Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer is Extremely Unresponsive


  • Please log in to reply

#1
fantasticdoitsu

fantasticdoitsu

    New Member

  • Member
  • Pip
  • 1 posts

I have a windows 10 laptop, and as of late it has become extremely unresponsive, and is becoming impossible to use. I am not sure if it is a virus, or hardware so I figured I would start here.

 

Here is the log from the scans

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Cassie (administrator) on ANTONIO (18-01-2018 22:59:35)
Running from C:\Users\Cassie\Desktop
Loaded Profiles: Cassie (Available Profiles: Cassie)
Platform: Windows 10 Home Version 1703 15063.608 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\PasswordUtility\readLM.exe
(Toshiba) C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\PasswordUtility\readLM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-15e8575b.exe
() C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E1057724-701A-4C7F-B1BA-659C75B0943B}\MPSigStub.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401912 2016-12-02] ()
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [Google Update] => C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-26] (Google Inc.)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-13] (Valve Corporation)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILOE.EXE [297024 2013-08-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 216.21.127.249 216.21.127.253
Tcpip\..\Interfaces\{3ef4d42a-ac1c-4c3d-94b5-74530a788611}: [DhcpNameServer] 216.21.127.249 216.21.127.253
Tcpip\..\Interfaces\{77cb6503-3166-4ad3-8097-ca90ac8c832f}: [DhcpNameServer] 127.0.0.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com
SearchScopes: HKU\S-1-5-21-2438370543-1171411930-338771542-1001 -> DefaultScope {D8F97E52-0A1E-41C4-ACFB-49C18728BC14} URL = 
SearchScopes: HKU\S-1-5-21-2438370543-1171411930-338771542-1001 -> {D8F97E52-0A1E-41C4-ACFB-49C18728BC14} URL = 
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
 
Edge: 
======
Edge Extension: (Office Online) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.4.0_neutral__8wekyb3d8bbwe [2017-12-21]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2017-05-10]
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2438370543-1171411930-338771542-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-2438370543-1171411930-338771542-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-26] (Google Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default [2018-01-18]
CHR Extension: (Slides) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2017-12-07]
CHR Extension: (Docs) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (DuckDuckGo Search) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-05-11]
CHR Extension: (YouTube) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Honey) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-01-18]
CHR Extension: (Google Search) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (High Contrast) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2017-05-10]
CHR Extension: (Sheets) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (NEnhancer) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijanohecbcpdgnpiabdfehfjgcapepbm [2017-07-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-04]
CHR Extension: (Gmail) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-18]
CHR HKU\S-1-5-21-2438370543-1171411930-338771542-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc.)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2016-12-02] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ccSet_NAT; C:\WINDOWS\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-18] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-18] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-18] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-18] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 MpKsl91e3a8e4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAB552EC-BF9F-40CF-AF60-B6C17D6A0C7D}\MpKsl91e3a8e4.sys [58120 2017-12-22] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\Toshiba\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72792 2017-05-04] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-18 22:59 - 2018-01-18 23:01 - 000017706 _____ C:\Users\Cassie\Desktop\FRST.txt
2018-01-18 22:59 - 2018-01-18 22:59 - 000000000 ____D C:\FRST
2018-01-18 22:58 - 2018-01-18 22:58 - 002393088 _____ (Farbar) C:\Users\Cassie\Downloads\FRST64.exe
2018-01-18 22:58 - 2018-01-18 22:58 - 002393088 _____ (Farbar) C:\Users\Cassie\Desktop\FRST64.exe
2018-01-18 22:55 - 2018-01-18 22:55 - 001753600 _____ (Farbar) C:\Users\Cassie\Desktop\FRST.exe
2018-01-18 22:54 - 2018-01-18 22:55 - 001753600 _____ (Farbar) C:\Users\Cassie\Downloads\FRST.exe
2018-01-18 22:54 - 2018-01-18 22:54 - 000004348 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Cassie
2018-01-18 22:53 - 2018-01-18 22:53 - 000001548 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2018-01-18 22:29 - 2018-01-18 22:30 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-18 22:28 - 2018-01-18 22:28 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-18 22:28 - 2018-01-18 22:28 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-18 22:28 - 2018-01-18 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-18 22:28 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-18 22:27 - 2018-01-18 22:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-18 22:27 - 2018-01-18 22:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-18 22:05 - 2018-01-18 22:06 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\efb3028b-8ac9-46fc-bed2-c63898747326.tmp
2018-01-18 22:04 - 2018-01-18 22:05 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\840fcd88-ae06-47dd-a432-614b07410771.tmp
2018-01-18 22:04 - 2018-01-18 22:04 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\fad04e3e-bfc2-475d-85e3-53fd55f785d3.tmp
2018-01-18 22:02 - 2018-01-18 22:03 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\711f7b13-9951-416b-a919-7d9a3fc79187.tmp
2018-01-18 22:00 - 2018-01-18 22:01 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\94f5ffa5-7789-4eea-9fd8-42c553b2ce4e.tmp
2018-01-18 22:00 - 2018-01-18 22:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2018-01-18 21:59 - 2018-01-18 22:00 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\3b1d144b-9871-4773-9bf4-00ae5df57248.tmp
2018-01-18 21:58 - 2018-01-18 21:59 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\30c56cc2-4bd4-4efb-9340-e505c08040ba.tmp
2017-12-22 01:14 - 2017-12-22 01:14 - 000000000 ___HD C:\$WINDOWS.~BT
2017-12-21 23:55 - 2017-12-21 23:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-21 22:54 - 2017-12-21 22:54 - 000000000 ___HD C:\OneDriveTemp
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-01-18 23:00 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-18 22:53 - 2013-11-05 03:56 - 000000000 ____D C:\ProgramData\Norton
2018-01-18 22:53 - 2013-11-05 03:56 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-01-18 22:46 - 2017-09-22 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-18 22:42 - 2014-12-24 23:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-18 22:29 - 2017-11-07 15:24 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-18 22:27 - 2016-11-25 22:15 - 000000000 ___RD C:\Users\Cassie\Google Drive
2018-01-18 22:26 - 2014-12-24 23:28 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-18 22:24 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-18 22:24 - 2015-08-10 16:08 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-18 22:24 - 2015-01-04 20:24 - 000000000 ____D C:\Users\Cassie\AppData\Local\CrashDumps
2018-01-18 22:22 - 2014-12-25 17:23 - 000000000 __RDO C:\Users\Cassie\OneDrive
2018-01-18 22:17 - 2016-05-14 02:03 - 000000000 __SHD C:\Users\Cassie\IntelGraphicsProfiles
2018-01-18 22:16 - 2017-09-22 22:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-18 22:15 - 2017-09-22 23:22 - 000947252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-18 22:15 - 2017-09-22 22:58 - 000000000 ____D C:\Users\Cassie
2018-01-18 22:12 - 2017-09-22 22:51 - 000256208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-18 22:10 - 2017-09-22 23:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-18 22:10 - 2017-03-18 05:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-18 22:00 - 2017-03-18 15:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-01-18 22:00 - 2017-03-18 05:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-18 21:52 - 2013-11-05 03:56 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-01-18 20:53 - 2014-12-21 17:30 - 000002523 _____ C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-18 20:31 - 2017-05-27 09:33 - 000000000 ____D C:\Users\Cassie\Desktop\Cassie Resume
2017-12-22 01:15 - 2017-09-02 13:09 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-22 00:02 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-22 00:00 - 2014-12-21 16:29 - 000000000 ____D C:\Users\Cassie\AppData\Local\Packages
2017-12-21 23:26 - 2015-07-30 14:04 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-21 22:53 - 2017-09-22 23:55 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2438370543-1171411930-338771542-1001
2017-12-21 22:53 - 2016-05-14 19:46 - 000002415 _____ C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-21 22:35 - 2017-09-22 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-11-08 06:05
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Cassie (18-01-2018 23:01:41)
Running from C:\Users\Cassie\Desktop
Windows 10 Home Version 1703 15063.608 (X64) (2017-09-23 05:45:18)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2438370543-1171411930-338771542-500 - Administrator - Disabled)
Cassie (S-1-5-21-2438370543-1171411930-338771542-1001 - Administrator - Enabled) => C:\Users\Cassie
DefaultAccount (S-1-5-21-2438370543-1171411930-338771542-503 - Limited - Disabled)
Guest (S-1-5-21-2438370543-1171411930-338771542-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2438370543-1171411930-338771542-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{420ED767-62A5-462F-9DDA-AE3A95D4BF32}) (Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3424.05 - CyberLink Corp.)
Dragon Assistant Application en-US version 1.5.11 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service version 1.1.12 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.12 - Nuance Communications, Inc.)
Dragon Assistant Installer version 1.5.11 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Language Data en-US version 1.1.4 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.4 - Nuance Communications, Inc.)
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
EPSON XP-810 Series Printer Uninstall (HKLM\...\EPSON XP-810 Series) (Version:  - SEIKO EPSON Corporation)
Google Chrome (HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{38561F82-2984-4C99-ADD7-D1166BC3D552}) (Version: 3.0.1335.05 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Display Utility (HKLM\...\{11955FE2-CAC6-4C3B-AA68-F787D7405400}) (Version: 1.1.9.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-02] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {079AC2D2-0D14-4936-82CB-2B48A6352A91} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0D21BBCE-5FF6-4613-B62C-48148CA6EAA1} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {0DF4117A-53A3-45AA-B5AD-E97EBBCA5787} - \Norton Anti-Theft\Norton Error Processor -> No File <==== ATTENTION
Task: {0E74B7B4-D6FD-4F07-87B9-A23227DCA3E8} - \Microsoft\Windows\WindowsUpdate\Scheduled Start With Network -> No File <==== ATTENTION
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - \Microsoft\Windows\IME\SQM data sender -> No File <==== ATTENTION
Task: {1B7164C0-BBD8-400D-80D6-0F0B4BA0FF58} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {1D566EAF-BF50-44C7-8A18-5D0ED471E253} - \TOSHIBA\Service Station -> No File <==== ATTENTION
Task: {26FA61E4-AE6D-4A80-8F3D-F81E202CAF62} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ef39836853d6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27D9BC0C-A809-48A0-ABA8-34D462B6C20E} - \Optimize Start Menu Cache Files-S-1-5-21-2438370543-1171411930-338771542-500 -> No File <==== ATTENTION
Task: {2ABD570A-E314-4883-AE9D-B49A3D043331} - \WPD\SqmUpload_S-1-5-21-2438370543-1171411930-338771542-1001 -> No File <==== ATTENTION
Task: {2F7DC103-9C97-4825-B558-AD23EF96616F} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join -> No File <==== ATTENTION
Task: {3A5BC880-E0C3-4B03-992B-1C08844591DB} - \Norton WSC Integration -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {4A2A3C82-FC0A-46BD-A719-DC38982F79FC} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {4AF9B1F1-3801-41F0-A617-793AF63DC9A7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4D5A14C6-C63F-4FA6-9034-ED8DF6B0125A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - \Microsoft\Windows\Customer Experience Improvement Program\BthSQM -> No File <==== ATTENTION
Task: {607049E3-F759-4D15-A254-6012A4F11077} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {652E08C9-1139-4CCF-9B45-06DD35F8D99D} - \EPSON XP-810 Series Update {077F468C-D605-4039-BF87-F2D772B0B66C} -> No File <==== ATTENTION
Task: {67E727D0-6387-4D97-9440-C0816C1D50F5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6C1D0531-03E2-4829-81C1-8DE05111AFEC} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {6C36F675-5652-4D58-9BAE-F48501A70EAB} - \Optimize Start Menu Cache Files-S-1-5-21-2438370543-1171411930-338771542-1001 -> No File <==== ATTENTION
Task: {6DA582B4-A313-4EAE-8190-ACD50DBCC839} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core1d1ef399bd00c9e => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION
Task: {73250A29-8FF5-4DFE-8D11-9A1BC33A8B6E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA1d1ef399c51f86f => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {77F7A208-60CB-42CE-8085-96B61AD3EC1D} - \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION
Task: {8F461ED8-7BBC-4939-A93F-B7EEE4E707D9} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {917B2B5E-48A0-4D6F-8D04-2578BB960918} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9459D61D-5062-441A-BC01-C32C58E3D06A} - \Norton AntiVirus\Norton Error Processor -> No File <==== ATTENTION
Task: {97A46B9B-9A90-49B5-ADFC-D013A0278E37} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97F618DC-07C7-48B2-8C44-9645E9B3EA8F} - \Microsoft\Windows\Customer Experience Improvement Program\Uploader -> No File <==== ATTENTION
Task: {9ED98AA6-4991-46D1-A14A-6FBFA34743C6} - \Norton Anti-Theft\Norton Error Analyzer -> No File <==== ATTENTION
Task: {A9CE4069-D1C8-4D0A-BD23-B08B5B8148A6} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {AB0CA722-AEA4-4F8C-AFA8-CC0E5D61E649} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ADA8D520-83D6-408A-BCED-FDEA24BE0523} - \Norton AntiVirus\Norton Error Analyzer -> No File <==== ATTENTION
Task: {AE4A2738-81E2-4A5A-9078-8CFD0A139488} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B03BC7D4-D74C-40FC-868C-2BAD206E58A9} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {B69346EC-71BD-4295-B0B1-C609DC64C4C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B9865714-329D-4F06-B6BF-87857782D4EA} - \Microsoft\Windows\Shell\FamilySafetyUpload -> No File <==== ATTENTION
Task: {BE0C76BA-C5BE-4291-9B33-51610D9F61EC} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {C42517B7-1DBB-4EBE-91AF-31962D1126C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C447CF30-4003-46EF-8C0C-15D35409D5EC} - \GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core -> No File <==== ATTENTION
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {C4FA3445-A4EC-4D4C-8F90-8C400F86EB80} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ef3982aa8510 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {CC9DB7EA-3189-49C1-825A-07E7D4ED16BF} - \Microsoft\Windows\WindowsUpdate\AUSessionConnect -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {D097FDC4-9FF6-451C-9701-C0333B886CEF} - \Resolution+ Setting Task -> No File <==== ATTENTION
Task: {D24AC8D1-9488-4183-A1FA-AF64B26D30FF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DA73F83B-0C70-4C65-93C2-C91B3B9F7862} - \Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask -> No File <==== ATTENTION
Task: {DB9D646E-442D-4BC8-A21E-74CA9DFFDD3E} - System32\Tasks\Norton Security Scan for Cassie => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
Task: {E72D92DA-22CA-42DA-BEB3-B483A8EA23EE} - \GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA -> No File <==== ATTENTION
Task: {E9A57D7A-4752-4F68-A86A-A996CE1BB3BB} - \Remediation\AntimalwareMigrationTask -> No File <==== ATTENTION
Task: {EDFE275E-3089-4BFD-B863-90EF94D0E684} - \Microsoft\Windows\WindowsUpdate\AUScheduledInstall -> No File <==== ATTENTION
Task: {EE47F2AB-EDB9-4291-B621-05A2022C85EC} - \Microsoft\Windows\RemovalTools\MRT_HB -> No File <==== ATTENTION
Task: {F03AC953-36F4-4707-9F21-1F2BAD8FA775} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F3889643-F87B-4BED-86C1-B38A0EA18910} - \EPSON XP-810 Series Invitation {077F468C-D605-4039-BF87-F2D772B0B66C} -> No File <==== ATTENTION
Task: {F8A0E106-3CE2-4519-A194-11CD78E53D09} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F8E24443-BF96-49D5-AAD9-3A07E02023AA} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {F9CAC644-A6EB-4BD8-BF8C-21FF8A6DA361} - \User_Feed_Synchronization-{36EB20CD-520E-4CEB-A6D3-B513686BD73C} -> No File <==== ATTENTION
Task: {FC08AC06-B417-4A13-8F50-86DA727D3271} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\EPSON XP-810 Series Invitation {077F468C-D605-4039-BF87-F2D772B0B66C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-810 Series Update {077F468C-D605-4039-BF87-F2D772B0B66C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE:/EXE:{077F468C-D605-4039-BF87-F2D772B0B66C} /F:UpdateWORKGROUP\ANTONIO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core.job => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA.job => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-03-27 13:53 - 2013-03-27 13:53 - 000163168 _____ () C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe
2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 14:59 - 2017-03-18 20:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-02 07:32 - 2016-12-02 07:32 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-11-20 15:27 - 2017-11-20 15:27 - 041061856 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2013-08-01 15:24 - 2013-08-01 15:24 - 000438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2018-01-18 22:28 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-18 22:28 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-17 22:12 - 2018-01-18 22:31 - 000545440 _____ () C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E1057724-701A-4C7F-B1BA-659C75B0943B}\MPSigStub.exe
2018-01-18 20:53 - 2018-01-03 03:20 - 004063064 _____ () C:\Users\Cassie\AppData\Local\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-18 20:53 - 2018-01-03 03:20 - 000099672 _____ () C:\Users\Cassie\AppData\Local\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-03-18 14:58 - 2017-03-18 14:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-10 23:40 - 2017-07-10 23:40 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-10 23:40 - 2017-07-10 23:40 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-09-24 00:07 - 2017-09-04 23:19 - 004125088 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2014-04-18 03:10 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-12-21 22:52 - 2017-12-21 22:52 - 000102088 _____ () C:\Users\Cassie\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2018-01-18 22:18 - 2018-01-18 22:18 - 000088064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_ctypes.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000919552 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_hashlib.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000098816 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32api.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000110080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pywintypes27.dll
2018-01-18 22:19 - 2018-01-18 22:19 - 000364544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pythoncom27.dll
2018-01-18 22:19 - 2018-01-18 22:19 - 000686080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\unicodedata.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000320512 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32com.shell.shell.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 001177088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._core_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000806912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._gdi_.pyd
2018-01-18 22:20 - 2018-01-18 22:21 - 000816640 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._windows_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 001067520 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._controls_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000733696 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._misc_.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000736256 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pysqlite2._sqlite.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000119808 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32file.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000108544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32security.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000007168 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\hashobjs_ext.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000017920 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\thumbnails_ext.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000082432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\usb_ext.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000013824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\common.time34.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000018432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32event.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.conditional.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.winwrap.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000089088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.volumes.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000167936 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32gui.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000046080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_socket.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 001311744 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_ssl.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000129536 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_elementtree.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000127488 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pyexpat.pyd
2018-01-18 22:19 - 2018-01-18 22:20 - 000038912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32inet.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000077824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._html2.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000036864 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_psutil_windows.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000524248 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows._lib_cacheinvalidation.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000011264 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32crypt.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000218624 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\PIL._imaging.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_multiprocessing.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000020480 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_yappi.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000035840 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32process.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000024064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32pipe.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000010240 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\select.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000025600 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32pdh.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000059392 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.device_monitor.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32profile.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000022528 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32ts.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000088064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_ctypes.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000919552 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_hashlib.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000098816 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32api.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000110080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pywintypes27.dll
2018-01-18 22:27 - 2018-01-18 22:27 - 000364544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pythoncom27.dll
2018-01-18 22:27 - 2018-01-18 22:27 - 000686080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\unicodedata.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000320512 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32com.shell.shell.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 001177088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._core_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000806912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._gdi_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000816640 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._windows_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 001067520 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._controls_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000733696 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._misc_.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000736256 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pysqlite2._sqlite.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000119808 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32file.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000108544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32security.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000007168 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\hashobjs_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000017920 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\thumbnails_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000082432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\usb_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000013824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\common.time34.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000018432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32event.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.conditional.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.winwrap.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000089088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.volumes.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000167936 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32gui.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000046080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_socket.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 001311744 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_ssl.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000129536 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_elementtree.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000127488 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pyexpat.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000038912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32inet.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000077824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._html2.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000036864 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_psutil_windows.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000524248 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows._lib_cacheinvalidation.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000011264 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32crypt.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000218624 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\PIL._imaging.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_multiprocessing.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000020480 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_yappi.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000035840 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32process.pyd
2018-01-18 22:27 - 2018-01-18 22:28 - 000024064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32pipe.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000010240 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\select.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000025600 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32pdh.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000059392 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.device_monitor.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32profile.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000022528 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32ts.pyd
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cassie\Desktop\Cassie's Folder\Photos\Photos\Video Game Stuff\Arcade 1.jpg
DNS Servers: 216.21.127.249 - 216.21.127.253
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{42DEFB7C-6E96-4335-B0C9-DC725EFEF6F9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{A0DC19A5-AAD6-4FDB-A569-1AF19A70CEE0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D6CF8169-0C3A-4CCF-8863-90EA21FF0183}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2028368A-7676-40E0-ACAD-5366637D678B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{F1E92A38-D72D-49F8-81C9-C81B75A0148D}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{E49A9C49-FA4C-4AE4-A2BE-5658E3B9615A}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7492A45E-FEF0-49C4-8744-068EA662CAB2}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{C35CF434-D475-402B-A5E0-C956D725A5A2}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6B87EA6B-0EF8-471F-A33C-748576E8AF88}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7DE3F711-CEC2-43F3-A5B7-37E20E5A5413}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FBEFB85F-D577-496E-90B0-E3D7EA36FF90}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{3F2D510A-335B-45D3-A633-A7D0492F54C3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4B23B346-B5D8-4730-82F8-1F605E198302}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{0AC9FD6C-7F2A-4D8E-A0FC-94A39D834E4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{E9EDD3D0-5086-447B-8DC9-5B2AECA44AF1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{131BAEA9-CE14-4757-881F-BF8E5AB7FFA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90CE8AF9-89B5-4B75-B6CF-1C4D0E3C0694}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23331EBC-3984-43B5-875E-B832060EF181}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10E7E317-806D-4DD9-B0F0-6600A2F61F80}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
 
==================== Restore Points =========================
 
08-11-2017 03:28:14 Windows Update
08-11-2017 03:29:02 Windows Update
18-01-2018 21:23:14 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/18/2018 10:42:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (01/18/2018 10:24:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/18/2018 10:24:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/18/2018 10:24:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (01/18/2018 10:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 13dc5f4e-9530-44ce-b84d-cd00b0e8704f
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
Error: (01/18/2018 10:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: dd781139-3914-47d9-a819-f4a4005adedc
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
Error: (01/18/2018 10:24:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: e622c76b-c52c-4c0a-a5d8-698d789b6053
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
Error: (01/18/2018 10:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 0cea9fb0-c09a-484d-a4ae-38116c4ca2b4
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
Error: (01/18/2018 10:24:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1960
Faulting application start time: 0x01d390dd462c86d7
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 1b1c55db-eec2-4702-a303-c43a31dec04f
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
Error: (01/18/2018 10:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1960
Faulting application start time: 0x01d390dd462c86d7
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: bf773b88-ed6f-4172-9851-949b987efd0d
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
 
 
System errors:
=============
Error: (01/18/2018 11:00:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 10 Version 1703 for x64-based Systems (KB4033631).
 
Error: (01/18/2018 10:43:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8000ffff: Feature update to Windows 10, version 1709.
 
Error: (01/18/2018 10:43:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: 2017-11 Update for Windows 10 Version 1703 for x64-based Systems (KB4049011).
 
Error: (01/18/2018 10:25:37 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaPlaces.PlaceStore did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:24:26 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:24:25 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:22:10 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:21:39 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:19:37 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
Error: (01/18/2018 10:19:35 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===================================
  Date: 2018-01-18 22:29:15.099
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8104.14 MB
Available physical RAM: 4520.91 MB
Total Virtual: 9384.14 MB
Available Virtual: 5719.71 MB
 
==================== Drives ================================
 
Drive c: (TI10684700A) (Fixed) (Total:687.28 GB) (Free:577.95 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 


  • 0

Advertisements


#2
Gary R

Gary R

    Trusted Helper

  • Malware Removal
  • 145 posts

Looking over your logs, I'll be back once I've finished.

 

Talk to you then.


  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP