I have a windows 10 laptop, and as of late it has become extremely unresponsive, and is becoming impossible to use. I am not sure if it is a virus, or hardware so I figured I would start here.
Here is the log from the scans
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.01.2018 01
Ran by Cassie (administrator) on ANTONIO (18-01-2018 22:59:35)
Running from C:\Users\Cassie\Desktop
Loaded Profiles: Cassie (Available Profiles: Cassie)
Platform: Windows 10 Home Version 1703 15063.608 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
() C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\PasswordUtility\readLM.exe
(Toshiba) C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(TOSHIBA) C:\Program Files (x86)\Toshiba\PasswordUtility\readLM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-15e8575b.exe
() C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E1057724-701A-4C7F-B1BA-659C75B0943B}\MPSigStub.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401912 2016-12-02] ()
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\Windows\system32\thpsrv /logon
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2002-04-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [Google Update] => C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2017-11-26] (Google Inc.)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3062048 2017-07-13] (Valve Corporation)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILOE.EXE [297024 2013-08-09] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41061856 2017-11-20] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 216.21.127.249 216.21.127.253
Tcpip\..\Interfaces\{3ef4d42a-ac1c-4c3d-94b5-74530a788611}: [DhcpNameServer] 216.21.127.249 216.21.127.253
Tcpip\..\Interfaces\{77cb6503-3166-4ad3-8097-ca90ac8c832f}: [DhcpNameServer] 127.0.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com/?pc=TNJB
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com
SearchScopes: HKU\S-1-5-21-2438370543-1171411930-338771542-1001 -> DefaultScope {D8F97E52-0A1E-41C4-ACFB-49C18728BC14} URL =
SearchScopes: HKU\S-1-5-21-2438370543-1171411930-338771542-1001 -> {D8F97E52-0A1E-41C4-ACFB-49C18728BC14} URL =
BHO: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
BHO-x32: No Name -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> No File
Edge:
======
Edge Extension: (Office Online) -> 2016_MicrosoftOfficeOnline_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.OfficeOnline_1.5.4.0_neutral__8wekyb3d8bbwe [2017-12-21]
Edge Extension: (Translator For Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.16.0_neutral__8wekyb3d8bbwe [2017-05-10]
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-03] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-24] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2013-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2438370543-1171411930-338771542-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-26] (Google Inc.)
FF Plugin HKU\S-1-5-21-2438370543-1171411930-338771542-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-26] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
CHR Profile: C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default [2018-01-18]
CHR Extension: (Slides) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-07]
CHR Extension: (Dark Theme for Google Chrome) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annfbnbieaamhaimclajlajpijgkdblo [2017-12-07]
CHR Extension: (Docs) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-07]
CHR Extension: (Google Drive) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (DuckDuckGo Search) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2017-05-11]
CHR Extension: (YouTube) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Honey) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-01-18]
CHR Extension: (Google Search) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (High Contrast) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2017-05-10]
CHR Extension: (Sheets) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-07]
CHR Extension: (Google Docs Offline) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (NEnhancer) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijanohecbcpdgnpiabdfehfjgcapepbm [2017-07-09]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-11-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-04]
CHR Extension: (Gmail) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: (Chrome Media Router) - C:\Users\Cassie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-01-18]
CHR HKU\S-1-5-21-2438370543-1171411930-338771542-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc.)
S2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 GFNEXSrv; C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] ()
R2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373752 2016-12-02] (Intel Corporation)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [339456 2013-08-16] (IDT, Inc.) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
U2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-10] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ccSet_NAT; C:\WINDOWS\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193968 2018-01-18] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2018-01-18] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2018-01-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2018-01-18] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2018-01-18] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R1 MpKsl91e3a8e4; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EAB552EC-BF9F-40CF-AF60-B6C17D6A0C7D}\MpKsl91e3a8e4.sys [58120 2017-12-22] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [3485696 2017-03-18] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\Toshiba\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72792 2017-05-04] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-18 22:59 - 2018-01-18 23:01 - 000017706 _____ C:\Users\Cassie\Desktop\FRST.txt
2018-01-18 22:59 - 2018-01-18 22:59 - 000000000 ____D C:\FRST
2018-01-18 22:58 - 2018-01-18 22:58 - 002393088 _____ (Farbar) C:\Users\Cassie\Downloads\FRST64.exe
2018-01-18 22:58 - 2018-01-18 22:58 - 002393088 _____ (Farbar) C:\Users\Cassie\Desktop\FRST64.exe
2018-01-18 22:55 - 2018-01-18 22:55 - 001753600 _____ (Farbar) C:\Users\Cassie\Desktop\FRST.exe
2018-01-18 22:54 - 2018-01-18 22:55 - 001753600 _____ (Farbar) C:\Users\Cassie\Downloads\FRST.exe
2018-01-18 22:54 - 2018-01-18 22:54 - 000004348 _____ C:\WINDOWS\System32\Tasks\Norton Security Scan for Cassie
2018-01-18 22:53 - 2018-01-18 22:53 - 000001548 _____ C:\Users\Public\Desktop\Norton Security Scan.LNK
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\WINDOWS\system32\Drivers\NSSx64
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
2018-01-18 22:53 - 2018-01-18 22:53 - 000000000 ____D C:\Program Files (x86)\Norton Security Scan
2018-01-18 22:29 - 2018-01-18 22:30 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000193968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-01-18 22:29 - 2018-01-18 22:29 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-01-18 22:28 - 2018-01-18 22:28 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-01-18 22:28 - 2018-01-18 22:28 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-01-18 22:28 - 2018-01-18 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-01-18 22:28 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2018-01-18 22:27 - 2018-01-18 22:27 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-18 22:27 - 2018-01-18 22:27 - 000000000 ____D C:\Program Files\Malwarebytes
2018-01-18 22:05 - 2018-01-18 22:06 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\efb3028b-8ac9-46fc-bed2-c63898747326.tmp
2018-01-18 22:04 - 2018-01-18 22:05 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\840fcd88-ae06-47dd-a432-614b07410771.tmp
2018-01-18 22:04 - 2018-01-18 22:04 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\fad04e3e-bfc2-475d-85e3-53fd55f785d3.tmp
2018-01-18 22:02 - 2018-01-18 22:03 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\711f7b13-9951-416b-a919-7d9a3fc79187.tmp
2018-01-18 22:00 - 2018-01-18 22:01 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\94f5ffa5-7789-4eea-9fd8-42c553b2ce4e.tmp
2018-01-18 22:00 - 2018-01-18 22:00 - 000000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2018-01-18 21:59 - 2018-01-18 22:00 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\3b1d144b-9871-4773-9bf4-00ae5df57248.tmp
2018-01-18 21:58 - 2018-01-18 21:59 - 082463440 _____ (Malwarebytes ) C:\Users\Cassie\Downloads\30c56cc2-4bd4-4efb-9340-e505c08040ba.tmp
2017-12-22 01:14 - 2017-12-22 01:14 - 000000000 ___HD C:\$WINDOWS.~BT
2017-12-21 23:55 - 2017-12-21 23:55 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-12-21 22:54 - 2017-12-21 22:54 - 000000000 ___HD C:\OneDriveTemp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-01-18 23:00 - 2017-03-18 14:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-01-18 22:53 - 2013-11-05 03:56 - 000000000 ____D C:\ProgramData\Norton
2018-01-18 22:53 - 2013-11-05 03:56 - 000000000 ____D C:\Program Files (x86)\NortonInstaller
2018-01-18 22:46 - 2017-09-22 22:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-01-18 22:42 - 2014-12-24 23:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-01-18 22:29 - 2017-11-07 15:24 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-01-18 22:27 - 2016-11-25 22:15 - 000000000 ___RD C:\Users\Cassie\Google Drive
2018-01-18 22:26 - 2014-12-24 23:28 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-01-18 22:24 - 2017-03-18 15:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-01-18 22:24 - 2015-08-10 16:08 - 000000000 ____D C:\Program Files (x86)\Steam
2018-01-18 22:24 - 2015-01-04 20:24 - 000000000 ____D C:\Users\Cassie\AppData\Local\CrashDumps
2018-01-18 22:22 - 2014-12-25 17:23 - 000000000 __RDO C:\Users\Cassie\OneDrive
2018-01-18 22:17 - 2016-05-14 02:03 - 000000000 __SHD C:\Users\Cassie\IntelGraphicsProfiles
2018-01-18 22:16 - 2017-09-22 22:57 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-01-18 22:15 - 2017-09-22 23:22 - 000947252 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-01-18 22:15 - 2017-09-22 22:58 - 000000000 ____D C:\Users\Cassie
2018-01-18 22:12 - 2017-09-22 22:51 - 000256208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-01-18 22:10 - 2017-09-22 23:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-01-18 22:10 - 2017-03-18 05:40 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-01-18 22:00 - 2017-03-18 15:03 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-01-18 22:00 - 2017-03-18 05:40 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-01-18 21:52 - 2013-11-05 03:56 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-01-18 20:53 - 2014-12-21 17:30 - 000002523 _____ C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-01-18 20:31 - 2017-05-27 09:33 - 000000000 ____D C:\Users\Cassie\Desktop\Cassie Resume
2017-12-22 01:15 - 2017-09-02 13:09 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-22 00:02 - 2017-03-18 15:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-22 00:00 - 2014-12-21 16:29 - 000000000 ____D C:\Users\Cassie\AppData\Local\Packages
2017-12-21 23:26 - 2015-07-30 14:04 - 000000000 ____D C:\Program Files\Common Files\AV
2017-12-21 22:53 - 2017-09-22 23:55 - 000003362 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2438370543-1171411930-338771542-1001
2017-12-21 22:53 - 2016-05-14 19:46 - 000002415 _____ C:\Users\Cassie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-21 22:35 - 2017-09-22 21:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-08 06:05
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.01.2018 01
Ran by Cassie (18-01-2018 23:01:41)
Running from C:\Users\Cassie\Desktop
Windows 10 Home Version 1703 15063.608 (X64) (2017-09-23 05:45:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2438370543-1171411930-338771542-500 - Administrator - Disabled)
Cassie (S-1-5-21-2438370543-1171411930-338771542-1001 - Administrator - Enabled) => C:\Users\Cassie
DefaultAccount (S-1-5-21-2438370543-1171411930-338771542-503 - Limited - Disabled)
Guest (S-1-5-21-2438370543-1171411930-338771542-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2438370543-1171411930-338771542-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.03) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{420ED767-62A5-462F-9DDA-AE3A95D4BF32}) (Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.)
Backup and Sync from Google (HKLM-x32\...\{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Version: 3.38.7642.3857 - Google, Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3424.05 - CyberLink Corp.)
Dragon Assistant Application en-US version 1.5.11 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service version 1.1.12 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.12 - Nuance Communications, Inc.)
Dragon Assistant Installer version 1.5.11 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Language Data en-US version 1.1.4 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.4 - Nuance Communications, Inc.)
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
EPSON XP-810 Series Printer Uninstall (HKLM\...\EPSON XP-810 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{38561F82-2984-4C99-ADD7-D1166BC3D552}) (Version: 3.0.1335.05 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2438370543-1171411930-338771542-1001\...\OneDriveSetup.exe) (Version: 17.3.7131.1115 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton Security Scan (HKLM-x32\...\NSS) (Version: 4.6.1.150 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Qualcomm Atheros Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.37 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.37.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Display Utility (HKLM\...\{11955FE2-CAC6-4C3B-AA68-F787D7405400}) (Version: 1.1.9.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0001.6403 - Toshiba Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.5.0003.64001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2438370543-1171411930-338771542-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Cassie\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-20] (Google)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-20] (Google)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-12-02] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {079AC2D2-0D14-4936-82CB-2B48A6352A91} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0D21BBCE-5FF6-4613-B62C-48148CA6EAA1} - \Microsoft\Windows\RAC\RacTask -> No File <==== ATTENTION
Task: {0DF4117A-53A3-45AA-B5AD-E97EBBCA5787} - \Norton Anti-Theft\Norton Error Processor -> No File <==== ATTENTION
Task: {0E74B7B4-D6FD-4F07-87B9-A23227DCA3E8} - \Microsoft\Windows\WindowsUpdate\Scheduled Start With Network -> No File <==== ATTENTION
Task: {1A4230A2-E136-4936-9B22-DDF624BB8332} - \Microsoft\Windows\IME\SQM data sender -> No File <==== ATTENTION
Task: {1B7164C0-BBD8-400D-80D6-0F0B4BA0FF58} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {1D566EAF-BF50-44C7-8A18-5D0ED471E253} - \TOSHIBA\Service Station -> No File <==== ATTENTION
Task: {26FA61E4-AE6D-4A80-8F3D-F81E202CAF62} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ef39836853d6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27D9BC0C-A809-48A0-ABA8-34D462B6C20E} - \Optimize Start Menu Cache Files-S-1-5-21-2438370543-1171411930-338771542-500 -> No File <==== ATTENTION
Task: {2ABD570A-E314-4883-AE9D-B49A3D043331} - \WPD\SqmUpload_S-1-5-21-2438370543-1171411930-338771542-1001 -> No File <==== ATTENTION
Task: {2F7DC103-9C97-4825-B558-AD23EF96616F} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - \Microsoft\Windows\Workplace Join\Automatic-Workplace-Join -> No File <==== ATTENTION
Task: {3A5BC880-E0C3-4B03-992B-1C08844591DB} - \Norton WSC Integration -> No File <==== ATTENTION
Task: {4520E8A9-AF06-4122-859B-E4B655B29B36} - \Microsoft\Windows\AppID\SmartScreenSpecific -> No File <==== ATTENTION
Task: {4A2A3C82-FC0A-46BD-A719-DC38982F79FC} - \Microsoft\Windows\UpdateOrchestrator\Policy Install -> No File <==== ATTENTION
Task: {4AF9B1F1-3801-41F0-A617-793AF63DC9A7} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {4D5A14C6-C63F-4FA6-9034-ED8DF6B0125A} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - \Microsoft\Windows\Customer Experience Improvement Program\BthSQM -> No File <==== ATTENTION
Task: {607049E3-F759-4D15-A254-6012A4F11077} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {652E08C9-1139-4CCF-9B45-06DD35F8D99D} - \EPSON XP-810 Series Update {077F468C-D605-4039-BF87-F2D772B0B66C} -> No File <==== ATTENTION
Task: {67E727D0-6387-4D97-9440-C0816C1D50F5} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {6C1D0531-03E2-4829-81C1-8DE05111AFEC} - \Microsoft\XblGameSave\XblGameSaveTaskLogon -> No File <==== ATTENTION
Task: {6C36F675-5652-4D58-9BAE-F48501A70EAB} - \Optimize Start Menu Cache Files-S-1-5-21-2438370543-1171411930-338771542-1001 -> No File <==== ATTENTION
Task: {6DA582B4-A313-4EAE-8190-ACD50DBCC839} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core1d1ef399bd00c9e => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - \Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task -> No File <==== ATTENTION
Task: {73250A29-8FF5-4DFE-8D11-9A1BC33A8B6E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA1d1ef399c51f86f => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {77F7A208-60CB-42CE-8085-96B61AD3EC1D} - \Microsoft\Windows\WindowsUpdate\AUFirmwareInstall -> No File <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - \Microsoft\Windows\SkyDrive\Routine Maintenance Task -> No File <==== ATTENTION
Task: {8F461ED8-7BBC-4939-A93F-B7EEE4E707D9} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot -> No File <==== ATTENTION
Task: {917B2B5E-48A0-4D6F-8D04-2578BB960918} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {9459D61D-5062-441A-BC01-C32C58E3D06A} - \Norton AntiVirus\Norton Error Processor -> No File <==== ATTENTION
Task: {97A46B9B-9A90-49B5-ADFC-D013A0278E37} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {97F618DC-07C7-48B2-8C44-9645E9B3EA8F} - \Microsoft\Windows\Customer Experience Improvement Program\Uploader -> No File <==== ATTENTION
Task: {9ED98AA6-4991-46D1-A14A-6FBFA34743C6} - \Norton Anti-Theft\Norton Error Analyzer -> No File <==== ATTENTION
Task: {A9CE4069-D1C8-4D0A-BD23-B08B5B8148A6} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTION
Task: {AB0CA722-AEA4-4F8C-AFA8-CC0E5D61E649} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ADA8D520-83D6-408A-BCED-FDEA24BE0523} - \Norton AntiVirus\Norton Error Analyzer -> No File <==== ATTENTION
Task: {AE4A2738-81E2-4A5A-9078-8CFD0A139488} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {B03BC7D4-D74C-40FC-868C-2BAD206E58A9} - \Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate -> No File <==== ATTENTION
Task: {B69346EC-71BD-4295-B0B1-C609DC64C4C0} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {B9865714-329D-4F06-B6BF-87857782D4EA} - \Microsoft\Windows\Shell\FamilySafetyUpload -> No File <==== ATTENTION
Task: {BE0C76BA-C5BE-4291-9B33-51610D9F61EC} - \Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display -> No File <==== ATTENTION
Task: {C42517B7-1DBB-4EBE-91AF-31962D1126C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C447CF30-4003-46EF-8C0C-15D35409D5EC} - \GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core -> No File <==== ATTENTION
Task: {C4AE3C3E-C327-4689-B6FD-C11FB31AE88B} - \Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler -> No File <==== ATTENTION
Task: {C4FA3445-A4EC-4D4C-8F90-8C400F86EB80} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ef3982aa8510 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C6B2579B-4962-4D12-883D-BBD420573A6C} - \Microsoft\Windows\DeviceDirectoryClient\RegisterDevicePeriodic1 -> No File <==== ATTENTION
Task: {C9ACBFD2-20AA-4A3F-BE1A-A3D5279BB1BB} - \Microsoft\Windows\Plug and Play\Plug and Play Cleanup -> No File <==== ATTENTION
Task: {CC9DB7EA-3189-49C1-825A-07E7D4ED16BF} - \Microsoft\Windows\WindowsUpdate\AUSessionConnect -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - \Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor -> No File <==== ATTENTION
Task: {D097FDC4-9FF6-451C-9701-C0333B886CEF} - \Resolution+ Setting Task -> No File <==== ATTENTION
Task: {D24AC8D1-9488-4183-A1FA-AF64B26D30FF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {DA73F83B-0C70-4C65-93C2-C91B3B9F7862} - \Microsoft\Windows\Setup\UpgradeTriggers\UpgradeNowTask -> No File <==== ATTENTION
Task: {DB9D646E-442D-4BC8-A21E-74CA9DFFDD3E} - System32\Tasks\Norton Security Scan for Cassie => C:\Program Files (x86)\Norton Security Scan\Engine\4.6.1.150\Nss.exe [2018-01-10] (Symantec Corporation)
Task: {E72D92DA-22CA-42DA-BEB3-B483A8EA23EE} - \GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA -> No File <==== ATTENTION
Task: {E9A57D7A-4752-4F68-A86A-A996CE1BB3BB} - \Remediation\AntimalwareMigrationTask -> No File <==== ATTENTION
Task: {EDFE275E-3089-4BFD-B863-90EF94D0E684} - \Microsoft\Windows\WindowsUpdate\AUScheduledInstall -> No File <==== ATTENTION
Task: {EE47F2AB-EDB9-4291-B621-05A2022C85EC} - \Microsoft\Windows\RemovalTools\MRT_HB -> No File <==== ATTENTION
Task: {F03AC953-36F4-4707-9F21-1F2BAD8FA775} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {F3889643-F87B-4BED-86C1-B38A0EA18910} - \EPSON XP-810 Series Invitation {077F468C-D605-4039-BF87-F2D772B0B66C} -> No File <==== ATTENTION
Task: {F8A0E106-3CE2-4519-A194-11CD78E53D09} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {F8E24443-BF96-49D5-AAD9-3A07E02023AA} - \Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate -> No File <==== ATTENTION
Task: {F9CAC644-A6EB-4BD8-BF8C-21FF8A6DA361} - \User_Feed_Synchronization-{36EB20CD-520E-4CEB-A6D3-B513686BD73C} -> No File <==== ATTENTION
Task: {FC08AC06-B417-4A13-8F50-86DA727D3271} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\EPSON XP-810 Series Invitation {077F468C-D605-4039-BF87-F2D772B0B66C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-810 Series Update {077F468C-D605-4039-BF87-F2D772B0B66C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLOE.EXE:/EXE:{077F468C-D605-4039-BF87-F2D772B0B66C} /F:UpdateWORKGROUP\ANTONIO$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001Core.job => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2438370543-1171411930-338771542-1001UA.job => C:\Users\Cassie\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-03-27 13:53 - 2013-03-27 13:53 - 000163168 _____ () C:\Program Files (x86)\Toshiba\PasswordUtility\GFNEXSrv.exe
2017-03-18 14:58 - 2017-03-18 14:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 14:59 - 2017-03-18 20:31 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-02 07:32 - 2016-12-02 07:32 - 000401912 _____ () C:\WINDOWS\system32\igfxTray.exe
2012-07-18 19:38 - 2012-07-18 19:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2017-11-20 15:27 - 2017-11-20 15:27 - 041061856 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2013-08-01 15:24 - 2013-08-01 15:24 - 000438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2018-01-18 22:28 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-01-18 22:28 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-17 22:12 - 2018-01-18 22:31 - 000545440 _____ () C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\{E1057724-701A-4C7F-B1BA-659C75B0943B}\MPSigStub.exe
2018-01-18 20:53 - 2018-01-03 03:20 - 004063064 _____ () C:\Users\Cassie\AppData\Local\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-18 20:53 - 2018-01-03 03:20 - 000099672 _____ () C:\Users\Cassie\AppData\Local\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-03-18 14:58 - 2017-03-18 14:58 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2017-07-10 23:40 - 2017-07-10 23:40 - 002331136 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll
2017-07-10 23:40 - 2017-07-10 23:40 - 002836480 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2017-09-24 00:07 - 2017-09-04 23:19 - 004125088 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2014-04-18 03:10 - 2013-09-03 17:52 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-12-21 22:52 - 2017-12-21 22:52 - 000102088 _____ () C:\Users\Cassie\AppData\Local\Microsoft\OneDrive\17.3.7131.1115\UpdateRingSettings.dll
2018-01-18 22:18 - 2018-01-18 22:18 - 000088064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_ctypes.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000919552 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_hashlib.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000098816 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32api.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000110080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pywintypes27.dll
2018-01-18 22:19 - 2018-01-18 22:19 - 000364544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pythoncom27.dll
2018-01-18 22:19 - 2018-01-18 22:19 - 000686080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\unicodedata.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000320512 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32com.shell.shell.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 001177088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._core_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000806912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._gdi_.pyd
2018-01-18 22:20 - 2018-01-18 22:21 - 000816640 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._windows_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 001067520 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._controls_.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000733696 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._misc_.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000736256 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pysqlite2._sqlite.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000119808 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32file.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000108544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32security.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000007168 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\hashobjs_ext.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000017920 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\thumbnails_ext.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000082432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\usb_ext.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000013824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\common.time34.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000018432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32event.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.conditional.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.winwrap.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000089088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.volumes.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000167936 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32gui.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000046080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_socket.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 001311744 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_ssl.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000129536 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_elementtree.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000127488 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\pyexpat.pyd
2018-01-18 22:19 - 2018-01-18 22:20 - 000038912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32inet.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000077824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\wx._html2.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000036864 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_psutil_windows.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000524248 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows._lib_cacheinvalidation.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000011264 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32crypt.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000218624 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\PIL._imaging.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_multiprocessing.pyd
2018-01-18 22:18 - 2018-01-18 22:18 - 000020480 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\_yappi.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000035840 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32process.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000024064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32pipe.pyd
2018-01-18 22:19 - 2018-01-18 22:19 - 000010240 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\select.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000025600 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32pdh.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000059392 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\windows.device_monitor.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32profile.pyd
2018-01-18 22:20 - 2018-01-18 22:20 - 000022528 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI86522\win32ts.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000088064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_ctypes.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000919552 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_hashlib.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000098816 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32api.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000110080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pywintypes27.dll
2018-01-18 22:27 - 2018-01-18 22:27 - 000364544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pythoncom27.dll
2018-01-18 22:27 - 2018-01-18 22:27 - 000686080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\unicodedata.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000320512 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32com.shell.shell.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 001177088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._core_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000806912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._gdi_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000816640 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._windows_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 001067520 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._controls_.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000733696 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._misc_.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000736256 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pysqlite2._sqlite.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000119808 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32file.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000108544 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32security.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000007168 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\hashobjs_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000017920 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\thumbnails_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000082432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\usb_ext.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000013824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\common.time34.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000018432 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32event.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.conditional.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.winwrap.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000089088 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.volumes.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000167936 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32gui.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000046080 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_socket.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 001311744 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_ssl.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000129536 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_elementtree.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000127488 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\pyexpat.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000038912 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32inet.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000077824 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\wx._html2.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000036864 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_psutil_windows.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000524248 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows._lib_cacheinvalidation.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000011264 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32crypt.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000218624 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\PIL._imaging.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000027648 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_multiprocessing.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000020480 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\_yappi.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000035840 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32process.pyd
2018-01-18 22:27 - 2018-01-18 22:28 - 000024064 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32pipe.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000010240 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\select.pyd
2018-01-18 22:27 - 2018-01-18 22:27 - 000025600 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32pdh.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000059392 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\windows.device_monitor.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000017408 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32profile.pyd
2018-01-18 22:28 - 2018-01-18 22:28 - 000022528 _____ () C:\Users\Cassie\AppData\Local\Temp\_MEI69602\win32ts.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 07:25 - 2013-08-22 07:25 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2438370543-1171411930-338771542-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Cassie\Desktop\Cassie's Folder\Photos\Photos\Video Game Stuff\Arcade 1.jpg
DNS Servers: 216.21.127.249 - 216.21.127.253
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{42DEFB7C-6E96-4335-B0C9-DC725EFEF6F9}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{A0DC19A5-AAD6-4FDB-A569-1AF19A70CEE0}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{D6CF8169-0C3A-4CCF-8863-90EA21FF0183}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2028368A-7676-40E0-ACAD-5366637D678B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [UDP Query User{F1E92A38-D72D-49F8-81C9-C81B75A0148D}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{E49A9C49-FA4C-4AE4-A2BE-5658E3B9615A}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7492A45E-FEF0-49C4-8744-068EA662CAB2}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{C35CF434-D475-402B-A5E0-C956D725A5A2}C:\users\cassie\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cassie\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{6B87EA6B-0EF8-471F-A33C-748576E8AF88}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7DE3F711-CEC2-43F3-A5B7-37E20E5A5413}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FBEFB85F-D577-496E-90B0-E3D7EA36FF90}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{3F2D510A-335B-45D3-A633-A7D0492F54C3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{4B23B346-B5D8-4730-82F8-1F605E198302}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{0AC9FD6C-7F2A-4D8E-A0FC-94A39D834E4B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Five Nights at Freddy's\FiveNightsatFreddys.exe
FirewallRules: [{E9EDD3D0-5086-447B-8DC9-5B2AECA44AF1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{131BAEA9-CE14-4757-881F-BF8E5AB7FFA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{90CE8AF9-89B5-4B75-B6CF-1C4D0E3C0694}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{23331EBC-3984-43B5-875E-B832060EF181}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{10E7E317-806D-4DD9-B0F0-6600A2F61F80}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Restore Points =========================
08-11-2017 03:28:14 Windows Update
08-11-2017 03:29:02 Windows Update
18-01-2018 21:23:14 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/18/2018 10:42:44 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (01/18/2018 10:24:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/18/2018 10:24:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/18/2018 10:24:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANTONIO)
Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!ContentProcess failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (01/18/2018 10:24:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 13dc5f4e-9530-44ce-b84d-cd00b0e8704f
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/18/2018 10:24:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: dd781139-3914-47d9-a819-f4a4005adedc
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/18/2018 10:24:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: e622c76b-c52c-4c0a-a5d8-698d789b6053
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/18/2018 10:24:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x28c4
Faulting application start time: 0x01d390dd5ad5009c
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 0cea9fb0-c09a-484d-a4ae-38116c4ca2b4
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/18/2018 10:24:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1960
Faulting application start time: 0x01d390dd462c86d7
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: 1b1c55db-eec2-4702-a303-c43a31dec04f
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
Error: (01/18/2018 10:23:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.15063.608, time stamp: 0x59ae240c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000604
Fault offset: 0x0000000000000000
Faulting process id: 0x1960
Faulting application start time: 0x01d390dd462c86d7
Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Faulting module path: unknown
Report Id: bf773b88-ed6f-4172-9851-949b987efd0d
Faulting package full name: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: ContentProcess
System errors:
=============
Error: (01/18/2018 11:00:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: Update for Windows 10 Version 1703 for x64-based Systems (KB4033631).
Error: (01/18/2018 10:43:47 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x8000ffff: Feature update to Windows 10, version 1709.
Error: (01/18/2018 10:43:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246013: 2017-11 Update for Windows 10 Version 1703 for x64-based Systems (KB4049011).
Error: (01/18/2018 10:25:37 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.Windows.Cortana_1.8.12.15063_neutral_neutral_cw5n1h2txyewy!CortanaPlaces.PlaceStore did not register with DCOM within the required timeout.
Error: (01/18/2018 10:24:26 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
Error: (01/18/2018 10:24:25 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
Error: (01/18/2018 10:22:10 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
Error: (01/18/2018 10:21:39 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
Error: (01/18/2018 10:19:37 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
Error: (01/18/2018 10:19:35 PM) (Source: DCOM) (EventID: 10010) (User: ANTONIO)
Description: The server Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe!ContentProcess did not register with DCOM within the required timeout.
CodeIntegrity:
===================================
Date: 2018-01-18 22:29:15.099
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Users\Cassie\AppData\Local\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 44%
Total physical RAM: 8104.14 MB
Available physical RAM: 4520.91 MB
Total Virtual: 9384.14 MB
Available Virtual: 5719.71 MB
==================== Drives ================================
Drive c: (TI10684700A) (Fixed) (Total:687.28 GB) (Free:577.95 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================