Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2019 Ran by Steve (19-11-2019 17:35:28) Running from C:\Users\Steve\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2009-12-29 00:37:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Admin (S-1-5-21-4104090456-942970366-3307904469-1004 - Administrator - Enabled) => C:\Users\Admin Administrator (S-1-5-21-4104090456-942970366-3307904469-500 - Administrator - Disabled) Guest (S-1-5-21-4104090456-942970366-3307904469-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4104090456-942970366-3307904469-1002 - Limited - Enabled) Regina (S-1-5-21-4104090456-942970366-3307904469-1001 - Limited - Enabled) => C:\Users\Regina Steve (S-1-5-21-4104090456-942970366-3307904469-1003 - Administrator - Enabled) => C:\Users\Steve ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\{E7C97E98-4C2D-BEAF-5D2F-CC45A2F95D90}) (Version: 2.3.0 - Adobe Systems Incorporated) Hidden Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.3.0.0 - Adobe Systems Incorporated) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.293 - Adobe) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe) Adobe Photoshop Elements 8.0 (HKLM-x32\...\Adobe Photoshop Elements 8.0) (Version: 8.0 - Adobe Systems Incorporated) Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 3.02 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft) ATI Catalyst Install Manager (HKLM\...\{F9F4430E-80DE-EC0F-BF8E-476352C8F954}) (Version: 3.0.765.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software) Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 77.1.1831.91 - AVAST Software) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.5.245.0 - AVAST Software) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.50.854.0 - Logitech) Hidden ccc-core-static (HKLM-x32\...\{394F1B21-1FA4-DDE1-C00B-0A3EEA1A94D1}) (Version: 2010.0310.1824.32984 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.60 - Piriform) ChromecastApp (HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden FrostWire 4.21.1 (HKLM-x32\...\FrostWire) (Version: 4.21.1.0 - FrostWire Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.97 - Google LLC) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5434.08 - PC-Doctor, Inc.) Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden High-Definition Video Playback 10 (HKLM-x32\...\{237CCB62-8454-43E3-B158-3ACD0134852E}) (Version: 7.0.11000.25.1 - Nero AG) Hidden HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.12286.3436 - Hewlett-Packard) HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP) HP Easy Backup (HKLM-x32\...\{67431FA8-4B89-42DD-A68E-30D77F6C8D99}_is1) (Version: 1.0.8.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent) HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP) HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3420 - Hewlett-Packard) HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard) HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.1.3601 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard) HP OfficeJet Pro 8710 Basic Device Software (HKLM\...\{B4398909-31F1-4889-8314-6464C5F7CCA1}) (Version: 40.11.1148.17181 - HP Inc.) HP OfficeJet Pro 8710 Help (HKLM-x32\...\{92B8A892-1D92-407A-BF5E-26DCE71B9B12}) (Version: 38.0.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Photo Creations (HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\HP Photo Creations) (Version: 1.0.0.22082 - HP) HP Photosmart 7510 series Basic Device Software (HKLM\...\{24C7AD6B-F418-4D3B-B7F2-F3603FD720BF}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed) HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.8.24.33 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.13.42.1 - HP Inc.) HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HydraVision (HKLM-x32\...\{A7C0BB1A-1546-44D6-1BE0-FB0F84364787}) (Version: 4.2.162.0 - ATI Technologies Inc.) Hidden I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation) iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe) Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7230) - Logitech Inc..) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.) Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.) LWS VideoEffects (HKLM\...\{138A4072-9E64-46BD-B5F9-DB2BB395391F}) (Version: 13.30.1379.0 - Logitech) Hidden Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation) Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - ) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.) Mozilla Firefox 70.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-US)) (Version: 70.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.7.2 - Mozilla) Mozilla Thunderbird 60.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 60.9.1 (x86 en-US)) (Version: 60.9.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 10 ClipartPack (HKLM-x32\...\{96ED4B78-300E-4033-AE6C-C115CEB4DF07}) (Version: 10.0.10300.0.0 - Nero AG) Nero 10 Menu TemplatePack 1 (HKLM-x32\...\{42C8B7DF-FEB0-4D51-B169-506B6BEC5797}) (Version: 10.0.10300.0.0 - Nero AG) Nero 10 Menu TemplatePack 2 (HKLM-x32\...\{E712C273-7564-4C8E-AA59-0FA19BC35117}) (Version: 10.0.10300.0.0 - Nero AG) Nero 10 Menu TemplatePack 3 (HKLM-x32\...\{92146419-AE44-4C8B-A48B-0ABB1B5EC026}) (Version: 10.0.10300.0.0 - Nero AG) Nero 10 Movie ThemePack 1 (HKLM-x32\...\{43FBAB46-5969-4200-9958-1FF81FEE506F}) (Version: 10.0.10300.1.0 - Nero AG) Nero 10 Movie ThemePack 2 (HKLM-x32\...\{70F19404-B96C-4EBB-AD2B-3574F8736197}) (Version: 10.0.10300.1.0 - Nero AG) Nero 10 Sample ImagePack (HKLM-x32\...\{ACD15FDF-FC42-4175-B477-576F92FF2256}) (Version: 10.0.10300.0.0 - Nero AG) Nero 10 Sample Videos (HKLM-x32\...\{92A10E9D-EA00-4A46-8F22-EEA660992D61}) (Version: 10.0.10300.2.0 - Nero AG) Nero 8 Essentials (HKLM-x32\...\{523DF39E-DF7D-488F-8022-783946571033}) (Version: 8.10.135 - Nero AG) Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11100.14.101 - Nero AG) Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.10700.7.100 - Nero AG) Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.10600.9.100 - Nero AG) Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10500.7.100 - Nero AG) Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10400.4.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.10500.7.100 - Nero AG) Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10400.5.100 - Nero AG) Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.11000.6.100 - Nero AG) Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.11200 - Nero AG) Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10600.1.100 - Nero AG) Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10500.5.100 - Nero AG) Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10500.1.100 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.10500.4.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0012 - Nero AG) Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.10700.4.100 - Nero AG) Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10500.1.100 - Nero AG) NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.4.60.00 - NETGEAR Inc.) Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon) Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.1.0 - Nikon) PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) PowerRecover (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1931 - CyberLink Corp.) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.) Seagate DiscWizard (HKLM-x32\...\{AC5BFE42-B72A-467C-B9B2-8BF77C6D4D70}) (Version: 16.0.5840 - Seagate) Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.8.8855 - Skype Technologies S.A.) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.) SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VCRedistSetup (HKLM-x32\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (01/27/2014 9.0.0000.00000) (HKLM\...\9CA77E2A8332A0824C54DA611BBE4CA24AB1F750) (Version: 01/27/2014 9.0.0000.00000 - Google, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2007-09-24] (Nero AG -> Nero AG) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File ContextMenuHandlers1-x32: [NeroShellExt] -> {F764812A-132C-4013-9960-5CBBEB408A0E} => C:\Program Files (x86)\Common Files\Nero\NeroShellExt\NeroShellExt.dll [2010-02-22] (Nero AG -> Nero AG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers2-x32: [NeroShellExt] -> {F764812A-132C-4013-9960-5CBBEB408A0E} => C:\Program Files (x86)\Common Files\Nero\NeroShellExt\NeroShellExt.dll [2010-02-22] (Nero AG -> Nero AG) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File ContextMenuHandlers4-x32: [NeroShellExt] -> {F764812A-132C-4013-9960-5CBBEB408A0E} => C:\Program Files (x86)\Common Files\Nero\NeroShellExt\NeroShellExt.dll [2010-02-22] (Nero AG -> Nero AG) ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-03-10] (Advanced Micro Devices, Inc.) [File not signed] ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-02] (AVAST Software s.r.o. -> AVAST Software) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-11-14] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [176416 2012-01-18] (Logitech, Inc. -> Logitech Inc.) HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [307488 2012-01-18] (Logitech, Inc. -> Logitech Inc.) ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2010-06-29 23:12 - 2010-06-29 23:12 - 000036864 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000005632 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000018944 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000040960 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000028672 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000131072 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000061440 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000007680 _____ () [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll 2010-06-11 12:14 - 2010-03-03 19:08 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2016-03-02 20:17 - 2016-03-02 20:17 - 000136704 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\airprintdll.dll 2016-03-02 20:17 - 2016-03-02 20:17 - 000146944 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnoseDll.dll 2016-01-14 18:06 - 2016-01-14 18:06 - 000057344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DiagnosePlugin.dll 2016-02-22 00:25 - 2016-02-22 00:25 - 000116224 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\DragonNetTool.dll 2015-08-24 00:41 - 2015-08-24 00:41 - 002360622 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\libntgr_api.dll 2019-05-22 00:09 - 2019-05-22 00:09 - 000713728 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Genie.dll 2018-07-19 20:31 - 2018-07-19 20:31 - 000168448 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Airprint.dll 2018-07-19 20:31 - 2018-07-19 20:31 - 000591872 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Internet.dll 2019-05-15 00:07 - 2019-05-15 00:07 - 006903808 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Map.dll 2018-07-19 20:36 - 2018-07-19 20:36 - 002980352 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_MyMedia.dll 2019-05-15 00:07 - 2019-05-15 00:07 - 000967168 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_NetworkProblem.dll 2019-04-18 22:38 - 2019-04-18 22:38 - 001259520 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_ParentalControl.dll 2018-11-21 17:58 - 2018-11-21 17:58 - 011973632 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Resource.dll 2019-05-15 00:05 - 2019-05-15 00:05 - 002683392 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_RouterConfiguration.dll 2019-05-22 01:51 - 2019-05-22 01:51 - 000278528 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Statistics.dll 2019-05-22 00:14 - 2019-05-22 00:14 - 000888832 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Ui.dll 2018-11-20 02:34 - 2018-11-20 02:34 - 000422400 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\GeniePlugin_Wireless.dll 2018-12-12 02:36 - 2018-12-12 02:36 - 000633344 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_Update.dll 2018-07-19 20:33 - 2018-07-19 20:33 - 000433664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\InnerPlugin_WirelessExport.dll 2014-12-21 08:07 - 2014-12-21 08:07 - 000119822 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libgcc_s_dw2-1.dll 2014-12-21 08:07 - 2014-12-21 08:07 - 001026062 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libstdc++-6.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000111616 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlc.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 002285056 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libvlccore.dll 2016-03-02 20:17 - 2016-03-02 20:17 - 000074752 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\NetcardApi.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000219648 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\access\libdshow_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000049664 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libaout_directx_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\audio_output\libwaveout_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000051200 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\control\libhotkeys_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 001235456 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\misc\libxml_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000037376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\mmxext\libmemcpymmxext_plugin.dll 2012-06-27 14:23 - 2012-06-27 14:23 - 000070144 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\plugins\video_output\libdirectx_plugin.dll 2016-02-26 02:07 - 2016-02-26 02:07 - 000049152 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\QRCode.dll 2016-08-15 00:28 - 2016-08-15 00:28 - 001125888 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\qwt.dll 2019-05-22 00:13 - 2019-05-22 00:13 - 001701376 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SvtNetworkTool.dll 2016-03-02 20:17 - 2016-03-02 20:17 - 000072192 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\SVTUtils.dll 2016-01-14 18:23 - 2016-01-14 18:23 - 000026112 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupApiPlugin.dll 2016-04-11 22:13 - 2016-04-11 22:13 - 000067072 _____ () [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\WSetupDll.dll 2019-05-16 02:39 - 2019-05-16 02:39 - 000170496 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\9109216ecdcf9ae71a57b08b84995d99\IsdiInterop.ni.dll 2009-08-20 13:34 - 2009-08-20 13:34 - 000033792 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSLog.dll 2009-08-20 13:34 - 2009-08-20 13:34 - 000110592 _____ (Hewlett-Packard Company) [File not signed] c:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonInterfaces.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000147456 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CommonUtility.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000032768 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Content.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000253952 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCHealthSecurity\PCHealthSecurityPillar.dll 2010-06-29 23:12 - 2010-06-29 23:12 - 000143360 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\SystemStatus.dll 2008-05-07 19:59 - 2008-05-07 19:59 - 000034816 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpz3llhn.dll 2010-01-22 21:10 - 2008-05-07 19:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll 2010-06-29 23:13 - 2010-06-29 23:13 - 000040960 _____ (Hewlett-Packard) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\CeeWriter.dll 2010-06-29 23:13 - 2010-06-29 23:13 - 002359296 _____ (HP) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECenter.dll 2010-06-11 12:14 - 2010-03-03 19:08 - 000163328 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll 2010-06-11 12:14 - 2010-03-03 19:08 - 001046528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll 2010-06-11 12:14 - 2010-03-03 18:53 - 000280064 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll 2019-05-16 02:39 - 2019-05-16 02:39 - 000176640 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\d56ef23c56dafafbd705bda28d96a1c3\IAStorDataMgr.ni.dll 2019-05-16 02:39 - 2019-05-16 02:39 - 000452608 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5c758e4d1dc449e6ad7cd1292aaf3bce\IAStorUtil.ni.dll 2009-10-23 01:18 - 2009-10-23 01:18 - 000151552 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Common.dll 2009-10-23 01:18 - 2009-10-23 01:18 - 000069632 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll 2010-06-29 23:11 - 2010-06-29 23:11 - 000208896 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.Logging.dll 2009-12-22 23:10 - 2003-03-18 22:12 - 001047552 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MFC71U.DLL 2009-12-22 23:10 - 2003-11-21 07:45 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCP71.dll 2009-12-22 23:10 - 2004-04-09 10:38 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\MSVCR71.dll 2018-11-08 19:38 - 2018-11-08 19:38 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll 2014-12-21 08:07 - 2014-12-21 08:07 - 000049152 _____ (MingW-W64 Project. All rights reserved.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\libwinpthread-1.dll 2013-02-18 22:46 - 2013-02-18 22:46 - 000220160 _____ (NETGEAR Inc.) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\drivers\NETGEAR_PLC_L2_API.dll 2014-03-23 18:32 - 2014-03-23 18:32 - 000060273 _____ (Open Source Software community project) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\pthreadGC2.dll 2013-02-10 17:35 - 2013-02-10 17:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\LIBEAY32.dll 2013-02-10 17:35 - 2013-02-10 17:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\ssleay32.dll 2015-10-12 11:44 - 2015-10-12 11:44 - 000033280 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qgif.dll 2015-10-12 11:45 - 2015-10-12 11:45 - 000034816 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qico.dll 2015-10-12 11:45 - 2015-10-12 11:45 - 000246784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qjpeg.dll 2015-10-12 11:58 - 2015-10-12 11:58 - 000366592 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qmng.dll 2015-10-12 11:48 - 2015-10-12 11:48 - 000028672 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qsvg.dll 2015-10-12 11:58 - 2015-10-12 11:58 - 000027648 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtga.dll 2015-10-12 11:58 - 2015-10-12 11:58 - 000433664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qtiff.dll 2015-10-12 11:58 - 2015-10-12 11:58 - 000027136 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\imageformats\qwbmp.dll 2015-10-12 11:46 - 2015-10-12 11:46 - 001413632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\platforms\qwindows.dll 2015-10-12 11:47 - 2015-10-12 11:47 - 000044544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\printsupport\windowsprintersupport.dll 2015-11-18 20:54 - 2015-11-18 20:54 - 005391360 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Core.dll 2015-10-12 11:31 - 2015-10-12 11:31 - 005334528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Gui.dll 2015-10-12 11:26 - 2015-10-12 11:26 - 001528832 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Network.dll 2015-10-12 11:42 - 2015-10-12 11:42 - 000334848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5OpenGL.dll 2016-04-12 18:52 - 2016-04-12 18:52 - 000357888 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5PrintSupport.dll 2015-10-12 11:48 - 2015-10-12 11:48 - 000331776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Svg.dll 2015-10-12 11:37 - 2015-10-12 11:37 - 006541824 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Widgets.dll 2015-10-12 11:25 - 2015-10-12 11:25 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files (x86)\NETGEAR Genie\bin\Qt5Xml.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-4104090456-942970366-3307904469-1003\...\1001movie.com -> 1001movie.com There are 6092 more sites. ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2019-01-04 01:44 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Common Files\Seagate\SnapAPI\;C:\adb;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Skype\Phone\ HKU\S-1-5-21-4104090456-942970366-3307904469-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupfolder: C:^Users^Regina^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\Windows\pss\LimeWire On Startup.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{2B0AF209-1555-4756-B4A0-69D3D73CC1F5}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) FirewallRules: [UDP Query User{3B7B3369-5038-4730-ADF8-36F0240309C4}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) FirewallRules: [{D56B9723-5427-4BEF-A78D-521AA5B7B444}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{6984740F-B1A4-4BED-9F45-4F3A7060FC80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{883FF213-AC56-409E-9775-3DF6142ED052}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) FirewallRules: [UDP Query User{66C1DC73-E976-463D-A164-5C3074E16DB5}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe (NETGEAR TAIWAN CO., LTD -> NETGEAR Inc.) FirewallRules: [TCP Query User{618E5AEB-0278-4DCE-97B5-0D2FB15B3077}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{EF3F29B8-F32B-4520-9992-650379250DFB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{E026A66E-F5FB-424D-B192-BC374308D920}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{2A215298-9AD6-4FD5-810C-940855BD3CD3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{B9B1E2FC-F763-4738-9F33-8E1DF03FEADD}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{DC5C8652-F0BE-4086-B305-ECD8273AE731}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{FA4C7524-12F8-4543-A028-B14205AF99B2}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe] => (Block) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe (CyberLink -> CyberLink Corp.) FirewallRules: [UDP Query User{6DBDA91D-A861-4196-8722-785EC1960861}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe] => (Block) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{84F0D079-A0C5-46D9-A662-2D52BCD97728}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2F611382-C0BB-46A7-B5BF-FFE41B91E8ED}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zS2026\HP.EasyStart.exe (HP Inc. -> HP) FirewallRules: [{69ED76BF-5DD7-4D81-8EAB-7FF12DFDD5E6}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{4EC78A34-10BF-4B12-AA35-3181F88B947C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{0A231A1C-E7DA-4375-92FE-12240193E3B2}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\SendAFax.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{C7E4AC40-50BB-46A4-9937-D535B4A53A1D}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{D4089707-B1FB-4488-B245-3A042D87668E}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{EA6589E4-CF5E-465B-A05E-7ED86AE1D253}] => (Allow) LPort=5357 FirewallRules: [{310001F7-02D9-4574-B4A9-7BB541C4F22C}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 8710\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{116A34AD-80E5-4FED-8394-CF06A47BDC6C}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zS3718\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP) FirewallRules: [{CFEAF4EE-42FE-4155-BA7D-4997CEFEE612}] => (Allow) C:\Users\Admin\AppData\Local\Temp\7zS3718\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP) FirewallRules: [TCP Query User{3F8E85F6-1CE4-471D-B236-A2F4B55C154B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{1F7E4E2F-C229-41D1-8A25-2B7998772DBC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [TCP Query User{6072F275-2152-4238-B69B-CBB3A4ED706C}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe] => (Allow) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe (CyberLink -> CyberLink Corp.) FirewallRules: [UDP Query User{A7F69602-E4C4-43E0-97C6-8F0D3361F438}C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe] => (Allow) C:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{084E20DF-4E50-4108-80F8-2D10937FDFEB}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software) FirewallRules: [{1815D64C-699A-486F-981D-919803D02228}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 11-11-2019 08:55:01 Windows Backup 13-11-2019 03:00:13 Windows Update 14-11-2019 09:02:38 Windows Update 18-11-2019 09:02:35 Windows Backup ==================== Faulty Device Manager Devices ============ Name: Description: Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (11/19/2019 04:50:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 8.1.168.192.in-addr.arpa. PTR Regina-PC.local. Error: (11/19/2019 04:50:21 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.8:5353 19 8.1.168.192.in-addr.arpa. PTR Regina-PC-2.local. Error: (11/18/2019 08:48:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 133973019 Error: (11/18/2019 08:48:06 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 133973019 Error: (11/18/2019 08:47:59 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/16/2019 05:03:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 17 6.1.168.192.in-addr.arpa. PTR Regina-PC.local. Error: (11/16/2019 05:03:48 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.6:5353 19 6.1.168.192.in-addr.arpa. PTR Regina-PC-2.local. Error: (11/16/2019 12:45:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MobileMeServices.exe, version: 1.6.65.0, time stamp: 0x4c8073ec Faulting module name: KERNELBASE.dll, version: 6.1.7601.24535, time stamp: 0x5dc1e97f Exception code: 0xc06d007e Fault offset: 0x0000c5af Faulting process id: 0x1a00 Faulting application start time: 0x01d59cbed44daef4 Faulting application path: C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileMeServices.exe Faulting module path: C:\Windows\syswow64\KERNELBASE.dll Report Id: 12120797-08b2-11ea-a45e-40618637c484 System errors: ============= Error: (11/19/2019 04:49:48 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 4:47:51 PM on ‎11/‎19/‎2019 was unexpected. Error: (11/18/2019 02:54:01 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 2:38:37 PM on ‎11/‎18/‎2019 was unexpected. Error: (11/18/2019 01:21:21 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk6\DR7. Error: (11/18/2019 01:21:20 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk6\DR7. Error: (11/18/2019 01:21:20 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk6\DR7. Error: (11/18/2019 01:21:19 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk6\DR7. Error: (11/18/2019 08:50:30 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/16/2019 12:45:49 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {D3F6D4DB-A482-4648-8DBB-3565EBCB7A6B} did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2012-03-09 19:33:07.864 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:33:07.824 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:55.792 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:55.752 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:41.891 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:41.861 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:41.351 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-03-09 19:32:41.311 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: American Megatrends Inc. 5.09 11/05/2009 Motherboard: MSI Indio Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz Percentage of memory in use: 59% Total physical RAM: 8183.08 MB Available physical RAM: 3276.59 MB Total Virtual: 16364.31 MB Available Virtual: 11082.17 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:915 GB) (Free:754.23 GB) NTFS Drive d: (FACTORY_IMAGE) (Fixed) (Total:16.41 GB) (Free:5.49 GB) NTFS ==>[system with boot components (obtained from drive)] Drive g: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] Drive h: (HP) (Fixed) (Total:686.23 GB) (Free:648.39 GB) NTFS Drive i: (FACTORY_IMAGE) (Fixed) (Total:12.31 GB) (Free:1.39 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{95716598-c215-11e4-9556-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=12.3 GB) - (Type=07 NTFS) ========================================================== Disk: 1 (Size: 931.5 GB) (Disk ID: 17D88420) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=915 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=16.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================