Hi, I'm not sure if my issues are due to it being infected but I do get odd popups and explorer windows just open at startup without me prompting them. Computer is very slow. Window updates fail so tried the Windows Update Tool but that would never finish and freeze. Also tried the Memory diagnostic, but that also would never finish and just freeze at 2%. I have uninstalled many applications in the hopes that I would hit on whatever was causing the issues which has helped some as the computer is not as slow as it was but Windows updates still fail.
This is my mother's laptop that I bought for her. She uses Pogo.com to play games (even at my recommendation not to use this site), so she may have downloaded something from there. She has also used BigFishGames.com which is another concern. Also, she gets the worst spam mail I have EVER seen and refuses to get a new email account, so she may have clicked on something from her email.
Any help you can provide will be appreciated.
Here's my FRST64 text. It is 64bit - I've triple checked and that it what it says.
Ran by Sandra (administrator) on DESKTOP-54QQMJU (09-04-2017 09:40:05)
Running from C:\Users\Sandra\Desktop
Loaded Profiles: Sandra (Available Profiles: Sandra)
Platform: Windows 10 Home Version 1511 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
() C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
() C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe
() C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SweetLabs, Inc) C:\Users\Sandra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\mshta.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(IS AppCloud Software) C:\Program Files (x86)\TOSHIBA\AppPlace\toshibaappplace.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
HKLM\...\Run: [TCrdMain] => C:\Program Files\Toshiba\System Setting\TCrdMain_Win8.exe [559920 2015-10-09] (TOSHIBA Corporation)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-07-21] (Synaptics Incorporated)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Tcpip\..\Interfaces\{11f57b55-9876-4f4f-b433-0e2dd713e57f}: [DhcpNameServer] 75.75.75.75 75.75.76.76
==================
HKU\S-1-5-21-2191857059-2474734211-1668879694-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.amazon.com/
HKU\S-1-5-21-2191857059-2474734211-1668879694-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE
SearchScopes: HKU\S-1-5-21-2191857059-2474734211-1668879694-1001 -> DefaultScope {1D23DF1D-8157-4A53-9915-AE873D865552} URL =
SearchScopes: HKU\S-1-5-21-2191857059-2474734211-1668879694-1001 -> {1D23DF1D-8157-4A53-9915-AE873D865552} URL =
SearchScopes: HKU\S-1-5-21-2191857059-2474734211-1668879694-1001 -> {4DF21410-DFEA-4394-8E99-6710E9C0D664} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-25] (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-25] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-25] (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-25] (Oracle Corporation)
========
FF DefaultProfile: me0t2yz8.default
FF ProfilePath: C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\me0t2yz8.default [2017-02-06]
FF Extension: (Toshiba Defaults) - C:\Users\Sandra\AppData\Roaming\Mozilla\Firefox\Profiles\me0t2yz8.default\Extensions\[email protected] [2016-04-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-04-08] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-25] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-04-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-25] (Oracle Corporation)
=======
CHR HKLM-x32\...\Chrome\Extension: [hikeppggmbhdgodhakicedaejpleoigm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [150256 2015-06-09] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373728 2016-02-05] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-24] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-21] (Synaptics Incorporated)
R2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [330032 2015-11-20] (TOSHIBA)
R2 TOSTABSYSSVC; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe [240432 2015-10-26] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [255728 2015-06-09] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-21] (Synaptics Incorporated)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [13920 2017-01-28] ()
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-08-07] (Toshiba Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 TDEIO; \??\C:\Users\Public\Temp\COMP035\tdeio64.sys [X]
==================== One Month Created files and folders ========
2017-04-08 15:19 - 2017-04-09 09:38 - 02424832 _____ (Farbar) C:\Users\Sandra\Desktop\FRST64.exe
2017-04-08 15:08 - 2017-04-09 09:40 - 00000000 ____D C:\FRST
2017-04-08 15:01 - 2017-04-08 15:01 - 00165671 _____ C:\Users\Sandra\Downloads\latestwu (1).diagcab
2017-04-08 13:45 - 2017-04-08 13:45 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\WinBatch
2017-04-08 13:21 - 2017-04-08 13:21 - 00000000 ____D C:\Users\Sandra\AppData\Local\ElevatedDiagnostics
2017-04-08 12:09 - 2017-04-08 12:09 - 00165671 _____ C:\Users\Sandra\Downloads\latestwu.diagcab
2017-04-08 12:05 - 2017-04-08 12:05 - 06847064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2017-04-08 12:03 - 2017-04-08 12:03 - 00002242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
2017-04-09 09:24 - 2016-04-28 19:57 - 00004170 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{371674DC-0141-498B-8E1E-FF471ED932E5}
2017-04-09 09:20 - 2016-04-28 17:18 - 00000000 ____D C:\Users\Sandra\AppData\Local\App Place for Toshiba
2017-04-08 15:17 - 2015-10-30 03:11 - 00000000 ____D C:\Windows\CbsTemp
2017-04-08 15:05 - 2016-01-11 15:10 - 00879220 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-08 15:05 - 2015-10-30 03:21 - 00000000 ____D C:\Windows\INF
2017-04-08 14:58 - 2016-04-28 17:18 - 00000000 __SHD C:\Users\Sandra\IntelGraphicsProfiles
2017-04-08 14:58 - 2016-04-28 17:14 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-04-08 14:57 - 2016-01-11 15:04 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-08 14:26 - 2015-10-30 02:28 - 00786432 ___SH C:\Windows\system32\config\BBI
2017-04-08 14:01 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\NDF
2017-04-08 13:57 - 2015-10-30 03:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-04-08 12:05 - 2016-05-28 15:02 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-04-08 12:05 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-04-08 12:05 - 2015-10-30 03:24 - 00000000 ____D C:\Windows\system32\Macromed
2017-04-08 12:03 - 2016-01-11 15:50 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-04-08 12:01 - 2016-01-11 14:57 - 00203432 _____ C:\Windows\system32\FNTCACHE.DAT
2017-04-08 10:45 - 2016-04-28 17:18 - 00000000 ____D C:\Users\Sandra\AppData\Local\Packages
2017-04-08 10:43 - 2017-01-31 12:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-04-08 10:34 - 2016-06-17 13:19 - 00000000 ____D C:\Users\Sandra\AppData\Local\Google
2017-04-08 10:34 - 2016-06-17 13:19 - 00000000 ____D C:\Program Files (x86)\Google
2017-04-08 10:33 - 2017-01-25 09:21 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pogo Games
2017-04-08 10:32 - 2017-02-10 14:13 - 00000000 ____D C:\Users\Sandra\AppData\Roaming\Awem
2017-04-08 10:32 - 2016-04-28 17:16 - 00000000 ____D C:\Users\Sandra\AppData\Local\Host App Service
2017-04-08 10:28 - 2017-01-21 16:10 - 00003292 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-08 10:28 - 2016-04-28 17:23 - 00002381 _____ C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-08 10:28 - 2016-04-28 17:23 - 00000000 ___RD C:\Users\Sandra\OneDrive
2017-04-07 18:06 - 2016-04-28 17:43 - 00532136 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
====================
2015-11-18 19:15 - 2015-11-18 19:15 - 43338880 _____ () C:\Users\Sandra\AppData\Local\Temp\Firefox Setup 42.0-2-Toshiba-001-US.exe
2017-01-25 13:42 - 2017-01-25 13:42 - 0739904 _____ (Oracle Corporation) C:\Users\Sandra\AppData\Local\Temp\jre-8u121-windows-au.exe
2015-07-23 09:53 - 2015-07-23 09:53 - 0120336 _____ (McAfee, Inc.) C:\Users\Sandra\AppData\Local\Temp\McCSPInstall.dll
2016-04-28 17:37 - 2015-07-23 09:53 - 0162120 _____ (McAfee Inc.) C:\Users\Sandra\AppData\Local\Temp\mccspuninstall.exe
2016-08-06 11:50 - 2016-08-06 11:51 - 58422624 _____ (SweetLabs,Inc.) C:\Users\Sandra\AppData\Local\Temp\oct14C5.tmp.exe
2017-01-21 16:10 - 2017-01-21 16:11 - 58523704 _____ (SweetLabs,Inc.) C:\Users\Sandra\AppData\Local\Temp\oct51E5.tmp.exe
2016-04-28 17:22 - 2016-04-28 17:23 - 57318568 _____ (SweetLabs,Inc.) C:\Users\Sandra\AppData\Local\Temp\octE9C7.tmp.exe
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
Ran by Sandra (09-04-2017 09:42:18)
Running from C:\Users\Sandra\Desktop
Windows 10 Home Version 1511 (X64) (2016-04-28 21:14:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-2191857059-2474734211-1668879694-503 - Limited - Disabled)
Guest (S-1-5-21-2191857059-2474734211-1668879694-501 - Limited - Disabled)
Sandra (S-1-5-21-2191857059-2474734211-1668879694-1001 - Administrator - Enabled) => C:\Users\Sandra
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
Amazon Assistant (HKLM-x32\...\{5437E77B-E4B5-45E7-BD33-95C3F0AA6602}) (Version: 10.17.0228 - Amazon) <==== ATTENTION
App Explorer (HKU\S-1-5-21-2191857059-2474734211-1668879694-1001\...\Host App Service) (Version: 0.272.1.354 - SweetLabs)
App Place for Toshiba (HKLM-x32\...\App Place for Toshiba) (Version: 6.5.4 - IS AppCloud Software)
Bluetooth® Link (HKLM\...\{936D21BF-3344-4B20-BC4C-3B67580C19F5}) (Version: 4.3.04 - Toshiba Corporation)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.6312.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4425.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4425.0 - CyberLink Corp.) Hidden
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (x32 Version: 1.1.383 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2191857059-2474734211-1668879694-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.8 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 3.0.2.0 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: 2.0.1.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.4.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 4.17.000 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 2.02.0002.02 - Toshiba Corporation)
TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.7.6401 - Toshiba Corporation)
TOSHIBA User Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.03 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.1.2 - TOSHIBA)
==================== Scheduled Tasks (Whitelisted) =============
Task: {2A8F894E-49F5-4A8A-AAF5-B61862D70FA0} - System32\Tasks\App Explorer => C:\Users\Sandra\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2016-09-14] (SweetLabs, Inc)
Task: {2C03B881-DA1D-4347-B836-516655647892} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2014-04-03] (TOSHIBA Corporation)
Task: {5AE5D4CD-1594-4296-820D-AFE22BFF9510} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [2015-07-08] (Toshiba Corporation)
Task: {61240B7C-AD8E-4E4E-8AFA-9ECFF797928F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-26] (Realtek Semiconductor)
Task: {6EDDB437-51A6-4989-85BD-A4B8EACBA017} - System32\Tasks\IS AppCloud Software\App Place for Toshiba-Reminder => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe [2016-06-08] (IS AppCloud Software)
Task: {8F5D78ED-85C5-40FF-950B-DD7E4C43B9CB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-08] (Adobe Systems Incorporated)
Task: {C5B91370-9ED5-47CC-9467-625F6E08D957} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-24] (Intel Corporation)
Task: {D4F68BE9-99E5-4487-9DC6-2F7504B4735E} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation)
Task: {DC8D0774-6611-46DC-9D3D-AB9969087CBA} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2015-06-12] (TOSHIBA Corporation)
Task: {EAC0CB5E-8648-450A-BEBD-995007FF3F20} - System32\Tasks\IS AppCloud Software\App Place for Toshiba => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe [2016-06-08] (IS AppCloud Software)
Task: {F757D498-34A0-4726-9322-2ACEE241D990} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
==================== Shortcuts =============================
2013-03-27 16:53 - 2013-03-27 16:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2015-10-26 21:16 - 2015-10-26 21:16 - 00240432 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe
2017-02-28 15:19 - 2017-02-28 15:19 - 00102064 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
2017-02-28 15:20 - 2017-02-28 15:20 - 00141488 _____ () C:\Program Files (x86)\Amazon\Amazon Assistant\aaLoader64.dll
2016-01-11 16:08 - 2014-04-14 22:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-04-29 09:16 - 2016-03-29 06:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-29 09:16 - 2016-03-29 06:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2015-08-06 03:28 - 2016-02-05 17:19 - 00402912 _____ () C:\Windows\system32\igfxTray.exe
2016-04-29 09:13 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-16 09:25 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2012-07-18 22:38 - 2012-07-18 22:38 - 00020904 _____ () C:\Program Files\TOSHIBA\System Setting\SmoothView.dll
2016-06-17 13:20 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-17 13:20 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-17 13:20 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-17 13:20 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-08 08:03 - 2016-06-08 08:04 - 00236032 _____ () C:\Program Files (x86)\Toshiba\AppPlace\node_modules\appcloud-native-utils\anu.node
==================== Safe Mode (Whitelisted) ===================
==================== Association (Whitelisted) ===============
==================== Internet Explorer trusted/restricted ===============
==================== Other Areas ============================
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
FirewallRules: [{E1B882A5-8F08-4C17-AE01-B40231EEEE42}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{DA961266-BA8B-4B27-8A98-A7FB2814AEC5}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{E9D9DEC6-37E6-407C-B642-D3839CE8C14A}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe
FirewallRules: [{5DB8DD83-A660-445A-A48B-4EFCE0C77438}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe
FirewallRules: [{DA12B274-32BC-4E08-A3DA-42CBC76AE0B0}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe
FirewallRules: [{53034AAE-6B08-4A3A-9CAF-ABB09B4D3797}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{2E594F02-A8EA-49A9-933D-B72266063A5D}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe
FirewallRules: [{C94050D5-A3CC-4C04-8E0E-86958C90458F}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{63B76D16-A50A-4587-9390-32FFD85571E6}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe
FirewallRules: [{760DF00C-DE52-4E26-99F9-42CB4F1B7E06}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{2AF4B332-644E-4FE1-BC27-554C7371A604}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe
FirewallRules: [{8FA6D637-28A1-4F11-BEC8-8EECC6420CC0}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{18EE0BD6-A37D-4FD7-A54F-02F854360975}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{89205917-ED2C-4A1D-964E-4DAD9729C57E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{404069D8-093E-4F04-9E88-8BC16F3689A1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3C115245-FAC3-4328-8A01-7C7DE51E48F0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
16-02-2017 15:07:43 Scheduled Checkpoint
08-04-2017 11:11:33 Windows Update
08-04-2017 11:12:00 Windows Update
==================== Event log errors: =========================
==================
Error: (04/08/2017 11:12:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
Access is denied.
.
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
Access is denied.
.
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Description: Faulting application name: SearchUI.exe, version: 10.0.10586.420, time stamp: 0x57491ba1
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10586.306, time stamp: 0x571af9f6
Exception code: 0xc000027b
Fault offset: 0x0000000000281f52
Faulting process id: 0x18b4
Faulting application start time: 0x01d283afb0c6c9eb
Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 35e0f646-c313-495e-84ef-c02c2a8e817d
Faulting package full name: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Description: The program GamesManager.exe version 2.15.2.971 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
Access is denied.
.
Description: Faulting application name: GoldenTrails3TheGuardian'sCreed_PE.ifn, version: 0.0.0.0, time stamp: 0x50c19d45
Faulting module name: windows.storage.dll, version: 10.0.10586.306, time stamp: 0x571af5bf
Exception code: 0x4000001f
Fault offset: 0x00282dff
Faulting process id: 0x11fc
Faulting application start time: 0x01d283c96b50f85a
Faulting application path: c:\games\Pogo Games\Golden Trails 3 The Guardian's Creed Premium Edition\GoldenTrails3TheGuardian'sCreed_PE.ifn
Faulting module path: C:\Windows\SYSTEM32\windows.storage.dll
Report Id: 64634039-ed51-4b7b-b9c9-b5968d64705c
Faulting package full name:
Faulting package-relative application ID:
Description: Faulting application name: iWinInstaller.exe, version: 0.0.0.0, time stamp: 0x586a3833
Faulting module name: iWinInstaller.exe, version: 0.0.0.0, time stamp: 0x586a3833
Exception code: 0xc0000005
Fault offset: 0x00008a40
Faulting process id: 0x2610
Faulting application start time: 0x01d283c77f8afa7f
Faulting application path: C:\Users\Sandra\AppData\Local\GamesManager\iWinInstaller.exe
Faulting module path: C:\Users\Sandra\AppData\Local\GamesManager\iWinInstaller.exe
Report Id: 7b3403ed-4571-46c0-8ed0-ca70e42e2f82
Faulting package full name:
Faulting package-relative application ID:
Description: Faulting application name: iexplore.exe, version: 11.0.10586.420, time stamp: 0x57491c15
Faulting module name: KERNELBASE.dll, version: 10.0.10586.306, time stamp: 0x571af331
Exception code: 0xc0020001
Fault offset: 0x0000000000071f28
Faulting process id: 0x2238
Faulting application start time: 0x01d283b2559087cd
Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 2ddbb2fa-ac73-4c57-af7e-452cba57e87f
Faulting package full name:
Faulting package-relative application ID:
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
Access is denied.
.
System errors:
=============
Error: (04/08/2017 03:34:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The Sync Host_4b006 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user DESKTOP-54QQMJU\Sandra SID (S-1-5-21-2191857059-2474734211-1668879694-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe SID (S-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157). This security permission can be modified using the Component Services administrative tool.
Description: The Sync Host_24c17 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
and APPID
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}
to the user DESKTOP-54QQMJU\Sandra SID (S-1-5-21-2191857059-2474734211-1668879694-1001) from address LocalHost (Using LRPC) running in the application container windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Description: The Windows Defender Network Inspection Service service depends on the Windows Defender Network Inspection System Driver service which failed to start because of the following error:
The dependency service or group failed to start.
Description: The Windows Defender Network Inspection System Driver service depends on the Base Filtering Engine service which failed to start because of the following error:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Description: The Windows Defender Network Inspection Service service depends on the Windows Defender Network Inspection System Driver service which failed to start because of the following error:
The dependency service or group failed to start.
CodeIntegrity:
===================================
Date: 2017-02-12 04:06:01.484
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 39%
Total physical RAM: 6058.26 MB
Available physical RAM: 3667.8 MB
Total Virtual: 7018.26 MB
Available Virtual: 4430.78 MB
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)