2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll 2018-03-06 06:23 - 2018-02-05 14:44 - 002299168 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll 2018-03-06 06:23 - 2018-03-01 10:31 - 002488608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2018-02-12 06:36 - 2018-02-12 06:36 - 000180688 _____ () C:\Program Files (x86)\GlassWire\EasyHook32.dll 2018-03-04 10:15 - 2018-02-26 05:24 - 000746312 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll 2018-03-04 10:15 - 2018-02-26 05:24 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll 2018-03-04 10:16 - 2018-02-26 05:24 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 001856864 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2018-03-04 10:16 - 2018-02-26 05:24 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000116184 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2018-03-04 10:16 - 2018-02-26 05:26 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2018-03-04 10:16 - 2018-02-26 05:27 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2018-03-04 10:16 - 2018-02-26 05:27 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd 2018-03-04 10:16 - 2018-02-26 05:27 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000087904 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd 2018-03-04 10:16 - 2018-02-26 05:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd 2018-03-04 10:16 - 2018-02-26 05:27 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2018-03-04 10:16 - 2018-02-26 05:24 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd 2018-03-04 10:16 - 2018-02-26 05:27 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2018-03-04 10:15 - 2018-02-26 05:26 - 000032608 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2018-03-04 10:15 - 2018-02-26 05:24 - 000293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2018-03-04 10:16 - 2018-02-26 05:26 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2018-03-04 10:16 - 2018-02-26 05:26 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL 2018-03-04 10:15 - 2018-02-26 05:26 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2018-03-04 10:16 - 2018-02-26 05:26 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2018-03-04 10:15 - 2018-02-26 05:26 - 000038216 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.pyd 2017-04-28 08:05 - 2017-04-28 08:05 - 000134008 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-11-21 13:50 - 2017-11-21 13:50 - 000134016 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll 2017-11-09 00:44 - 2017-11-09 00:44 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\255251FE => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\255251FE => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2017-03-18 15:03 - 2017-03-18 15:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03062018071544042\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03062018071544139\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-1969818623-1811360263-1274306350-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg HKU\S-1-5-21-1969818623-1811360263-1274306350-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-03062018071544254\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\dell\BlueLava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_RGB.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{8336BF13-4B58-4642-A01C-DEFDCBE01FC9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{F55D5C38-16FB-4E64-A159-D99B74567AEE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{058C65BA-57CD-4C2C-A8EE-AA59EA6059CD}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe FirewallRules: [{24D138E0-8103-4596-82E9-7A13A86D39B8}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe FirewallRules: [{13C7D4E7-D862-4533-A826-FC6B27C582D5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{F0B63F16-7CD5-4FCC-B120-86B4DA75731D}] => (Allow) c:\program files (x86)\glasswire\gwctlsrv.exe FirewallRules: [{DD34DCB8-68C3-4ADB-9DA9-3FFDEEF051A2}] => (Allow) c:\program files (x86)\glasswire\gwctlsrv.exe FirewallRules: [{46A2B972-FE13-4572-A3BE-68DFA61F4BCA}] => (Allow) c:\program files\mozilla firefox\firefox.exe FirewallRules: [{3C25425D-5831-4EE8-AB98-9ABB5F5F9BBF}] => (Allow) c:\program files\mozilla firefox\firefox.exe FirewallRules: [{391DAE84-6756-4BDB-ADD3-0ED612F1A3EA}] => (Allow) c:\program files\mozilla firefox\pingsender.exe FirewallRules: [{726502C0-B4A1-48E3-8F5F-9F964F920F61}] => (Allow) c:\program files\mozilla firefox\pingsender.exe FirewallRules: [{CEDC1FF3-9BC5-4973-A867-8FC8E8D4A9D0}] => (Allow) c:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedgecp.exe FirewallRules: [{14111F23-681D-4952-8BAD-599044478DB3}] => (Allow) c:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedgecp.exe FirewallRules: [{E195E898-A294-43D9-A67B-15780B943C4A}] => (Allow) c:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedge.exe FirewallRules: [{F7FDBE73-0E1B-4196-BA4E-A31988899AF5}] => (Allow) c:\windows\systemapps\microsoft.microsoftedge_8wekyb3d8bbwe\microsoftedge.exe FirewallRules: [{A416FA68-F9CF-41A6-AB13-8A199CC7C1AE}] => (Allow) c:\windows\system32\compattelrunner.exe FirewallRules: [{8E0FA06C-330A-454E-9B4B-339D8D4C1A88}] => (Allow) c:\windows\system32\compattelrunner.exe FirewallRules: [{4DD92295-9FAF-418C-A6F5-F0BBD42615B5}] => (Allow) c:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe FirewallRules: [{EE008E0E-FF9D-407D-82B3-8C8439149893}] => (Allow) c:\windows\systemapps\microsoft.windows.cortana_cw5n1h2txyewy\searchui.exe FirewallRules: [{D63D89BC-0A25-41B1-BE9A-EF8E063C9425}] => (Allow) c:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore.app.exe FirewallRules: [{8C89A211-09FE-44F4-8A7F-5CF7CCD21801}] => (Allow) c:\program files\windowsapps\microsoft.windowsstore_11701.1001.87.0_x64__8wekyb3d8bbwe\winstore.app.exe FirewallRules: [{27EEEFDA-D129-4050-AE63-976FA51BBDB6}] => (Allow) c:\program files (x86)\dropbox\update\dropboxupdate.exe FirewallRules: [{8E92D515-34D1-4A22-808C-A5A5CD53636C}] => (Allow) c:\program files (x86)\dropbox\update\dropboxupdate.exe FirewallRules: [{A376D470-DDED-4AB2-A4A1-9134229D4A79}] => (Allow) c:\program files\dell\supportassist\pcdrcui.exe FirewallRules: [{ADDF37DF-F37E-4E93-B316-97DE84DA5151}] => (Allow) c:\program files\dell\supportassist\pcdrcui.exe FirewallRules: [{0348E55D-DAED-43E5-9BB7-A23A623D2ACE}] => (Allow) c:\program files\dell\supportassist\updater\appupdater.exe FirewallRules: [{B845561B-06C5-4182-9D51-6355214D9F08}] => (Allow) c:\program files\dell\supportassist\updater\appupdater.exe FirewallRules: [{6CBCBE42-D1A6-4515-B079-FC98C054C6E7}] => (Allow) c:\windows\system32\werfault.exe FirewallRules: [{B2FFB5EA-7C6B-49EF-9A7D-9ACC7B2078A8}] => (Allow) c:\windows\system32\werfault.exe FirewallRules: [{BFCCE65F-9E9D-4915-A669-D0519DC8941F}] => (Allow) c:\program files\windows defender\msmpeng.exe FirewallRules: [{8E1BC5D1-B88B-4C53-BB9F-03AAC4434182}] => (Allow) c:\program files\windows defender\msmpeng.exe FirewallRules: [{73CE8907-94F0-40F8-A872-9B6CBE143D44}] => (Allow) c:\users\anne hedonia\appdata\roaming\pcdr\downloads\supportassistlauncher.exe FirewallRules: [{69D8B4EA-CC49-4FC8-8DA9-5D1C35F8FBA1}] => (Allow) c:\users\anne hedonia\appdata\roaming\pcdr\downloads\supportassistlauncher.exe FirewallRules: [{275B57F2-9F33-44BD-A5EB-E501A49EB369}] => (Allow) c:\windows\system32\wbem\wmiprvse.exe FirewallRules: [{D0E5350F-CCF4-4793-AE53-89D8AE33BF51}] => (Allow) c:\windows\system32\wbem\wmiprvse.exe FirewallRules: [{96F6CBF8-B6E6-41EF-A18D-DCDEA2A40D59}] => (Allow) c:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [{08489126-63D3-4992-A341-BDD45E4205B1}] => (Allow) c:\program files (x86)\dropbox\client\dropbox.exe FirewallRules: [{95B5292F-0A8E-4CBC-9C1A-796C4D56BD7E}] => (Allow) c:\windows\system32\wifitask.exe FirewallRules: [{31C280F3-F924-48E7-8B9B-93ED80AD9EBE}] => (Allow) c:\windows\system32\wifitask.exe FirewallRules: [{D6D3FB5F-6ABF-4BF2-AE13-0327D5CE056D}] => (Allow) c:\windows\system32\backgroundtaskhost.exe FirewallRules: [{C7543A0C-D0E2-44ED-8198-C8EEC7EADF26}] => (Allow) c:\windows\system32\backgroundtaskhost.exe FirewallRules: [{559E1EF1-F710-49B1-B820-C706C9C7BF5E}] => (Allow) c:\windows\system32\backgroundtransferhost.exe FirewallRules: [{56660BFA-1D9E-4ECD-A88F-5D378195C3BC}] => (Allow) c:\windows\system32\backgroundtransferhost.exe FirewallRules: [{C4FF2BA3-1212-46C5-87EA-7274A6514BB6}] => (Allow) c:\program files\malwarebytes\anti-malware\mbamservice.exe FirewallRules: [{04C2B686-090A-43AA-9648-94CAB02D9C08}] => (Allow) c:\program files\malwarebytes\anti-malware\mbamservice.exe FirewallRules: [{1008FC47-1CAC-4E68-BEDB-222BA9D97BE0}] => (Allow) c:\program files\rivet networks\smartbyte\smartbytenetworkservice.exe FirewallRules: [{CD133458-2B6B-4BEE-B246-8B921E5D3C32}] => (Allow) c:\program files\rivet networks\smartbyte\smartbytenetworkservice.exe FirewallRules: [{8ACACC0B-DD24-41CE-8105-D14C925BED28}] => (Allow) c:\program files\dell\supportassistagent\bin\supportassistautoupgrade.exe FirewallRules: [{4D3C2527-0940-4975-87EE-662D50C7CE82}] => (Allow) c:\program files\dell\supportassistagent\bin\supportassistautoupgrade.exe FirewallRules: [{CF88FAAE-6F8E-4BB8-9671-D2552BAF2A96}] => (Allow) c:\users\anne hedonia\appdata\local\temp\nsgd060.tmp\appupdater.exe FirewallRules: [{CEE513C2-5839-40B0-9026-F935880D6E06}] => (Allow) c:\users\anne hedonia\appdata\local\temp\nsgd060.tmp\appupdater.exe FirewallRules: [{C7762718-F60D-4E91-A59B-C0288291E66A}] => (Allow) c:\windows\system32\wermgr.exe FirewallRules: [{3AFDB10F-2A47-4587-A205-EC356CA51EE5}] => (Allow) c:\windows\system32\wermgr.exe FirewallRules: [{6C89ECED-BEB7-4BF4-8A4F-B39077B296E1}] => (Allow) c:\program files\dell\supportassistagent\bin\supportassistagent.exe FirewallRules: [{AF072554-15EE-44F4-A196-6113E7C6EADD}] => (Allow) c:\program files\dell\supportassistagent\bin\supportassistagent.exe FirewallRules: [{4DBB017D-4F77-42B6-B578-B6069BAD6F93}] => (Allow) c:\program files (x86)\dell update\dellupservice.exe FirewallRules: [{09B487D4-2C5C-4CF6-A9F5-6AE3E0AF3C62}] => (Allow) c:\program files (x86)\dell update\dellupservice.exe FirewallRules: [{2BCE050C-7741-4955-BEA7-5F32899E7C2F}] => (Allow) c:\windows\system32\installagentuserbroker.exe FirewallRules: [{89F9F79F-08ED-4843-A3A4-C690B7905A15}] => (Allow) c:\windows\system32\installagentuserbroker.exe FirewallRules: [{5F9FFBF0-75A1-4432-ACF2-BD2305A90E71}] => (Allow) c:\windows\system32\installagent.exe FirewallRules: [{C691D514-1679-4475-9781-3E3A1DB526B9}] => (Allow) c:\windows\system32\installagent.exe FirewallRules: [{826553F6-9D40-46BB-8EA4-23995F5B9542}] => (Allow) c:\program files\malwarebytes\anti-malware\mbamtray.exe FirewallRules: [{E5EEA743-1D01-400D-B828-2CB8415059BA}] => (Allow) c:\program files\malwarebytes\anti-malware\mbamtray.exe FirewallRules: [{28409CE9-615A-47C7-A2BF-E237A677C03B}] => (Allow) c:\program files\windowsapps\king.com.bubblewitch3saga_4.2.2.0_x86__kgqvnymyfvs32\wilbur.exe FirewallRules: [{61525E5B-CA2D-4487-8808-FAC1C53F4303}] => (Allow) c:\program files\windowsapps\king.com.bubblewitch3saga_4.2.2.0_x86__kgqvnymyfvs32\wilbur.exe FirewallRules: [{173C68BC-7704-49F1-9311-13105C95C7B3}] => (Allow) c:\windows\system32\runtimebroker.exe FirewallRules: [{13DC4A99-05DD-48E0-8A21-C57CBB080A62}] => (Allow) c:\windows\system32\runtimebroker.exe FirewallRules: [{90A196AF-D4CF-4F60-BED5-6A011F73E36C}] => (Allow) c:\program files\windowsapps\microsoft.minecraftuwp_1.2.1002.0_x64__8wekyb3d8bbwe\minecraft.windows.exe FirewallRules: [{45AA2248-A86A-4586-B259-1C74972EEB93}] => (Allow) c:\program files\windowsapps\microsoft.minecraftuwp_1.2.1002.0_x64__8wekyb3d8bbwe\minecraft.windows.exe FirewallRules: [{577A2D72-3A86-4E42-89D0-CE80878752C7}] => (Allow) c:\program files\malwarebytes\anti-malware\mbam.exe FirewallRules: [{139766F8-6916-42EE-A450-5564422DF005}] => (Allow) c:\program files\malwarebytes\anti-malware\mbam.exe FirewallRules: [{EE8A55FB-63A0-4D5A-9A10-37EDFCA75078}] => (Allow) c:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\whatsnew.store.exe FirewallRules: [{6726121E-8AF2-4F39-BEB2-4070012123E6}] => (Allow) c:\program files\windowsapps\microsoft.getstarted_4.5.6.0_x64__8wekyb3d8bbwe\whatsnew.store.exe FirewallRules: [{9EFF6E9D-C89D-452B-B2EB-BDD73AF5E492}] => (Allow) c:\program files (x86)\dell update\delluptray.exe FirewallRules: [{73772005-179B-46E1-B7B7-DCDC16A98292}] => (Allow) c:\program files (x86)\dell update\delluptray.exe FirewallRules: [{39860277-693A-4BBB-A0B2-852A655F1142}] => (Allow) c:\windows\system32\smartscreen.exe FirewallRules: [{AB66AECC-649B-4E90-9A65-1E5B9A10A278}] => (Allow) c:\windows\system32\smartscreen.exe FirewallRules: [{E3426C63-433A-415B-B953-BE0895EE6F75}] => (Allow) c:\users\anne hedonia\downloads\pphelper_5.9.0.4112_25pp_00018_1517903033_setup(1).exe FirewallRules: [{0530C5C7-FC37-4A2A-9F3E-FA7B377AEC57}] => (Allow) c:\users\anne hedonia\downloads\pphelper_5.9.0.4112_25pp_00018_1517903033_setup(1).exe FirewallRules: [{F1FFE134-B48E-42E1-8A3E-22C578E6E8E0}] => (Allow) c:\program files (x86)\pp助手5.0\pphelper5.exe FirewallRules: [{6DDCFA1B-D3DF-4ADE-81A1-D3D70A95F060}] => (Allow) c:\program files (x86)\pp助手5.0\pphelper5.exe FirewallRules: [{8D337696-49B8-448C-A987-653B89C02FEA}] => (Allow) c:\program files (x86)\pp助手5.0\adevicehelpermon.exe FirewallRules: [{BECE2B4D-DE5C-46F0-B6D8-CA2495591B62}] => (Allow) c:\program files (x86)\pp助手5.0\adevicehelpermon.exe FirewallRules: [{C417A72D-B35C-483F-A7ED-04266B3B9D81}] => (Allow) c:\program files (x86)\pp助手5.0\lu.exe FirewallRules: [{20013BEE-97D8-4625-84BA-56424E8992AF}] => (Allow) c:\program files (x86)\pp助手5.0\lu.exe FirewallRules: [{49377D6A-0D0F-4E0B-8A6B-23C202E9E2C1}] => (Allow) c:\users\anne hedonia\downloads\pphelper_5.9.0.4112_25pp_00020_1517903033_setup.exe FirewallRules: [{9746AF35-8FB3-40A0-8E26-488005C181CB}] => (Allow) c:\users\anne hedonia\downloads\pphelper_5.9.0.4112_25pp_00020_1517903033_setup.exe FirewallRules: [{C2CB365D-7273-4AE5-9045-93B5E90CEBFE}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18011-0\msmpeng.exe FirewallRules: [{CA666889-8956-4975-B451-149E247825A0}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18011-0\msmpeng.exe FirewallRules: [{CA7D0764-6942-49AB-B761-0A1DAF29CED9}] => (Allow) c:\windows\system32\msiexec.exe FirewallRules: [{17082336-4DB7-485A-93ED-B9D4CA0D2784}] => (Allow) c:\windows\system32\msiexec.exe FirewallRules: [{254C2446-A6C2-4654-9EBC-C659E3475C4C}] => (Allow) c:\program files\bonjour\mdnsresponder.exe FirewallRules: [{7590AEE9-3E7B-4EC5-B27C-9C235A39226E}] => (Allow) c:\program files\bonjour\mdnsresponder.exe FirewallRules: [{B52D2469-5454-4F9A-88F5-938D3ADC2C1E}] => (Allow) c:\program files\itunes\itunes.exe FirewallRules: [{57A61DAF-DE77-4358-AFA8-885AD69D9378}] => (Allow) c:\program files\itunes\itunes.exe FirewallRules: [{C1D365C4-17D9-418A-8CE3-B8763DEA0DA4}] => (Allow) c:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\hxtsr.exe FirewallRules: [{93BFA45E-05E1-4BC8-9291-0E73BF131E7A}] => (Allow) c:\program files\windowsapps\microsoft.windowscommunicationsapps_17.7906.42257.0_x64__8wekyb3d8bbwe\hxtsr.exe FirewallRules: [{8A7DF86E-05DB-47EA-9A04-BF95646D8838}] => (Allow) c:\program files\rivet networks\smartbyte\smartbytetelemetry.exe FirewallRules: [{03DB1CF2-BD30-4EF4-818C-0883D01D19EA}] => (Allow) c:\program files\rivet networks\smartbyte\smartbytetelemetry.exe FirewallRules: [{DA7909C0-1755-4491-81FA-F44D46C16900}] => (Allow) c:\program files\rempl\remsh.exe FirewallRules: [{3552398C-3308-42D0-BCE7-4114676980B4}] => (Allow) c:\program files\rempl\remsh.exe FirewallRules: [{58577DD2-AEE5-4849-8CC8-D3E4A13B92A3}] => (Allow) c:\windows\system32\w32tm.exe FirewallRules: [{7FA77026-9222-4D45-8BF7-942706817AEF}] => (Allow) c:\windows\system32\w32tm.exe FirewallRules: [{F375E19D-D1EE-463D-BCD8-DF8DA5236B2E}] => (Allow) c:\windows\system32\msfeedssync.exe FirewallRules: [{69D524B6-D611-4820-A05C-4B94EAF4E4F9}] => (Allow) c:\windows\system32\msfeedssync.exe FirewallRules: [{17E3B6FD-BA16-46F2-9633-BF4F75E5FE7B}] => (Allow) c:\windows\system32\taskhostw.exe FirewallRules: [{477DD44E-8A3F-4DFA-8B2A-76B033D32C69}] => (Allow) c:\windows\system32\taskhostw.exe FirewallRules: [{495EC5BF-72A9-448E-9E38-D69B72BC96BD}] => (Allow) c:\windows\system32\browser_broker.exe FirewallRules: [{C04F64E1-A4C6-4CAD-B97E-9C60222414E1}] => (Allow) c:\windows\system32\browser_broker.exe FirewallRules: [{A0631B17-1D23-4A42-A00F-2D7E5387D699}] => (Allow) c:\program files\rivet networks\smartbyte\speedtest.exe FirewallRules: [{899BFEEC-643B-4D29-BF82-81244FC0C8E9}] => (Allow) c:\program files\rivet networks\smartbyte\speedtest.exe FirewallRules: [{EEC78D27-BD31-4543-BF67-057119153E22}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe FirewallRules: [{7163EF15-E004-4A5F-B6F2-2B262CB72AAD}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe FirewallRules: [{D1FD2A74-5962-4E60-A77A-961412B155E7}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\updates\16.0.9001.2138\officeclicktorun.exe FirewallRules: [{7706A783-3061-426C-95E3-F4478FBA8F4B}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\updates\16.0.9001.2138\officeclicktorun.exe FirewallRules: [{9FE58E41-A9EA-4BC5-B96C-AB2C49E9D1CF}] => (Allow) c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe FirewallRules: [{E3E006F8-7F01-4F9E-B2C1-DEFBBB244017}] => (Allow) c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe FirewallRules: [{A1ED5ABB-D57F-4516-B144-F15D5707168B}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18011-0\mpcmdrun.exe FirewallRules: [{49A3F613-0F9B-44D6-86D6-A4EDF8FE9D41}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18011-0\mpcmdrun.exe FirewallRules: [{F6A4662E-36B7-47C9-BF7F-65DF8090B477}] => (Allow) c:\program files (x86)\microsoft office\root\integration\integrator.exe FirewallRules: [{513E8814-F8F7-446F-91EE-93875382E130}] => (Allow) c:\program files (x86)\microsoft office\root\integration\integrator.exe FirewallRules: [{946135EF-0C01-4091-A887-7D7BDFE13D85}] => (Allow) c:\users\anne hedonia\downloads\esetonlinescanner_enu(3).exe FirewallRules: [{7F6B9953-8CBD-45D5-AD4F-9ACC5B83C2C4}] => (Allow) c:\users\anne hedonia\downloads\esetonlinescanner_enu(3).exe FirewallRules: [{D571FA6B-362B-4417-8B61-B66A0371A492}] => (Allow) c:\users\anne hedonia\downloads\adwcleaner_7.0.8.0.exe FirewallRules: [{8A8A1FE8-5FE2-41C7-BB20-E526FA746F24}] => (Allow) c:\users\anne hedonia\downloads\adwcleaner_7.0.8.0.exe FirewallRules: [{7B8D6D8A-81DC-4EFF-AAAD-6A3EC6B2F95B}] => (Allow) c:\users\anne hedonia\desktop\mbar\mbar.exe FirewallRules: [{8F255520-D327-4DF4-885B-7D3B98F40EDC}] => (Allow) c:\users\anne hedonia\desktop\mbar\mbar.exe FirewallRules: [{A2D2C813-7CB1-4AFD-B7B8-566C93F8E6CA}] => (Allow) c:\users\anne hedonia\appdata\local\temp\{0cde4d23-d1b0-413d-a26a-ff64019450d0}\{7e9126e5-b1e5-48d8-b78d-10dc13473dec}.exe FirewallRules: [{806CEDCC-5EEC-4855-B0BA-118C8D9BF26A}] => (Allow) c:\users\anne hedonia\appdata\local\temp\{0cde4d23-d1b0-413d-a26a-ff64019450d0}\{7e9126e5-b1e5-48d8-b78d-10dc13473dec}.exe FirewallRules: [{245F58D1-A01B-4523-83D1-C91A31BF1D91}] => (Allow) c:\windows\syswow64\werfault.exe FirewallRules: [{F92D5F1B-CB24-4E99-8E11-F917B5341053}] => (Allow) c:\windows\syswow64\werfault.exe FirewallRules: [{F5D029F7-7FA2-4B54-9CCC-621AC4812B9D}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe FirewallRules: [{600A9E9F-6807-4E76-9030-406119169826}] => (Allow) c:\program files\common files\microsoft shared\clicktorun\officec2rclient.exe FirewallRules: [{7363A576-5C11-4F16-9272-C6F469DA2F8C}] => (Allow) c:\program files (x86)\dell digital delivery\deliveryservice.exe FirewallRules: [{FA98B914-6D5E-44D5-9A0C-55E74856048F}] => (Allow) c:\program files (x86)\dell digital delivery\deliveryservice.exe FirewallRules: [{FC45BD13-456F-422D-990A-9E4DF82F633E}] => (Allow) c:\windows\system32\mpsigstub.exe FirewallRules: [{39A56A81-6B63-4087-87EA-0FFFDC4F15BB}] => (Allow) c:\windows\system32\mpsigstub.exe FirewallRules: [{0041AF03-E7A5-4700-9C7E-A9C8A5D7E2A4}] => (Allow) c:\program files\windowsapps\microsoft.windows.photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\microsoft.photos.exe FirewallRules: [{5C9255D5-4EB7-436C-BCA1-F6F60EBB8B9F}] => (Allow) c:\program files\windowsapps\microsoft.windows.photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\microsoft.photos.exe FirewallRules: [{309E009B-405C-444E-A0DD-AE1CF0671A71}] => (Allow) c:\program files\dell\saremediation\agent\dellsupportassistremedationservice.exe FirewallRules: [{7D9796D2-9E12-4598-A42E-BCFF48A77D38}] => (Allow) c:\program files\dell\saremediation\agent\dellsupportassistremedationservice.exe FirewallRules: [{D94AC153-A0DE-4DFE-97D6-E77C4AD77CE6}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18022-0\mpcmdrun.exe FirewallRules: [{D20A81C6-921A-414E-A76E-EFA877753BCC}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18022-0\mpcmdrun.exe FirewallRules: [{47FDE08C-B13D-4F5D-9085-0568E16D3F37}] => (Allow) c:\windows\system32\dmclient.exe FirewallRules: [{4022E96F-FAD4-4687-8266-7BACE2F2237B}] => (Allow) c:\windows\system32\dmclient.exe FirewallRules: [{3984F9FA-9658-4784-8CF9-F6E45436828E}] => (Allow) c:\program files\windowsapps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\hxtsr.exe FirewallRules: [{17E00854-17F4-477A-8F9C-5BE1207E670E}] => (Allow) c:\program files\windowsapps\microsoft.windowscommunicationsapps_17.9029.21675.0_x64__8wekyb3d8bbwe\hxtsr.exe FirewallRules: [{D31D11AF-185D-4CBC-A0B0-15C68889024C}] => (Allow) c:\programdata\dell\drivers\0090f2d6-ad7c-43e0-888e-2717bee169d8\setup.exe FirewallRules: [{0372F7C4-1830-47DA-ACD2-2DC41DBCCB3A}] => (Allow) c:\programdata\dell\drivers\0090f2d6-ad7c-43e0-888e-2717bee169d8\setup.exe FirewallRules: [{4DAF6339-0506-4245-819B-DE10ED6022A0}] => (Allow) c:\program files\intel\icls client\intelpttekrecertification.exe FirewallRules: [{BFDFE4DB-F41E-4F75-AB98-CCEC80280C53}] => (Allow) c:\program files\intel\icls client\intelpttekrecertification.exe FirewallRules: [{E855715B-BE8C-495D-901D-17C90AE435DE}] => (Allow) c:\users\anne hedonia\downloads\esetonlinescanner_enu(4).exe FirewallRules: [{8EE6A2E9-37F2-433E-94F2-0FA5B96D97FC}] => (Allow) c:\users\anne hedonia\downloads\esetonlinescanner_enu(4).exe FirewallRules: [{79050E10-FE4A-4246-B987-C067A18A9A78}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18022-0\msmpeng.exe FirewallRules: [{5931792E-220E-41DF-ACE1-986A6C913C21}] => (Allow) c:\programdata\microsoft\windows defender\platform\4.12.17007.18022-0\msmpeng.exe FirewallRules: [{3E852C4C-2556-420E-AE56-2DBA2279CAF2}] => (Allow) c:\program files\dell\saremediation\agent\postonce.exe FirewallRules: [{F6B03A2A-390D-4A44-AF93-1E34E4DC9F00}] => (Allow) c:\program files\dell\saremediation\agent\postonce.exe FirewallRules: [{91049173-B413-4CFF-A7EF-1C24515CBAE5}] => (Allow) c:\windows\system32\speech_onecore\common\speechmodeldownload.exe FirewallRules: [{9CA8320D-68ED-4E71-9798-110091B8A527}] => (Allow) c:\windows\system32\speech_onecore\common\speechmodeldownload.exe FirewallRules: [{41BC5150-E7EB-4FB3-95BB-F8160070BED4}] => (Allow) c:\windows\system32\mrt-kb890830.exe FirewallRules: [{669BF493-6579-41B2-9A20-BC2EE8C7E170}] => (Allow) c:\windows\system32\mrt-kb890830.exe FirewallRules: [{1A57ADCB-B68F-49EE-B5CE-763529C6F667}] => (Allow) c:\windows\system32\speech_onecore\common\speechruntime.exe FirewallRules: [{64F44860-4D9E-47D1-823A-AE13166E3049}] => (Allow) c:\windows\system32\speech_onecore\common\speechruntime.exe FirewallRules: [{61750ADB-55D9-40D9-B76C-0105B226F6B8}] => (Allow) c:\windows\immersivecontrolpanel\systemsettings.exe FirewallRules: [{84A9BA6A-D5E5-4610-974A-3F3634FA5DAE}] => (Allow) c:\windows\immersivecontrolpanel\systemsettings.exe FirewallRules: [{9CA99442-CDF8-4417-AF45-B536DB27FBC9}] => (Allow) c:\users\anne hedonia\desktop\frst64.exe FirewallRules: [{A77A5BA9-81E2-47EE-AAE7-1B3A7DD66845}] => (Allow) c:\users\anne hedonia\desktop\frst64.exe ==================== Restore Points ========================= 04-03-2018 19:52:49 Windows Update 06-03-2018 06:37:42 finally ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/06/2018 06:14:59 AM) (Source: Dell System Detect) (EventID: 0) (User: ) Description: System.Net.WebException127.0.0.1 Error: (03/06/2018 06:09:01 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (03/06/2018 06:03:32 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (03/06/2018 06:03:01 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (03/06/2018 06:01:00 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (03/06/2018 06:01:00 AM) (Source: Perflib) (EventID: 1010) (User: ) Description: The Collect Procedure for the "C:\Windows\System32\winspool.drv" service in DLL "Spooler" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code. Error: (03/06/2018 06:01:00 AM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (03/06/2018 06:00:59 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. System errors: ============= Error: (03/06/2018 07:07:12 AM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{8FE1FF02-E8F5-460D-A73B-BF9C83E5894B} because another computer on the network has the same name. The server could not start. Error: (03/06/2018 06:35:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (03/06/2018 06:26:32 AM) (Source: Netwtw04) (EventID: 5007) (User: ) Description: 5007 - TX/CMD timeout (TfdQueue hanged) Error: (03/06/2018 06:26:32 AM) (Source: Netwtw04) (EventID: 5007) (User: ) Description: 5007 - TX/CMD timeout (TfdQueue hanged) Error: (03/06/2018 06:20:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (03/06/2018 06:16:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Data Vault Wizard service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (03/06/2018 06:16:32 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Dell Data Vault Wizard service to connect. Error: (03/06/2018 06:14:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Dell Data Vault Wizard service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Windows Defender: =================================== Date: 2018-03-06 06:02:03.748 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.146.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-03-06 06:02:03.748 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 0.0.0.0 Update Source: Microsoft Malware Protection Center Signature Type: Network Inspection System Update Type: Full Current Engine Version: Previous Engine Version: 0.0.0.0 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-03-06 06:02:03.742 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.146.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-03-06 06:02:03.742 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.146.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiSpyware Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved Date: 2018-03-06 06:02:03.742 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.263.146.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14600.4 Error code: 0x80072ee7 Error description: The server name or address could not be resolved CodeIntegrity: =================================== Date: 2018-03-06 07:19:18.354 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 07:19:18.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 07:03:58.940 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 07:03:58.937 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 06:47:58.371 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 06:47:58.368 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 06:31:04.628 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. Date: 2018-03-06 06:31:04.625 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-7500U CPU @ 2.70GHz Percentage of memory in use: 37% Total physical RAM: 12186.72 MB Available physical RAM: 7573.02 MB Total Virtual: 14618.72 MB Available Virtual: 10058.66 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:917.47 GB) (Free:826.9 GB) NTFS Drive d: (TAILS 3.5 - 2018) (CDROM) (Total:1.13 GB) (Free:0 GB) CDFS \\?\Volume{616b7e53-28ed-4eb5-aa1d-7db649a3b873}\ (ESP) (Fixed) (Total:0.48 GB) (Free:0.42 GB) FAT32 \\?\Volume{3407ee88-7c82-42bd-9004-a947ca4036c3}\ (WINRETOOLS) (Fixed) (Total:0.45 GB) (Free:0.05 GB) NTFS \\?\Volume{840e64c6-4e46-46b3-a677-cd15925b2fe0}\ (Image) (Fixed) (Total:11.86 GB) (Free:0.18 GB) NTFS \\?\Volume{5905a6e2-ef6e-48f0-81d2-7c952eb19413}\ (DELLSUPPORT) (Fixed) (Total:1.12 GB) (Free:0.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 495411F3) Partition: GPT. ==================== End of Addition.txt ============================