Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop running slow, possible virus


  • Please log in to reply

#16
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

I'm going to try to disable Windows Defender rather than removing it.  That way if you decide you would rather have it we can reenable it

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   2.88KB   13 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Also give me a new Process Explorer log. 

 


  • 0

Advertisements


#17
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by eviei (22-08-2018 00:43:05) Run:1
Running from C:\Users\eviei\Desktop
Loaded Profiles: eviei (Available Profiles: eviei)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\ProgramData\WildTangent\GameInstalls\WTA-0db591fa-a369-4dea-816e-d799d5db286b-extr.exe
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
REG: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 0x1 /f
REG: reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /s
Task: {0D7A9184-8EE0-447C-A778-A0B287D9E946} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [2018-05-04] (McAfee, Inc.)
Task: {423D9321-3159-4E6E-BBC5-C4182B681347} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {6FE15F7D-2137-46C5-B226-8EC2AD9C4945} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {838A0FD6-004E-4652-AD76-27FE3924805C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.1.178\DADUpdater.exe [2018-07-14] (McAfee, Inc.)
Task: {B5493E25-7FD6-4BBB-B0F2-94637CB2F012} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\platform\McUICnt.exe [2017-10-04] (McAfee, Inc.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
"C:\ProgramData\WildTangent\GameInstalls\WTA-0db591fa-a369-4dea-816e-d799d5db286b-extr.exe" => not found
"HKLM\Software\Classes\PROTOCOLS\Filter\application/x-mfe-ipt" => removed successfully
HKLM\Software\Classes\CLSID\{3EF5086B-5478-4598-A054-786C45D75692} => not found
 
========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 0x1 /f =========
 
The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /s =========
 
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender
    DisableAntiSpyware    REG_DWORD    0x1
 
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender\Policy Manager
 
 
 
========= End of Reg: =========
 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D7A9184-8EE0-447C-A778-A0B287D9E946} => not found
"C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee Remediation (Prepare) => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{423D9321-3159-4E6E-BBC5-C4182B681347} => not found
"C:\WINDOWS\System32\Tasks\McAfee\McAfee Idle Detection Task" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Idle Detection Task" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FE15F7D-2137-46C5-B226-8EC2AD9C4945} => not found
"C:\WINDOWS\System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\McAfee Auto Maintenance Task Agent" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{838A0FD6-004E-4652-AD76-27FE3924805C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{838A0FD6-004E-4652-AD76-27FE3924805C}" => removed successfully
C:\WINDOWS\System32\Tasks\McAfee\DAD.Execute.Updates => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfee\DAD.Execute.Updates" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5493E25-7FD6-4BBB-B0F2-94637CB2F012} => not found
"C:\WINDOWS\System32\Tasks\McAfeeLogon" => not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\McAfeeLogon => not found
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => moved successfully
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Microsoft-Windows-LiveId/Analytic. Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational. Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic. The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 00:46:51 ====
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.08.2018 02
Ran by eviei (administrator) on LAPTOP-VCBMR6EO (22-08-2018 00:53:01)
Running from C:\Users\eviei\Desktop
Loaded Profiles: eviei (Available Profiles: eviei)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.10325.20117.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
Failed to access process -> HPMSGSVC.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9216000 2017-04-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-21] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d7c83393-01ff-488e-b4c7-ce4733f24f2d}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-18] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-07] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-07] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: l7f6zkd0.default
FF ProfilePath: C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default\Extensions\[email protected] [2018-08-20]
FF Extension: (Avast Online Security) - C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default\Extensions\[email protected] [2018-08-20]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default [2018-08-21]
CHR Extension: (Slides) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-14]
CHR Extension: (Docs) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-14]
CHR Extension: (Google Drive) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-14]
CHR Extension: (YouTube) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-14]
CHR Extension: (Sheets) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-17]
CHR Extension: (Avast Online Security) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-14]
CHR Extension: (Gmail) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-20] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2017-03-28] (Intel Corporation)
U2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3394072 2017-03-01] (HP Inc.)
S2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2017-03-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-13] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360456 2018-04-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-21] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-21] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-21] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-21] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-21] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467232 2018-08-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214800 2018-08-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-21] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2017-03-28] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2017-03-28] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2017-03-28] (Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7407064 2017-03-28] (Intel Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-04-28] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55304 2018-04-13] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-22 00:43 - 2018-08-22 00:46 - 000005014 _____ C:\Users\eviei\Desktop\Fixlog.txt
2018-08-22 00:14 - 2018-08-22 00:15 - 000000000 ___HD C:\$WINDOWS.~BT
2018-08-21 19:34 - 2018-08-21 19:34 - 000000000 ___HD C:\OneDriveTemp
2018-08-21 19:07 - 2018-08-21 19:07 - 000000070 _____ C:\Users\eviei\Desktop\failed update.txt
2018-08-21 18:47 - 2018-08-21 18:49 - 000043594 _____ C:\Users\eviei\Desktop\Addition.txt
2018-08-21 18:43 - 2018-08-22 00:54 - 000018863 _____ C:\Users\eviei\Desktop\FRST.txt
2018-08-21 14:44 - 2018-08-21 14:44 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-21 12:24 - 2018-08-21 12:25 - 013669907 _____ C:\Users\eviei\Downloads\windows10.0-kb4090914-x64_c72e85e0ed037eee289e3793c01b5f0a0f7b63f1.msu
2018-08-21 12:15 - 2018-08-21 12:15 - 000000000 ____D C:\Users\eviei\AppData\Local\ElevatedDiagnostics
2018-08-21 01:10 - 2018-08-21 20:04 - 000000000 ____D C:\Users\eviei\AppData\Local\CrashDumps
2018-08-20 22:19 - 2018-08-21 01:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-20 20:02 - 2018-08-21 14:53 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-20 19:53 - 2018-08-20 19:53 - 000000000 ____D C:\Users\eviei\AppData\Roaming\AVAST Software
2018-08-20 19:52 - 2018-08-20 19:52 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-08-20 19:52 - 2018-08-20 19:52 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-20 19:52 - 2018-08-20 19:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-08-20 19:51 - 2018-08-21 17:56 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-20 19:51 - 2018-08-20 19:51 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-20 19:45 - 2018-08-20 19:53 - 000000000 ____D C:\Users\eviei\AppData\Local\AVAST Software
2018-08-20 19:45 - 2018-08-20 19:45 - 000003458 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-08-20 19:45 - 2018-08-20 19:45 - 000003334 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-08-20 19:45 - 2018-08-20 19:45 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-08-20 19:44 - 2018-08-21 14:44 - 000467232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000214800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-20 19:44 - 2018-08-20 19:43 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-20 19:43 - 2018-08-20 19:43 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-08-20 19:41 - 2018-08-20 19:41 - 000000000 ____D C:\Program Files\AVAST Software
2018-08-20 19:40 - 2018-08-20 20:10 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-20 19:10 - 2018-08-20 19:10 - 010593472 _____ (McAfee, Inc.) C:\Users\eviei\Downloads\MCPR.exe
2018-08-20 19:07 - 2018-08-20 19:10 - 262470744 _____ (AVAST Software) C:\Users\eviei\Downloads\avast_free_antivirus_setup_offline (1).exe
2018-08-18 23:22 - 2018-08-18 23:22 - 000000000 ____D C:\Windows.old
2018-08-18 19:55 - 2018-08-18 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2018-08-18 19:55 - 2018-08-18 19:57 - 000000000 ____D C:\Program Files\LatencyMon
2018-08-18 19:55 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2018-08-18 19:53 - 2018-08-18 19:54 - 002476504 _____ (Resplendence Software Projects Sp. ) C:\Users\eviei\Desktop\LatencyMon.exe
2018-08-18 18:57 - 2018-08-18 18:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-18 18:57 - 2018-08-18 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-18 18:42 - 2018-08-18 18:42 - 000000000 _____ C:\junk.txtnet stop BITS
2018-08-14 08:38 - 2018-08-18 20:22 - 000000036 _____ C:\WINDOWS\progress.ini
2018-08-14 08:15 - 2018-08-14 08:15 - 000000000 ____D C:\Users\eviei\Documents\Lightshot
2018-08-14 08:14 - 2018-08-18 19:43 - 000000420 _____ C:\WINDOWS\Tasks\update-sys.job
2018-08-14 08:14 - 2018-08-18 19:43 - 000000420 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001.job
2018-08-14 08:14 - 2018-08-14 08:14 - 000003410 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001
2018-08-14 08:14 - 2018-08-14 08:14 - 000003346 _____ C:\WINDOWS\System32\Tasks\update-sys
2018-08-14 08:14 - 2018-08-14 08:14 - 000000425 _____ C:\Users\eviei\AppData\Local\UserProducts.xml
2018-08-14 08:14 - 2018-08-14 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2018-08-14 08:14 - 2018-08-14 08:14 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2018-08-14 07:57 - 2018-08-21 18:43 - 002413056 _____ (Farbar) C:\Users\eviei\Desktop\FRST64.exe
2018-08-13 17:01 - 2018-08-14 07:54 - 000000000 ____D C:\Users\eviei\Desktop\fulleventlogview-x64
2018-08-13 17:01 - 2018-08-13 17:01 - 000096374 _____ C:\Users\eviei\Desktop\fulleventlogview-x64.zip
2018-08-10 21:03 - 2018-08-10 21:03 - 006889184 _____ (Piriform Ltd) C:\Users\eviei\Desktop\spsetup132.exe
2018-08-10 20:56 - 2018-08-10 20:56 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-08-10 20:56 - 2018-08-10 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-08-10 20:56 - 2018-08-10 20:56 - 000000000 ____D C:\Program Files\Speccy
2018-08-10 20:47 - 2018-08-13 17:34 - 000000000 _____ C:\junk.txt
2018-08-10 20:40 - 2018-08-10 20:03 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\eviei\Desktop\procexp(1).exe
2018-08-10 20:39 - 2018-08-21 18:38 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-08-10 20:16 - 2018-08-18 20:23 - 000000000 ___HD C:\$GetCurrent
2018-08-10 20:12 - 2018-08-18 20:13 - 000000000 ____D C:\Windows10Upgrade
2018-08-10 20:04 - 2018-08-18 19:49 - 000000000 ____D C:\Program Files\rempl
2018-08-10 20:04 - 2018-08-10 20:04 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-08-10 19:12 - 2018-08-10 19:12 - 000061440 _____ ( ) C:\Users\eviei\Downloads\VEW.exe
2018-08-10 19:09 - 2018-08-18 22:52 - 000000255 _____ C:\VEW.txt
2018-08-10 18:48 - 2018-08-10 18:48 - 000054905 _____ C:\sfcdetails.txt
2018-08-10 17:38 - 2018-06-29 04:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-08-10 17:38 - 2018-06-29 03:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-10 17:38 - 2018-06-13 17:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-08-10 17:38 - 2018-06-13 17:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-10 17:38 - 2018-06-08 02:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-08-10 17:38 - 2018-06-08 02:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-08-10 17:38 - 2018-06-08 01:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-10 17:38 - 2018-05-11 17:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-08-10 17:38 - 2018-05-03 02:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-08-10 17:38 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-08-10 17:38 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-08-10 17:38 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-08-10 17:38 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-10 17:38 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-08-10 17:38 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-08-10 17:38 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-08-10 17:38 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-08-10 17:38 - 2018-03-13 01:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-08-10 17:38 - 2018-03-01 03:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-08-10 17:38 - 2018-03-01 02:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-08-10 16:36 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-07-24 14:47 - 2018-07-24 14:48 - 000000168 _____ C:\Users\eviei\Desktop\Geeks 2 Go.url
2018-07-24 14:29 - 2018-08-22 00:53 - 000000000 ____D C:\FRST
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-22 00:53 - 2017-11-25 13:31 - 000000000 __RDL C:\Users\eviei\OneDrive
2018-08-22 00:52 - 2017-12-15 13:11 - 000000000 ___RD C:\Users\eviei\iCloudDrive
2018-08-22 00:50 - 2018-01-06 17:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-22 00:50 - 2017-11-25 06:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-22 00:50 - 2017-11-24 23:18 - 000000000 __SHD C:\Users\eviei\IntelGraphicsProfiles
2018-08-22 00:49 - 2017-09-29 04:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-22 00:43 - 2018-01-06 17:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-08-22 00:41 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-08-22 00:15 - 2018-01-02 15:59 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-21 23:59 - 2018-01-06 16:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-21 23:15 - 2017-09-29 09:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-21 22:43 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-21 18:34 - 2017-07-10 18:30 - 000000000 ____D C:\Program Files (x86)\WildGames
2018-08-21 18:30 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-21 18:27 - 2017-07-10 18:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-08-21 18:27 - 2017-07-10 18:29 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2018-08-21 18:26 - 2017-11-25 13:41 - 000000000 ____D C:\Users\eviei\AppData\Roaming\WildTangent
2018-08-21 18:26 - 2017-07-10 18:29 - 000000000 ____D C:\ProgramData\WildTangent
2018-08-21 17:55 - 2018-07-17 16:50 - 000004210 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-08-21 17:46 - 2018-01-06 17:05 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-08-21 17:46 - 2018-01-06 17:05 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-08-21 14:44 - 2017-09-29 09:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-21 01:57 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-21 01:56 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-21 01:10 - 2017-09-29 09:44 - 000000000 ____D C:\WINDOWS\INF
2018-08-21 00:58 - 2018-01-06 16:41 - 000000000 ____D C:\Users\eviei
2018-08-20 22:02 - 2018-01-06 18:10 - 000000000 ____D C:\Users\eviei\AppData\Local\PlaceholderTileLogoFolder
2018-08-20 21:51 - 2017-09-29 04:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-08-20 21:40 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\Registration
2018-08-20 21:39 - 2018-01-06 17:03 - 000003813 _____ C:\WINDOWS\diagwrn.xml
2018-08-20 21:39 - 2018-01-06 17:03 - 000003813 _____ C:\WINDOWS\diagerr.xml
2018-08-20 21:39 - 2018-01-06 16:42 - 000000000 ____D C:\Users\eviei\AppData\Local\Packages
2018-08-20 19:11 - 2017-11-26 13:11 - 000000000 ____D C:\Users\eviei\AppData\Local\Google
2018-08-20 19:05 - 2018-01-06 17:05 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9EFFB82A-7611-47E7-86AA-97C36493FDC0}
2018-08-18 22:47 - 2017-12-04 11:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-18 20:36 - 2017-12-04 11:07 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-18 19:00 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-18 18:57 - 2017-05-17 15:01 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-18 18:55 - 2017-05-17 14:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-18 18:49 - 2017-12-15 13:12 - 000000000 ____D C:\Users\eviei\AppData\Local\25BD9BF9-9D91-4D97-B838-DC3BB88CD26F.aplzod
2018-08-14 09:48 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\rescache
2018-08-14 08:11 - 2018-01-29 12:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-14 07:55 - 2018-07-14 10:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-14 07:55 - 2018-07-14 10:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-13 17:24 - 2017-11-24 23:18 - 000000000 ____D C:\Users\eviei\AppData\Local\VirtualStore
2018-08-10 16:10 - 2018-01-29 12:15 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-08-10 06:59 - 2018-01-06 17:05 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3252656029-1357310190-2560453275-1001
2018-08-10 06:59 - 2017-11-25 13:31 - 000002374 _____ C:\Users\eviei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-10 06:47 - 2018-06-08 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-06 11:31 - 2018-06-08 10:00 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 11:31 - 2018-06-08 10:00 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2018-08-14 08:14 - 2018-08-14 08:14 - 000000003 _____ () C:\Users\eviei\AppData\Local\updater.log
2018-08-14 08:14 - 2018-08-14 08:14 - 000000425 _____ () C:\Users\eviei\AppData\Local\UserProducts.xml
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-08-14 08:41
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.08.2018 02
Ran by eviei (22-08-2018 00:56:30)
Running from C:\Users\eviei\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2018-01-06 21:07:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3252656029-1357310190-2560453275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3252656029-1357310190-2560453275-503 - Limited - Disabled)
eviei (S-1-5-21-3252656029-1357310190-2560453275-1001 - Administrator - Enabled) => C:\Users\eviei
Guest (S-1-5-21-3252656029-1357310190-2560453275-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3252656029-1357310190-2560453275-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6500 E710n-z Product Improvement Study (HKLM\...\{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Orbit (HKLM-x32\...\{04ec2b32-255d-418f-b6ca-dec62b872f5d}) (Version: 1.3.60.240 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.8.47.1 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4568 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
OpenOffice 4.1.4 (HKLM-x32\...\{BDB210E1-06C5-451F-BDAC-C18DDC7C2F14}) (Version: 4.14.9788 - Apache Software Foundation)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.1.21 - Intuit)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8110 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.91 - REALTEK Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-28] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01440DAC-24D7-48A8-9E99-B810B39874D1} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {04AA1629-EF07-4EAE-A0E5-11833ED2F309} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {17274F53-FA17-4E34-96FF-0E1327054FE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {1951ECBE-969A-4989-9251-0571D58A76C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-07] (HP Inc.)
Task: {1A09D701-222B-4815-A8E6-145F7862F8C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {24E6D1C4-FD38-45AE-A418-94B279052DCB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {25C7F0C3-1033-48AF-809F-100972101ACF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {2CDE08E0-5FC8-4F6C-9E04-FE40CCD63335} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM)
Task: {3C5987AB-F2AE-4DE8-BB95-50FF6BE777CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {3DB56C06-6D81-42A8-A190-6205156EE673} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
Task: {483200C2-9BF2-4D6C-854F-146CB75F18E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {4FADD0EE-4A68-4921-9D23-ABB995D87E9B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {50AA2566-CA51-4C37-A182-6A123CE83181} - System32\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {54F7C05B-B1A8-48CA-A370-02385760F081} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-20] (AVAST Software)
Task: {5869F381-9C12-4433-8F12-F98517F48A04} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5B27AE94-DEDC-40AB-BC87-D400AA59150B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {6E5C73A1-891C-4E82-B32E-1F16BE58CDA0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-20] (AVAST Software)
Task: {6EDEAE39-C2C6-40F9-B565-F7541BAC374D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {7613FFA6-FCD0-4A1F-9574-64A72C68AFA1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {8F5506A0-CF54-4F32-8E7C-5C050A447437} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {99803403-DBA7-4F2E-A246-EEDBC202030A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {9F0CD6DA-2FB7-47F0-AF24-861016F267D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {BAC6117A-DF1A-4862-83E4-CE84783E7860} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-18] (Microsoft Corporation)
Task: {BF8F0BF8-A096-4CEA-85E3-8E2CD0C286F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {C4430160-DAB2-4897-9BA2-5BDD1C6C8B7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {C45888EF-4214-47C6-9F4E-1943F54D087D} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {D0C60BAD-9219-4A90-AA10-D5CEC13D93AA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-07] (HP Inc.)
Task: {D23F3031-8367-4F94-89F8-AEC5AA472621} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-18] (Microsoft Corporation)
Task: {DECC7D8B-3349-4F4E-9FC4-63CD00CBF1FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {DF08C6B9-02BF-43D3-81E8-F64105EE32EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-07] (HP Inc.)
Task: {E098E913-0926-4003-A524-A92CEE87A4E9} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-18] (Microsoft Corporation)
Task: {ED8E5CAC-C1E9-4B90-BA6C-D02A61BEC9C9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-21] (AVAST Software)
Task: {F1D49F29-F083-4149-ABDF-B404B7E40598} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {F4075B3E-1F6B-4A13-B67E-1C414ACB19EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {FFBFEB56-9C16-4744-A9EE-E81D4B0919DA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-21] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUDU - Streaming Movies.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=*&locale=en_us&pf=cnnb&s=VUDU_URL&tp=startmenu
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-01 14:50 - 2017-02-01 14:50 - 000459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-02-16 10:12 - 2018-02-10 00:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-16 10:12 - 2018-02-10 00:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-08-10 17:42 - 2018-08-10 17:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 000653824 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-08-18 18:56 - 2018-08-18 18:57 - 016545280 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.26.12153.0_x64__8wekyb3d8bbwe\Microsoft.Msn.Weather.dll
2018-08-10 19:12 - 2018-08-10 19:12 - 000066048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2018-03-29 13:31 - 2018-03-29 13:32 - 004734464 _____ () C:\Program Files\WindowsApps\Microsoft.Wallet_2.2.18065.0_x64__8wekyb3d8bbwe\Microsoft.Wallet.dll
2018-08-10 17:34 - 2018-08-10 17:37 - 001922224 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-01-05 17:33 - 2018-01-05 17:33 - 003657624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2018-01-05 17:33 - 2018-01-05 17:33 - 002470296 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 035124224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-08-10 17:42 - 2018-08-10 17:43 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 006417408 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-11-25 13:51 - 2017-11-25 13:53 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 009010176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-20 19:43 - 2018-08-20 19:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-21 14:43 - 2018-08-21 14:43 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-20 21:00 - 2018-08-20 21:00 - 000153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\ac7f29387efc85060f3f967eed21ac95\BRIDGECommon.ni.dll
2018-08-20 21:09 - 2018-08-20 21:09 - 000326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\e8a150bf15a0467b2e89dd2be0ef7225\CleanStartController.ni.dll
2018-08-20 21:06 - 2018-08-20 21:06 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b7fbc3ebf83e8983de95b597d5e3c590\BridgeExtension.ni.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eviei\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{80232BE6-9493-475A-9810-0446DA5A8F1A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C2654405-0A64-4A87-8679-6BD42A765D51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E8D27CE2-C2E6-4D14-A6A9-49C20C427814}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{619EC73E-671E-42A8-A192-7FF98C822CD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0AC6E3C1-81CB-4F57-943E-E09CCEEDE14D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{46C3EB8B-8623-418F-9DFA-5D3142C82DF4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{66C7E78A-74F9-4326-A00F-60D82075E863}] => (Allow) LPort=13148
FirewallRules: [{665ADD2B-32A5-43D5-8D41-77C9C68894F9}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
FirewallRules: [{14231565-7D9B-4120-9FB5-ADF2C5C8A436}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0D0C1790-F674-4132-86D1-B0403C2C8DF5}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{2CF5CCE0-49C1-4A35-9506-9ADEA4A41FB1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{9A10EF45-D259-4FFA-963B-835C6397F5DE}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{01D72044-193E-4447-BC21-B42BB5B5D2A3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{9023B2D3-A06C-4121-888B-BE64BEB00EC7}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B9FB0B2B-70F0-438A-931F-43B524322015}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{BF39738A-49EE-4FA9-BF35-04A82AB5D052}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{D36720A9-A21F-4BA5-BB1C-379A96C29260}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{545516FB-AEB7-4C38-932F-3B9F170AE01A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{63C4D9A6-8CF2-4A96-869D-AB34BE81EB4D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{379280B0-A4E3-4283-BA9D-326CDEB78BC0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{DA705F3C-95C9-4AE7-A2C0-3D17AF271E07}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FB05CA58-2D0C-4042-8C94-09F244EF625C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{E8EF1E96-89B8-46AC-993E-B8C75F9F5552}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C9F9C93D-43AE-4BF0-AD39-F08C83BCA834}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{22558B60-A813-449D-A432-44C5A42656C4}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{923BACC5-14C8-497C-A0DC-1B4CF3D72769}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DCD329E4-9180-4013-9FCD-8A4F18E2EAD7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
 
==================== Restore Points =========================
 
Could not list restore points
Check "winmgmt" service or repair WMI.
 
 
==================== Faulty Device Manager Devices =============
 
Could not list Devices. Check "winmgmt" service or repair WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/22/2018 12:51:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HPMSGSVC.exe, version: 1.4.11.0, time stamp: 0x57674acb
Faulting module name: HPMSGSVC.exe, version: 1.4.11.0, time stamp: 0x57674acb
Exception code: 0xc0000005
Fault offset: 0x000075ee
Faulting process id: 0x2190
Faulting application start time: 0x01d439d3c651d4df
Faulting application path: C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
Faulting module path: C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
Report Id: 3ef8aeb5-3198-4c42-8857-070a616d3c24
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (08/22/2018 12:50:35 AM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
 
Error: (08/22/2018 12:50:16 AM) (Source: Microsoft-Windows-WMI) (EventID: 28) (User: NT AUTHORITY)
Description: Failed to Initialize WMI Core or Provider SubSystem or Event SubSystem with error number 0x80041002. This could be due to a badly installed version of WMI, WMI repository upgrade failure, insufficient disk space or insufficient memory.
 
 
System errors:
=============
Error: (08/22/2018 12:50:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 12:50:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 12:50:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 12:50:42 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU N3710 @ 1.60GHz
Percentage of memory in use: 57%
Total physical RAM: 4001.58 MB
Available physical RAM: 1713.52 MB
Total Virtual: 8097.58 MB
Available Virtual: 5875.72 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:450.91 GB) (Free:386.05 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.62 GB) (Free:1.62 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{6bd5e15b-bd27-431d-89cd-ddb7e5872828}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
\\?\Volume{74344a3a-8a10-4ce3-a77c-0ac1da0d0390}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B72F9B8C)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 72.70 52 K 8 K 0
procexp(1)64.exe 9.94 47,420 K 70,172 K 6056 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 7.53 57,364 K 72,000 K 3612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
dwm.exe 2.41 36,408 K 49,564 K 1140 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 1.65 0 K 0 K n/a Hardware Interrupts and DPCs
System 1.92 160 K 1,092 K 4
csrss.exe 0.55 2,344 K 5,112 K 720 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
TabTip.exe 1.12 3,788 K 14,952 K 7180 Touch Keyboard and Handwriting Panel Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1.09 8,776 K 24,900 K 3256 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AvastUI.exe 0.58 24,156 K 28,836 K 5572 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
explorer.exe 0.42 41,416 K 97,952 K 7012 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.22 91,860 K 157,808 K 2712 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
iCloudServices.exe 0.19 41,280 K 58,580 K 10208 iCloud Services Apple Inc. (Verified) Apple Inc.
lsass.exe 0.15 7,260 K 14,752 K 848 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
HPNetworkCommunicator.exe 0.12 2,848 K 10,180 K 10052 HPNetworkCommunicator Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe 0.07 6,420 K 12,032 K 760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.07 3,076 K 7,636 K 2312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.06 2,364 K 7,068 K 1656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.06 2,356 K 7,200 K 2516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.06 5,472 K 7,948 K 1572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.05 1,772 K 6,004 K 3980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.03 2,496 K 8,660 K 1508 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
RuntimeBroker.exe 0.03 3,560 K 16,852 K 9800 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
iPodService.exe 0.03 2,384 K 8,540 K 8472 iPod Service Apple Inc. (Verified) Apple Inc.
aswidsagenta.exe 0.03 21,648 K 36,012 K 4848 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.
CCleaner64.exe 0.03 9,916 K 26,816 K 4676 CCleaner Piriform Ltd (Verified) Piriform Ltd
svchost.exe 0.03 3,952 K 11,684 K 2320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.03 3,304 K 9,032 K 1872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.02 2,016 K 7,784 K 10000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe 0.01 3,600 K 10,328 K 3220 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 0.01 35,812 K 43,708 K 1804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
iCloudPhotos.exe 0.01 14,372 K 35,432 K 10232 iCloud Photo Library Apple Inc. (Verified) Apple Inc.
svchost.exe 0.01 12,388 K 27,160 K 372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
esif_assist_64.exe 0.01 1,408 K 4,848 K 6132 Intel® Dynamic Platform and Thermal Framework Utility Application Intel Corporation (Verified) Intel® Software
csrss.exe 0.02 2,020 K 4,640 K 624 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
iTunesHelper.exe < 0.01 4,784 K 16,864 K 10100 iTunesHelper Apple Inc. (Verified) Apple Inc.
SynTPEnh.exe < 0.01 6,036 K 12,288 K 5088 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
TrustedInstaller.exe < 0.01 2,568 K 7,764 K 11068 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
WUDFHost.exe 25,096 K 11,528 K 968 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe 1,956 K 6,412 K 2736 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,432 K 8,124 K 792 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,644 K 5,748 K 704 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
TiWorker.exe 13,944 K 18,404 K 7452 Windows Modules Installer Worker Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 5,472 K 14,224 K 6268 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
TabTip32.exe 1,404 K 5,136 K 1180 Touch Keyboard and Handwriting Panel Helper Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,028 K 4,428 K 7160 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPEnhService.exe 2,352 K 7,768 K 3536 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 12,408 K 15,912 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,348 K 6,888 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,908 K 21,404 K 368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,496 K 8,752 K 4588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,004 K 12,772 K 3268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,184 K 11,008 K 4824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,752 K 14,868 K 11796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,068 K 5,984 K 2820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,084 K 22,304 K 4804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,204 K 15,136 K 1820 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,460 K 10,972 K 2720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,920 K 11,104 K 1752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,716 K 20,460 K 3592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,672 K 8,364 K 10548 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,832 K 17,004 K 5196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,008 K 13,268 K 2168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,772 K 19,560 K 6208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,084 K 7,728 K 3044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,316 K 11,048 K 4352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,408 K 5,604 K 1812 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,404 K 8,236 K 3428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,136 K 12,000 K 2088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 18,552 K 14,648 K 1492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,972 K 17,924 K 3300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,916 K 31,316 K 5000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,880 K 12,060 K 3360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,240 K 14,944 K 1344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,808 K 5,916 K 2304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,112 K 12,764 K 2628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,028 K 6,956 K 11572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,108 K 11,032 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,196 K 6,364 K 3960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,332 K 7,796 K 1796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,228 K 12,676 K 7804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,312 K 10,420 K 2052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,812 K 7,504 K 4476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,712 K 10,320 K 1360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,656 K 26,844 K 6440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,248 K 13,344 K 1296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,856 K 7,364 K 6476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,804 K 6,224 K 7032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,408 K 5,856 K 6680 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,744 K 6,668 K 3724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,524 K 8,928 K 6012 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,304 K 9,032 K 5896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,152 K 8,200 K 1932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,256 K 8,448 K 4220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,492 K 5,180 K 5036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,836 K 6,608 K 5028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,080 K 8,064 K 4688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,396 K 5,344 K 3552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,792 K 9,464 K 3572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,180 K 8,496 K 3228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 996 K 3,680 K 960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,268 K 8,808 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,852 K 7,840 K 1612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,112 K 9,916 K 1912 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,104 K 7,736 K 2028 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,732 K 6,988 K 2036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,752 K 6,096 K 3236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,720 K 6,696 K 3324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,108 K 6,784 K 3412 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,668 K 6,032 K 3456 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,704 K 6,124 K 3540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,736 K 11,100 K 11644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,040 K 9,144 K 10320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 6,848 K 13,448 K 3000 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 616 K 996 K 420 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
smartscreen.exe 9,900 K 15,984 K 10068 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
SkypeHost.exe Suspended 34,320 K 47,688 K 7176 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 5,880 K 22,596 K 5620 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 35,440 K 77,052 K 7144 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 11,964 K 10,140 K 8156 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 0.06 6,900 K 9,396 K 832 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
sedsvc.exe 3,996 K 13,956 K 10260 sedsvc Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 3,864 K 14,976 K 3520 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
secd.exe 4,668 K 18,624 K 9912 Apple Security Manager Apple, Inc. (Verified) Apple Inc.
SearchUI.exe Suspended 50,004 K 56,724 K 2012 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 22,736 K 25,868 K 7232 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe 3,880 K 16,824 K 9028 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RuntimeBroker.exe 6,000 K 17,012 K 9696 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 6,192 K 20,560 K 7220 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 5,028 K 16,532 K 7696 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 7,704 K 17,356 K 10020 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe 1,824 K 7,520 K 2156 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
procexp(1).exe 3,176 K 10,356 K 6064 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 25,636 K 15,108 K 6152 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
OneDrive.exe 14,988 K 47,200 K 10168 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
OfficeClickToRun.exe 14,960 K 24,108 K 3212 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
notepad.exe 3,460 K 17,824 K 11384 Notepad Microsoft Corporation (Verified) Microsoft Windows
notepad.exe 3,508 K 17,512 K 3492 Notepad Microsoft Corporation (Verified) Microsoft Windows
notepad.exe 3,512 K 17,720 K 11616 Notepad Microsoft Corporation (Verified) Microsoft Windows
MSASCuiL.exe 2,288 K 10,124 K 9964 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
Memory Compression 220 K 32,204 K 1900
Lightshot.exe 10,868 K 15,340 K 844 Lightshot Skillbrains (No signature was present in the subject) Skillbrains
jhi_service.exe 1,600 K 6,636 K 11996 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
IntuitUpdateService.exe 20,944 K 10,556 K 9576 Intuit Update Service Intuit Inc. (Verified) Intuit
igfxHK.exe 2,356 K 8,696 K 7940 igfxHK Module Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 3,484 K 11,400 K 7820 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 2,020 K 8,304 K 2000 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
iCloudDrive.exe 12,420 K 33,172 K 10224 iCloud Drive Apple Inc. (Verified) Apple Inc.
hpwuschd2.exe 1,568 K 6,848 K 8488 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,776 K 7,856 K 3336 HP WMI Service HP Inc. (Verified) HP Inc.
HPSupportSolutionsFrameworkService.exe 36,776 K 40,940 K 11100 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
HPSF.exe 43,072 K 19,312 K 11780 HP Support Assistant HP Inc. (Verified) HP Inc.
HPRadioMgr64.exe 2,232 K 9,640 K 8732 HP Radio Manager HP (Verified) HP Inc.
HPOrbitService.exe 2,908 K 8,796 K 2616 HP Orbit HP Inc. (Verified) HP Inc.
HPJumpStartLaunch.exe 3,964 K 1,148 K 6260 (Verified) HP Inc.
HPJumpStartBridge.exe 19,784 K 27,456 K 11712 HP JumpStart Bridge HP Inc. (Verified) HP Inc.
HPCommRecovery.exe 13,784 K 17,468 K 12188 CommRecovery HP Inc. (No signature was present in the subject) HP Inc.
HPAudioSwitch.exe 35,988 K 44,564 K 9208 HPAudioSwitch HP Inc. (Verified) HP Inc.
fontdrvhost.exe 2,736 K 6,404 K 980 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe 1,776 K 4,092 K 984 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
esif_uf.exe 1,984 K 6,420 K 3284 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel® Software
DropboxUpdate.exe 2,152 K 904 K 6216 Dropbox Update Dropbox, Inc. (Verified) Dropbox
dllhost.exe 1,840 K 7,112 K 9960 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dasHost.exe 5,280 K 13,764 K 3876 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows
ctfmon.exe 3,172 K 12,976 K 9156 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,212 K 5,152 K 2760 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
AvastBrowserCrashHandler64.exe 1,972 K 252 K 1184 Avast Browser Update AVAST Software (Verified) AVAST Software s.r.o.
AvastBrowserCrashHandler.exe 1,924 K 200 K 9880 Avast Browser Update AVAST Software (Verified) AVAST Software s.r.o.
audiodg.exe 11,224 K 17,440 K 2476 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1,532 K 6,292 K 3204 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
APSDaemon.exe 4,968 K 17,128 K 8632 Apple Push Apple Inc. (Verified) Apple Inc.
 
 
 

  • 0

#18
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

Looks like that stopped most of Windows Defender.

 

WMI is still broken.  Let's try Windows Repair all in one
First pause your antivirus until the next reboot. (Click on the up arrow to the left of the clock, then right click on the orange Avast icon, Avast Shields Control, Disable Until Computer is Restarted, Yes)
Now go to

http://www.tweaking....all_in_one.html

DO NOT HIT "GREEN "DOWNLOAD NOW" BUTTON!

Use one of the Download buttons under

Installer (36.57 MB)

Download it and save it then run it by Right click and Run As Admin.

 

Click on Jump to Repairs button

 

You will get a warning that it should be run in Safe Mode.  You can ignore the warning (Click on I understand the risks) since we have paused Avast.

 

Click on Open Repairs

 

Click on the All Repairs (51) box to uncheck all of the options.

 

Click on

05 Repair WMI

 

Click on

Restart/Shutdown System (on the right side of the window)

Click on

Restart System

 

Start Repairs.

 

System should reboot. 

 

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Also give me a new Process Explorer log.

 


  • 0

#19
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22.08.2018
Ran by eviei (administrator) on LAPTOP-VCBMR6EO (22-08-2018 13:19:27)
Running from C:\Users\eviei\Desktop
Loaded Profiles: eviei (Available Profiles: eviei)
Platform: Windows 10 Home Version 1709 16299.248 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(HP Inc.) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP) C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9216000 2017-04-13] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-08-21] (AVAST Software)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324488 2016-08-02] (HP)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-12-08] (Apple Inc.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d7c83393-01ff-488e-b4c7-ce4733f24f2d}: [DhcpNameServer] 192.168.1.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-08-18] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-12-07] (HP Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-12-07] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-18] (Microsoft Corporation)
 
FireFox:
========
FF DefaultProfile: l7f6zkd0.default
FF ProfilePath: C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default [2018-08-21]
FF Extension: (Avast SafePrice) - C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default\Extensions\[email protected] [2018-08-20]
FF Extension: (Avast Online Security) - C:\Users\eviei\AppData\Roaming\Mozilla\Firefox\Profiles\l7f6zkd0.default\Extensions\[email protected] [2018-08-20]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-07-14] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR Profile: C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default [2018-08-21]
CHR Extension: (Slides) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-14]
CHR Extension: (Docs) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-14]
CHR Extension: (Google Drive) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-14]
CHR Extension: (YouTube) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-14]
CHR Extension: (Sheets) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-17]
CHR Extension: (Avast Online Security) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-08-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-14]
CHR Extension: (Gmail) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-14]
CHR Extension: (Chrome Media Router) - C:\Users\eviei\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7994520 2018-08-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-20] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-08-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-08-20] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-08-21] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-11-24] (Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2017-03-28] (Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HP Orbit Service; C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [3394072 2017-03-01] (HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-04-03] (HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [356336 2017-03-28] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-13] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [360456 2018-04-13] (Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-08-10] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-08-10] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [199712 2018-08-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229384 2018-08-21] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201320 2018-08-21] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-08-21] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59568 2018-08-21] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-08-20] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [249016 2018-08-21] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-08-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163272 2018-08-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111864 2018-08-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-08-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-08-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [467232 2018-08-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [214800 2018-08-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381560 2018-08-21] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [55792 2017-03-28] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2017-03-28] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2017-03-28] (Intel Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7407064 2017-03-28] (Intel Corporation)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [7904088 2018-04-20] (Realtek Semiconductor Corporation )
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [60504 2017-04-28] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55304 2018-04-13] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146200 2015-10-15] (Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46584 2018-08-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [340008 2018-08-10] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61992 2018-08-10] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-22 13:19 - 2018-08-22 13:19 - 000000000 ____D C:\Users\eviei\Desktop\FRST-OlderVersion
2018-08-22 13:13 - 2018-08-22 13:13 - 000000000 ___HD C:\OneDriveTemp
2018-08-22 13:10 - 2018-08-22 13:10 - 000000000 ___HD C:\ProgramData\temp
2018-08-22 12:56 - 2018-08-22 12:56 - 000000207 _____ C:\WINDOWS\tweaking.com-regbackup-LAPTOP-VCBMR6EO-Windows-10-Home-(64-bit).dat
2018-08-22 12:56 - 2018-08-22 12:56 - 000000000 ____D C:\RegBackup
2018-08-22 09:57 - 2018-08-22 09:57 - 000194553 _____ C:\WINDOWS\Tweaking.com - Windows Repair Setup Log.txt
2018-08-22 09:57 - 2018-08-22 09:57 - 000003782 _____ C:\WINDOWS\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2018-08-22 09:57 - 2018-08-22 09:57 - 000002203 _____ C:\Users\eviei\Desktop\Tweaking.com - Windows Repair.lnk
2018-08-22 09:57 - 2018-08-22 09:57 - 000000000 ____D C:\Users\eviei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2018-08-22 09:57 - 2018-08-22 09:57 - 000000000 ____D C:\Program Files (x86)\Tweaking.com
2018-08-22 09:56 - 2018-08-22 09:56 - 038341880 _____ (Tweaking.com) C:\Users\eviei\Downloads\tweaking.com_windows_repair_aio_setup.exe
2018-08-22 01:01 - 2018-08-22 01:01 - 000020738 _____ C:\Users\eviei\Desktop\Hardware Interrupts and DPCs.txt
2018-08-22 00:43 - 2018-08-22 00:46 - 000005014 _____ C:\Users\eviei\Desktop\Fixlog.txt
2018-08-22 00:14 - 2018-08-22 00:15 - 000000000 ___HD C:\$WINDOWS.~BT
2018-08-21 23:16 - 2018-07-14 01:21 - 001471384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2018-08-21 19:07 - 2018-08-21 19:07 - 000000070 _____ C:\Users\eviei\Desktop\failed update.txt
2018-08-21 18:47 - 2018-08-22 00:57 - 000035723 _____ C:\Users\eviei\Desktop\Addition.txt
2018-08-21 18:43 - 2018-08-22 13:20 - 000018784 _____ C:\Users\eviei\Desktop\FRST.txt
2018-08-21 14:44 - 2018-08-21 14:44 - 000379608 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-08-21 12:24 - 2018-08-21 12:25 - 013669907 _____ C:\Users\eviei\Downloads\windows10.0-kb4090914-x64_c72e85e0ed037eee289e3793c01b5f0a0f7b63f1.msu
2018-08-21 12:15 - 2018-08-21 12:15 - 000000000 ____D C:\Users\eviei\AppData\Local\ElevatedDiagnostics
2018-08-21 01:10 - 2018-08-22 13:02 - 000000000 ____D C:\Users\eviei\AppData\Local\CrashDumps
2018-08-20 22:19 - 2018-08-21 01:09 - 000000000 ____D C:\WINDOWS\Minidump
2018-08-20 20:02 - 2018-08-21 14:53 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-08-20 19:53 - 2018-08-20 19:53 - 000000000 ____D C:\Users\eviei\AppData\Roaming\AVAST Software
2018-08-20 19:52 - 2018-08-22 01:06 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-08-20 19:52 - 2018-08-20 19:52 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-08-20 19:52 - 2018-08-20 19:52 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-08-20 19:51 - 2018-08-22 13:12 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-08-20 19:51 - 2018-08-20 19:51 - 000002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-08-20 19:45 - 2018-08-20 19:53 - 000000000 ____D C:\Users\eviei\AppData\Local\AVAST Software
2018-08-20 19:45 - 2018-08-20 19:45 - 000003458 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-08-20 19:45 - 2018-08-20 19:45 - 000003334 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-08-20 19:45 - 2018-08-20 19:45 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2018-08-20 19:44 - 2018-08-21 14:44 - 000467232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000381560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000214800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000199712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000163272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000111864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-08-20 19:44 - 2018-08-21 14:44 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000249016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000229384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000201320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-08-20 19:44 - 2018-08-21 14:42 - 000059568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-08-20 19:44 - 2018-08-20 19:43 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-08-20 19:43 - 2018-08-20 19:43 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2018-08-20 19:41 - 2018-08-20 19:41 - 000000000 ____D C:\Program Files\AVAST Software
2018-08-20 19:40 - 2018-08-20 20:10 - 000000000 ____D C:\ProgramData\AVAST Software
2018-08-20 19:10 - 2018-08-20 19:10 - 010593472 _____ (McAfee, Inc.) C:\Users\eviei\Downloads\MCPR.exe
2018-08-20 19:07 - 2018-08-20 19:10 - 262470744 _____ (AVAST Software) C:\Users\eviei\Downloads\avast_free_antivirus_setup_offline (1).exe
2018-08-18 23:22 - 2018-08-18 23:22 - 000000000 ____D C:\Windows.old
2018-08-18 19:55 - 2018-08-18 19:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2018-08-18 19:55 - 2018-08-18 19:57 - 000000000 ____D C:\Program Files\LatencyMon
2018-08-18 19:55 - 2015-07-13 11:16 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2018-08-18 19:53 - 2018-08-18 19:54 - 002476504 _____ (Resplendence Software Projects Sp. ) C:\Users\eviei\Desktop\LatencyMon.exe
2018-08-18 18:57 - 2018-08-18 18:57 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-18 18:57 - 2018-08-18 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2018-08-18 18:42 - 2018-08-18 18:42 - 000000000 _____ C:\junk.txtnet stop BITS
2018-08-14 08:38 - 2018-08-18 20:22 - 000000036 _____ C:\WINDOWS\progress.ini
2018-08-14 08:15 - 2018-08-14 08:15 - 000000000 ____D C:\Users\eviei\Documents\Lightshot
2018-08-14 08:14 - 2018-08-22 05:35 - 000000420 _____ C:\WINDOWS\Tasks\update-sys.job
2018-08-14 08:14 - 2018-08-22 05:35 - 000000420 _____ C:\WINDOWS\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001.job
2018-08-14 08:14 - 2018-08-22 01:06 - 000003056 _____ C:\WINDOWS\System32\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001
2018-08-14 08:14 - 2018-08-22 01:06 - 000002800 _____ C:\WINDOWS\System32\Tasks\update-sys
2018-08-14 08:14 - 2018-08-14 08:14 - 000000425 _____ C:\Users\eviei\AppData\Local\UserProducts.xml
2018-08-14 08:14 - 2018-08-14 08:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
2018-08-14 08:14 - 2018-08-14 08:14 - 000000000 ____D C:\Program Files (x86)\Skillbrains
2018-08-14 07:57 - 2018-08-22 13:19 - 002413056 _____ (Farbar) C:\Users\eviei\Desktop\FRST64.exe
2018-08-13 17:01 - 2018-08-14 07:54 - 000000000 ____D C:\Users\eviei\Desktop\fulleventlogview-x64
2018-08-13 17:01 - 2018-08-13 17:01 - 000096374 _____ C:\Users\eviei\Desktop\fulleventlogview-x64.zip
2018-08-10 21:03 - 2018-08-10 21:03 - 006889184 _____ (Piriform Ltd) C:\Users\eviei\Desktop\spsetup132.exe
2018-08-10 20:56 - 2018-08-10 20:56 - 000000844 _____ C:\Users\Public\Desktop\Speccy.lnk
2018-08-10 20:56 - 2018-08-10 20:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-08-10 20:56 - 2018-08-10 20:56 - 000000000 ____D C:\Program Files\Speccy
2018-08-10 20:47 - 2018-08-13 17:34 - 000000000 _____ C:\junk.txt
2018-08-10 20:40 - 2018-08-10 20:03 - 002724512 _____ (Sysinternals - www.sysinternals.com) C:\Users\eviei\Desktop\procexp(1).exe
2018-08-10 20:39 - 2018-08-22 01:00 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2018-08-10 20:16 - 2018-08-18 20:23 - 000000000 ___HD C:\$GetCurrent
2018-08-10 20:12 - 2018-08-18 20:13 - 000000000 ____D C:\Windows10Upgrade
2018-08-10 20:04 - 2018-08-18 19:49 - 000000000 ____D C:\Program Files\rempl
2018-08-10 20:04 - 2018-08-10 20:04 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-08-10 19:12 - 2018-08-10 19:12 - 000061440 _____ ( ) C:\Users\eviei\Downloads\VEW.exe
2018-08-10 19:09 - 2018-08-18 22:52 - 000000255 _____ C:\VEW.txt
2018-08-10 18:48 - 2018-08-10 18:48 - 000054905 _____ C:\sfcdetails.txt
2018-08-10 17:38 - 2018-06-29 04:09 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-08-10 17:38 - 2018-06-29 03:58 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-10 17:38 - 2018-06-13 17:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-08-10 17:38 - 2018-06-13 17:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-10 17:38 - 2018-06-08 02:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-08-10 17:38 - 2018-06-08 02:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-08-10 17:38 - 2018-06-08 01:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-10 17:38 - 2018-05-11 17:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-08-10 17:38 - 2018-05-03 02:19 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-08-10 17:38 - 2018-03-29 23:44 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2018-08-10 17:38 - 2018-03-29 23:43 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2018-08-10 17:38 - 2018-03-29 23:36 - 000825856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-08-10 17:38 - 2018-03-29 23:35 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-10 17:38 - 2018-03-29 23:35 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-08-10 17:38 - 2018-03-29 23:33 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2018-08-10 17:38 - 2018-03-29 23:33 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2018-08-10 17:38 - 2018-03-29 23:25 - 001055744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-08-10 17:38 - 2018-03-13 01:25 - 001346560 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2018-08-10 17:38 - 2018-03-01 03:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-08-10 17:38 - 2018-03-01 02:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-08-10 17:38 - 2018-03-01 01:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-08-10 16:36 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-07-24 14:47 - 2018-07-24 14:48 - 000000168 _____ C:\Users\eviei\Desktop\Geeks 2 Go.url
2018-07-24 14:29 - 2018-08-22 13:19 - 000000000 ____D C:\FRST
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-08-22 13:15 - 2018-01-06 16:40 - 001028468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-22 13:13 - 2017-12-15 13:11 - 000000000 ___RD C:\Users\eviei\iCloudDrive
2018-08-22 13:13 - 2017-11-25 13:31 - 000000000 __RDL C:\Users\eviei\OneDrive
2018-08-22 13:11 - 2017-11-25 06:06 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-22 13:11 - 2017-11-24 23:18 - 000000000 __SHD C:\Users\eviei\IntelGraphicsProfiles
2018-08-22 13:10 - 2018-01-06 17:05 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-22 13:09 - 2017-09-29 04:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-22 12:58 - 2017-04-01 01:38 - 001022366 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-08-22 12:54 - 2018-01-06 16:35 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-08-22 09:56 - 2018-01-06 17:05 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9EFFB82A-7611-47E7-86AA-97C36493FDC0}
2018-08-22 01:31 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-08-22 01:06 - 2018-07-17 16:50 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-08-22 01:06 - 2018-07-17 16:50 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-08-22 01:06 - 2018-07-14 10:28 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-08-22 01:06 - 2018-07-14 10:28 - 000003122 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-08-22 01:06 - 2018-02-08 14:51 - 000002718 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z
2018-08-22 01:06 - 2018-01-29 12:15 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-08-22 01:06 - 2018-01-06 17:05 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3252656029-1357310190-2560453275-1001
2018-08-22 01:06 - 2018-01-06 17:05 - 000002856 _____ C:\WINDOWS\System32\Tasks\HPJumpStartLaunch
2018-08-22 01:06 - 2018-01-06 17:05 - 000002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2018-08-22 01:06 - 2018-01-06 17:05 - 000002502 _____ C:\WINDOWS\System32\Tasks\HPEA3JOBS
2018-08-22 01:06 - 2018-01-06 17:05 - 000002440 _____ C:\WINDOWS\System32\Tasks\HPAudioSwitch
2018-08-22 01:06 - 2018-01-06 17:05 - 000002318 _____ C:\WINDOWS\System32\Tasks\DropboxOEM
2018-08-22 01:05 - 2018-01-06 17:05 - 000003462 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-08-22 01:05 - 2018-01-06 17:05 - 000003238 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-08-22 00:55 - 2017-09-29 09:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-08-22 00:43 - 2018-01-06 17:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2018-08-22 00:15 - 2018-01-02 15:59 - 000000000 ___DC C:\WINDOWS\Panther
2018-08-21 22:43 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-21 18:34 - 2017-07-10 18:30 - 000000000 ____D C:\Program Files (x86)\WildGames
2018-08-21 18:30 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-08-21 18:27 - 2017-07-10 18:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-08-21 18:27 - 2017-07-10 18:29 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2018-08-21 18:26 - 2017-11-25 13:41 - 000000000 ____D C:\Users\eviei\AppData\Roaming\WildTangent
2018-08-21 18:26 - 2017-07-10 18:29 - 000000000 ____D C:\ProgramData\WildTangent
2018-08-21 14:44 - 2017-09-29 09:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-08-21 01:57 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-08-21 01:56 - 2017-09-29 09:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-08-21 01:10 - 2017-09-29 09:44 - 000000000 ____D C:\WINDOWS\INF
2018-08-21 00:58 - 2018-01-06 16:41 - 000000000 ____D C:\Users\eviei
2018-08-20 22:02 - 2018-01-06 18:10 - 000000000 ____D C:\Users\eviei\AppData\Local\PlaceholderTileLogoFolder
2018-08-20 21:51 - 2017-09-29 04:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-08-20 21:40 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\Registration
2018-08-20 21:39 - 2018-01-06 17:03 - 000003813 _____ C:\WINDOWS\diagwrn.xml
2018-08-20 21:39 - 2018-01-06 17:03 - 000003813 _____ C:\WINDOWS\diagerr.xml
2018-08-20 21:39 - 2018-01-06 16:42 - 000000000 ____D C:\Users\eviei\AppData\Local\Packages
2018-08-20 19:11 - 2017-11-26 13:11 - 000000000 ____D C:\Users\eviei\AppData\Local\Google
2018-08-18 22:47 - 2017-12-04 11:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-18 20:36 - 2017-12-04 11:07 - 137343192 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-18 19:00 - 2017-09-29 09:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-18 18:57 - 2017-05-17 15:01 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-18 18:57 - 2017-05-17 15:01 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-18 18:55 - 2017-05-17 14:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-08-18 18:49 - 2017-12-15 13:12 - 000000000 ____D C:\Users\eviei\AppData\Local\25BD9BF9-9D91-4D97-B838-DC3BB88CD26F.aplzod
2018-08-14 09:48 - 2017-09-29 09:46 - 000000000 ____D C:\WINDOWS\rescache
2018-08-14 08:11 - 2018-01-29 12:14 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-14 07:55 - 2018-07-14 10:31 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-14 07:55 - 2018-07-14 10:31 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-13 17:24 - 2017-11-24 23:18 - 000000000 ____D C:\Users\eviei\AppData\Local\VirtualStore
2018-08-10 06:59 - 2017-11-25 13:31 - 000002374 _____ C:\Users\eviei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-10 06:47 - 2018-06-08 09:58 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-08-06 11:31 - 2018-06-08 10:00 - 000836480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-08-06 11:31 - 2018-06-08 10:00 - 000181120 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2018-08-14 08:14 - 2018-08-14 08:14 - 000000003 _____ () C:\Users\eviei\AppData\Local\updater.log
2018-08-14 08:14 - 2018-08-14 08:14 - 000000425 _____ () C:\Users\eviei\AppData\Local\UserProducts.xml
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-08-14 08:41
 
==================== End of FRST.txt ============================
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22.08.2018
Ran by eviei (22-08-2018 13:21:53)
Running from C:\Users\eviei\Desktop
Windows 10 Home Version 1709 16299.248 (X64) (2018-01-06 21:07:23)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3252656029-1357310190-2560453275-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3252656029-1357310190-2560453275-503 - Limited - Disabled)
eviei (S-1-5-21-3252656029-1357310190-2560453275-1001 - Administrator - Enabled) => C:\Users\eviei
Guest (S-1-5-21-3252656029-1357310190-2560453275-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3252656029-1357310190-2560453275-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 68.0.746.60 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{84D8451D-2ED6-3A59-ABA5-2A447F7C6310}) (Version: 4.1.2.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.127.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.21 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{23D5C1E8-0442-4D70-9280-927EF36657CB}) (Version: 1.1.0.378 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{81CA40FD-E11B-4DC1-AE33-A71EB044B8B7}) (Version: 1.1.275.0 - HP Inc.)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6500 E710n-z Product Improvement Study (HKLM\...\{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Orbit (HKLM-x32\...\{04ec2b32-255d-418f-b6ca-dec62b872f5d}) (Version: 1.3.60.240 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.5.37.19 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.8.47.1 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{314d4c01-f54b-4125-a71f-1e2722c29050}) (Version: 10.1.1.40 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4568 - Intel Corporation)
Intel® Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1094 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
LatencyMon 6.70 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Firefox 57.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 57.0.4 (x86 en-US)) (Version: 57.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
OpenOffice 4.1.4 (HKLM-x32\...\{BDB210E1-06C5-451F-BDAC-C18DDC7C2F14}) (Version: 4.14.9788 - Apache Software Foundation)
Quicken 2013 (HKLM-x32\...\{034DD4BB-F0D6-4ECF-B064-8E39E3EF7076}) (Version: 22.1.1.21 - Intuit)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8110 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.91 - REALTEK Semiconductor Corp.)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.69 - Synaptics Incorporated)
TurboTax 2017 (HKLM-x32\...\TurboTax 2017) (Version: 2017.0 - Intuit, Inc)
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 4.1.0 - Tweaking.com)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{A6F2ADC4-12C4-41E8-B90B-3BE018F5787C}) (Version: 2.48.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-03-28] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-21] (AVAST Software)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01440DAC-24D7-48A8-9E99-B810B39874D1} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [2017-02-02] (HP Inc.)
Task: {04AA1629-EF07-4EAE-A0E5-11833ED2F309} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {17274F53-FA17-4E34-96FF-0E1327054FE9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {1951ECBE-969A-4989-9251-0571D58A76C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-07] (HP Inc.)
Task: {1A09D701-222B-4815-A8E6-145F7862F8C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {24E6D1C4-FD38-45AE-A418-94B279052DCB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {25C7F0C3-1033-48AF-809F-100972101ACF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-07-14] (Google Inc.)
Task: {2CDE08E0-5FC8-4F6C-9E04-FE40CCD63335} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-11-28] (DropboxOEM)
Task: {3C5987AB-F2AE-4DE8-BB95-50FF6BE777CF} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {3DB56C06-6D81-42A8-A190-6205156EE673} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [2017-02-01] ()
Task: {483200C2-9BF2-4D6C-854F-146CB75F18E7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {4FADD0EE-4A68-4921-9D23-ABB995D87E9B} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-11-24] (Dropbox, Inc.)
Task: {50AA2566-CA51-4C37-A182-6A123CE83181} - System32\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {54F7C05B-B1A8-48CA-A370-02385760F081} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-20] (AVAST Software)
Task: {5869F381-9C12-4433-8F12-F98517F48A04} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5B27AE94-DEDC-40AB-BC87-D400AA59150B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {6E5C73A1-891C-4E82-B32E-1F16BE58CDA0} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-08-20] (AVAST Software)
Task: {6EDEAE39-C2C6-40F9-B565-F7541BAC374D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {7613FFA6-FCD0-4A1F-9574-64A72C68AFA1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {8F5506A0-CF54-4F32-8E7C-5C050A447437} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {99803403-DBA7-4F2E-A246-EEDBC202030A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {9F0CD6DA-2FB7-47F0-AF24-861016F267D9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {BAC6117A-DF1A-4862-83E4-CE84783E7860} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-18] (Microsoft Corporation)
Task: {BF8F0BF8-A096-4CEA-85E3-8E2CD0C286F0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MpCmdRun.exe [2018-08-10] (Microsoft Corporation)
Task: {C4430160-DAB2-4897-9BA2-5BDD1C6C8B7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {C45888EF-4214-47C6-9F4E-1943F54D087D} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {D0C60BAD-9219-4A90-AA10-D5CEC13D93AA} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-12-07] (HP Inc.)
Task: {D23F3031-8367-4F94-89F8-AEC5AA472621} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-18] (Microsoft Corporation)
Task: {DECC7D8B-3349-4F4E-9FC4-63CD00CBF1FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-09-27] (HP Inc.)
Task: {DF08C6B9-02BF-43D3-81E8-F64105EE32EE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-07] (HP Inc.)
Task: {E098E913-0926-4003-A524-A92CEE87A4E9} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-18] (Microsoft Corporation)
Task: {ED8E5CAC-C1E9-4B90-BA6C-D02A61BEC9C9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-21] (AVAST Software)
Task: {F1D49F29-F083-4149-ABDF-B404B7E40598} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {F4075B3E-1F6B-4A13-B67E-1C414ACB19EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {FFAFD1CA-97A5-4D37-88D2-944E2D4FAB10} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {FFBFEB56-9C16-4744-A9EE-E81D4B0919DA} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-21] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3252656029-1357310190-2560453275-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Priceline.com.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://secure.rezserver.com/sdk/v1/LinkFwd?refid=7684&destination=priceline&refclickid=square
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VUDU - Streaming Movies.lnk -> C:\Program Files (x86)\HP\Shared\WizLink.exe () -> hxxp://js.redirect.hp.com/jumpstation?bd=all&c=*&locale=en_us&pf=cnnb&s=VUDU_URL&tp=startmenu
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-09-29 09:41 - 2017-09-29 09:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-08 02:48 - 2017-12-08 02:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-01-05 01:13 - 2018-01-05 01:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-02-01 14:50 - 2017-02-01 14:50 - 000459264 _____ () C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
2018-02-16 10:12 - 2018-02-10 00:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-02-16 10:12 - 2018-02-10 00:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-12-11 12:05 - 2017-12-11 12:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-08-10 17:42 - 2018-08-10 17:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-08-10 17:42 - 2018-08-10 17:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 01:14 - 2018-01-05 01:14 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2017-12-08 02:49 - 2017-12-08 02:49 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-20 19:43 - 2018-08-20 19:43 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-08-21 14:43 - 2018-08-21 14:43 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-08-20 21:00 - 2018-08-20 21:00 - 000153088 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\ac7f29387efc85060f3f967eed21ac95\BRIDGECommon.ni.dll
2018-08-20 21:09 - 2018-08-20 21:09 - 000326144 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\e8a150bf15a0467b2e89dd2be0ef7225\CleanStartController.ni.dll
2018-08-20 21:06 - 2018-08-20 21:06 - 000116736 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\b7fbc3ebf83e8983de95b597d5e3c590\BridgeExtension.ni.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2017-03-18 17:03 - 2017-03-18 17:01 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3252656029-1357310190-2560453275-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\eviei\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{80232BE6-9493-475A-9810-0446DA5A8F1A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C2654405-0A64-4A87-8679-6BD42A765D51}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E8D27CE2-C2E6-4D14-A6A9-49C20C427814}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{619EC73E-671E-42A8-A192-7FF98C822CD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0AC6E3C1-81CB-4F57-943E-E09CCEEDE14D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{46C3EB8B-8623-418F-9DFA-5D3142C82DF4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{66C7E78A-74F9-4326-A00F-60D82075E863}] => (Allow) LPort=13148
FirewallRules: [{665ADD2B-32A5-43D5-8D41-77C9C68894F9}] => (Allow) C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
FirewallRules: [{14231565-7D9B-4120-9FB5-ADF2C5C8A436}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{0D0C1790-F674-4132-86D1-B0403C2C8DF5}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe
FirewallRules: [{2CF5CCE0-49C1-4A35-9506-9ADEA4A41FB1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe
FirewallRules: [{9A10EF45-D259-4FFA-963B-835C6397F5DE}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe
FirewallRules: [{01D72044-193E-4447-BC21-B42BB5B5D2A3}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe
FirewallRules: [{9023B2D3-A06C-4121-888B-BE64BEB00EC7}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe
FirewallRules: [{B9FB0B2B-70F0-438A-931F-43B524322015}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{BF39738A-49EE-4FA9-BF35-04A82AB5D052}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{D36720A9-A21F-4BA5-BB1C-379A96C29260}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{545516FB-AEB7-4C38-932F-3B9F170AE01A}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{63C4D9A6-8CF2-4A96-869D-AB34BE81EB4D}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{379280B0-A4E3-4283-BA9D-326CDEB78BC0}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{DA705F3C-95C9-4AE7-A2C0-3D17AF271E07}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{FB05CA58-2D0C-4042-8C94-09F244EF625C}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{E8EF1E96-89B8-46AC-993E-B8C75F9F5552}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C9F9C93D-43AE-4BF0-AD39-F08C83BCA834}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{22558B60-A813-449D-A432-44C5A42656C4}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{923BACC5-14C8-497C-A0DC-1B4CF3D72769}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{DCD329E4-9180-4013-9FCD-8A4F18E2EAD7}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
 
==================== Restore Points =========================
 
18-08-2018 19:46:48 Windows Update
21-08-2018 22:49:28 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/22/2018 01:16:48 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:31 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Error: (08/22/2018 01:06:30 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Event provider wsp_health attempted to register query "select * from WSP_StorageHealthStatusChangeEvent" whose target class "WSP_StorageHealthStatusChangeEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
 
System errors:
=============
Error: (08/22/2018 01:20:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 01:12:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Error: (08/22/2018 01:11:53 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-VCBMR6EO)
Description: Unable to start a DCOM Server: Microsoft.AAD.BrokerPlugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider as Unavailable/Unavailable. The error:
"31"
Happened while starting this command:
"C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
 
Error: (08/22/2018 01:10:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 01:10:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 01:10:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 01:10:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 and APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (08/22/2018 01:09:22 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "1115" attempting to start the service tiledatamodelsvc with arguments "Unavailable" in order to run the server:
{B31118B2-1F49-48E5-B6F5-BC21CAEC56FB}
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® CPU N3710 @ 1.60GHz
Percentage of memory in use: 54%
Total physical RAM: 4001.58 MB
Available physical RAM: 1811.04 MB
Total Virtual: 8097.58 MB
Available Virtual: 5912.25 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:450.91 GB) (Free:386.71 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.62 GB) (Free:1.62 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{6bd5e15b-bd27-431d-89cd-ddb7e5872828}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
\\?\Volume{74344a3a-8a10-4ce3-a77c-0ac1da0d0390}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B72F9B8C)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 83.84 52 K 8 K 0
procexp(1)64.exe 8.64 48,664 K 72,116 K 7628 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System 1.65 172 K 6,436 K 4
dwm.exe 1.56 36,844 K 52,560 K 1124 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
Interrupts 1.45 0 K 0 K n/a Hardware Interrupts and DPCs
TabTip.exe 0.88 4,024 K 15,272 K 8740 Touch Keyboard and Handwriting Panel Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 0.84 2,220 K 5,184 K 716 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
AvastUI.exe 0.65 22,572 K 35,236 K 9872 Avast Antivirus AVAST Software (Verified) AVAST Software s.r.o.
explorer.exe 0.25 39,120 K 93,360 K 6092 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
aswidsagenta.exe 0.06 21,628 K 37,796 K 6136 Avast Behavior Shield AVAST Software (Verified) AVAST Software s.r.o.
svchost.exe 0.04 2,388 K 7,060 K 1052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.03 2,508 K 7,220 K 1624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AvastSvc.exe 0.02 90,284 K 134,208 K 2692 Avast Service AVAST Software (Verified) AVAST Software s.r.o.
iPodService.exe 0.02 2,484 K 8,032 K 9940 iPod Service Apple Inc. (Verified) Apple Inc.
svchost.exe 0.01 2,928 K 7,508 K 4404 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe 0.01 3,564 K 11,804 K 3216 MobileDeviceService Apple Inc. (Verified) Apple Inc.
CCleaner64.exe 0.01 9,904 K 25,804 K 8052 CCleaner Piriform Ltd (Verified) Piriform Ltd
svchost.exe 0.01 12,248 K 28,284 K 372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
lsass.exe 0.01 7,308 K 16,212 K 844 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 32,580 K 40,576 K 1772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 12,524 K 19,392 K 1228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
esif_assist_64.exe < 0.01 1,652 K 5,032 K 6948 Intel® Dynamic Platform and Thermal Framework Utility Application Intel Corporation (Verified) Intel® Software
SynTPEnh.exe < 0.01 6,232 K 17,864 K 6328 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
SearchIndexer.exe < 0.01 27,904 K 27,056 K 5644 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
iTunesHelper.exe < 0.01 4,832 K 16,084 K 8924 iTunesHelper Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 4,128 K 14,824 K 1800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,048 K 5,064 K 620 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
WUDFHost.exe 25,016 K 13,972 K 972 Windows Driver Foundation - User-mode Driver Framework Host Process Microsoft Corporation (Verified) Microsoft Windows
WR_Tray_Icon.exe 2,812 K 2,268 K 10656 Tweaking.com - Windows Repair Tray Icon Tweaking.com (Verified) Tweaking LLC
WmiPrvSE.exe 3,164 K 9,328 K 3740 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,716 K 10,128 K 10548 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe 1,920 K 6,744 K 2720 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 2,348 K 8,944 K 788 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,668 K 6,048 K 700 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
VSSVC.exe 2,096 K 8,460 K 8544 Microsoft® Volume Shadow Copy Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 1,808 K 7,056 K 6488 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 5,988 K 14,344 K 7124 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
TabTip32.exe 1,636 K 5,020 K 8812 Touch Keyboard and Handwriting Panel Helper Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 1,260 K 4,580 K 7364 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPEnhService.exe 2,336 K 8,368 K 3476 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 6,200 K 11,672 K 836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,456 K 11,628 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,280 K 11,544 K 5144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,072 K 7,880 K 3020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,528 K 8,740 K 3388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,152 K 12,028 K 2084 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,408 K 5,600 K 1780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,344 K 25,300 K 3284 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,436 K 18,432 K 3300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,792 K 18,796 K 5436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,396 K 22,600 K 6980 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,584 K 11,112 K 2704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,784 K 9,484 K 6036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,520 K 15,060 K 9768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,292 K 7,680 K 1788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,120 K 11,668 K 1728 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,036 K 15,044 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,504 K 18,484 K 1796 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,444 K 12,768 K 7432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,064 K 7,844 K 10936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,656 K 13,576 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 18,332 K 17,692 K 1420 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,732 K 10,388 K 1360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 29,608 K 35,512 K 3292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,188 K 6,808 K 4076 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 984 K 3,708 K 964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,052 K 11,072 K 1264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,348 K 9,436 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,272 K 14,128 K 1408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,856 K 7,676 K 1504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,332 K 8,812 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,472 K 8,812 K 1552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,296 K 9,080 K 1872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,000 K 9,552 K 1884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,096 K 8,060 K 1896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,104 K 7,804 K 2032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,712 K 6,312 K 2044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,036 K 7,608 K 2352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,824 K 6,172 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,812 K 12,348 K 2372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,352 K 7,144 K 2484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,160 K 14,708 K 2604 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,652 K 7,084 K 3240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,240 K 10,288 K 3248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,728 K 6,176 K 3336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,844 K 10,652 K 3376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,680 K 6,276 K 3440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,692 K 10,260 K 3460 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,384 K 5,460 K 3492 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,684 K 20,572 K 3508 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,684 K 6,316 K 3516 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,420 K 5,336 K 3860 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 23,864 K 40,344 K 3968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,740 K 7,192 K 2572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,776 K 18,380 K 4364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,064 K 8,904 K 4496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,864 K 6,824 K 4784 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,488 K 5,268 K 5016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,228 K 12,140 K 3932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,160 K 8,752 K 4268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,444 K 9,700 K 4668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,344 K 9,924 K 6008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,688 K 6,216 K 6576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,020 K 31,368 K 7024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,988 K 19,628 K 7084 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,696 K 5,980 K 1384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,652 K 7,224 K 7408 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,892 K 29,008 K 7740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,900 K 5,820 K 10564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,904 K 12,476 K 6916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,628 K 7,520 K 5116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,772 K 8,536 K 8180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,028 K 7,020 K 2264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 6,692 K 15,580 K 2972 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 624 K 1,196 K 424 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
smartscreen.exe 9,880 K 16,016 K 11220 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
SkypeHost.exe Suspended 2,708 K 5,132 K 8896 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 6,552 K 24,072 K 6968 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 30,636 K 63,688 K 7656 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe 7,024 K 4,380 K 6316 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,520 K 9,720 K 828 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
sedsvc.exe 3,340 K 9,852 K 10024 sedsvc Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 4,304 K 15,736 K 3448 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
secd.exe 4,648 K 17,804 K 10460 Apple Security Manager Apple, Inc. (Verified) Apple Inc.
SearchUI.exe Suspended 90,044 K 144,512 K 7852 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe 3,896 K 15,976 K 7504 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RuntimeBroker.exe 6,376 K 19,660 K 7960 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,940 K 16,972 K 9176 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,824 K 15,480 K 7204 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 8,356 K 17,172 K 6628 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe 1,836 K 7,804 K 2248 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
procexp(1).exe 3,212 K 10,372 K 8108 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 25,840 K 18,048 K 7000 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
OneDrive.exe 13,828 K 44,740 K 2380 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
OfficeClickToRun.exe 14,792 K 27,888 K 3328 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
notepad.exe 3,596 K 17,632 K 8980 Notepad Microsoft Corporation (Verified) Microsoft Windows
notepad.exe 3,568 K 17,588 K 9128 Notepad Microsoft Corporation (Verified) Microsoft Windows
MSASCuiL.exe 2,252 K 9,668 K 6704 Windows Defender notification icon Microsoft Corporation (Verified) Microsoft Windows
Memory Compression 108 K 15,308 K 1840
Lightshot.exe 10,868 K 12,264 K 10120 Lightshot Skillbrains (No signature was present in the subject) Skillbrains
jhi_service.exe 1,604 K 6,356 K 11060 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
IntuitUpdateService.exe 21,124 K 10,824 K 10644 Intuit Update Service Intuit Inc. (Verified) Intuit
igfxHK.exe 2,648 K 9,452 K 6160 igfxHK Module Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 3,664 K 12,344 K 7604 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 2,044 K 8,364 K 1944 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
iCloudServices.exe 45,724 K 62,280 K 9048 iCloud Services Apple Inc. (Verified) Apple Inc.
iCloudPhotos.exe 14,044 K 34,304 K 7272 iCloud Photo Library Apple Inc. (Verified) Apple Inc.
iCloudDrive.exe 12,876 K 32,188 K 1004 iCloud Drive Apple Inc. (Verified) Apple Inc.
hpwuschd2.exe 1,564 K 6,552 K 9888 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,812 K 8,024 K 3208 HP WMI Service HP Inc. (Verified) HP Inc.
HPSupportSolutionsFrameworkService.exe 42,300 K 48,508 K 11172 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
HPRadioMgr64.exe 2,276 K 9,436 K 9856 HP Radio Manager HP (Verified) HP Inc.
HPOrbitService.exe 3,796 K 14,484 K 3904 HP Orbit HP Inc. (Verified) HP Inc.
HPMSGSVC.exe 2,216 K 9,460 K 9812 HP Message Service HP Inc. (Verified) HP Inc.
HPJumpStartLaunch.exe 4,272 K 720 K 7108 (Verified) HP Inc.
HPJumpStartBridge.exe 20,260 K 27,536 K 10648 HP JumpStart Bridge HP Inc. (Verified) HP Inc.
HPCommRecovery.exe 13,684 K 16,780 K 2744 CommRecovery HP Inc. (No signature was present in the subject) HP Inc.
HPAudioSwitch.exe 35,856 K 43,632 K 2876 HPAudioSwitch HP Inc. (Verified) HP Inc.
fontdrvhost.exe 3,716 K 7,196 K 988 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe 1,860 K 4,272 K 980 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
esif_uf.exe 1,988 K 7,004 K 3232 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel® Software
DropboxUpdate.exe 2,368 K 188 K 7092 Dropbox Update Dropbox, Inc. (Verified) Dropbox
dllhost.exe 1,808 K 7,056 K 4632 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 2,072 K 9,632 K 6688 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dasHost.exe 6,376 K 16,524 K 3080 Device Association Framework Provider Host Microsoft Corporation (Verified) Microsoft Windows
ctfmon.exe 3,224 K 13,500 K 8716 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
conhost.exe 1,216 K 5,132 K 2732 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
AvastBrowserCrashHandler64.exe 1,964 K 324 K 7764 Avast Browser Update AVAST Software (Verified) AVAST Software s.r.o.
AvastBrowserCrashHandler.exe 2,016 K 292 K 7672 Avast Browser Update AVAST Software (Verified) AVAST Software s.r.o.
audiodg.exe 9,800 K 17,404 K 9568 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
armsvc.exe 1,596 K 6,636 K 3224 Adobe Acrobat Update Service Adobe Systems Incorporated (Verified) Adobe Systems
APSDaemon.exe 5,028 K 16,420 K 7928 Apple Push Apple Inc. (Verified) Apple Inc.
ApplicationFrameHost.exe 5,704 K 23,148 K 5008 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
 
 
 
 
 
 
 
 
 
 
 
I took a chance and checked SPECCY to see if it worked after your attempt to fix WMI and it works njow so I ran it and VEW.
 
Summary
Operating System
Windows 10 Home 64-bit
CPU
Intel Pentium J3710 @ 1.60GHz 42 °C
Braswell 14nm Technology
RAM
4.00GB DDR3 @ 1599MHz (11-11-11-28)
Motherboard
HP 832C (CHV)
Graphics
Generic PnP Monitor ([email protected])
Intel HD Graphics (HP)
Storage
465GB Western Digital WDC WD5000LPCX-60VHAT0 (SATA ) 36 °C
Optical Drives
hp DVDRW DA8AESH
Audio
Realtek High Definition Audio
Operating System
Windows 10 Home 64-bit
Computer type: Tablet
Installation Date: 06/01/2018 4:07:23 PM
Serial Number: xxxxxxxxxxxxxxxxxxxxxxxxx
Windows Security Center
User Account Control (UAC) Enabled
Notify level 2 - Default
Firewall Enabled
Windows Update
AutoUpdate Not configured
Windows Defender
Windows Defender Enabled
Antivirus
Antivirus Enabled
Display Name Avast Antivirus
Virus Signature Database Up to date
.NET Frameworks installed
v4.7 Full
v4.7 Client
v3.5 SP1
v3.0 SP2
v2.0 SP2
Internet Explorer
Version 11.248.16299.0
PowerShell
Version 5.1.16299.15
Environment Variables
USERPROFILE C:\Users\eviei
SystemRoot C:\WINDOWS
User Variables
OneDrive C:\Users\eviei\OneDrive
Path C:\Users\eviei\AppData\Local\Microsoft\WindowsApps
TEMP C:\Users\eviei\AppData\Local\Temp
TMP C:\Users\eviei\AppData\Local\Temp
Machine Variables
asl.log Destination=file
ComSpec C:\WINDOWS\system32\cmd.exe
NUMBER_OF_PROCESSORS 4
OnlineServices Online Services
OS Windows_NT
Path C:\Program Files (x86)\Intel\TXE Components\TCS\
C:\Program Files\Intel\TXE Components\TCS\
C:\WINDOWS\system32
C:\WINDOWS
C:\WINDOWS\System32\Wbem
C:\WINDOWS\System32\WindowsPowerShell\v1.0\
C:\Program Files\Intel\TXE Components\DAL\
C:\Program Files (x86)\Intel\TXE Components\DAL\
C:\Program Files\Intel\TXE Components\IPT\
C:\Program Files (x86)\Intel\TXE Components\IPT\
PATHEXT .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
platformcode KV
PROCESSOR_ARCHITECTURE AMD64
PROCESSOR_IDENTIFIER Intel64 Family 6 Model 76 Stepping 4, GenuineIntel
PROCESSOR_LEVEL 6
PROCESSOR_REVISION 4c04
PSModulePath %ProgramFiles%\WindowsPowerShell\Modules
C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules
RegionCode NA
TEMP C:\WINDOWS\TEMP
TMP C:\WINDOWS\TEMP
USERNAME SYSTEM
windir C:\WINDOWS
Battery
AC Line Offline
Battery Charge % 89 %
Battery State High
Remaining Battery Time Unknown
Power Profile
Active power scheme HP Recommended
Hibernation Enabled
Turn Off Monitor after: (On AC Power) 5 min
Turn Off Monitor after: (On Battery Power) 5 min
Turn Off Hard Disk after: (On AC Power) 15 min
Turn Off Hard Disk after: (On Battery Power) 3 min
Suspend after: (On AC Power) 10 min
Suspend after: (On Battery Power) 10 min
Screen saver Disabled
Uptime
Current Session
Current Time 22/08/2018 1:32:58 PM
Current Uptime 1,385 sec (0 d, 00 h, 23 m, 05 s)
Last Boot Time 22/08/2018 1:09:53 PM
Services
Running Adobe Acrobat Update Service
Running Apple Mobile Device Service
Running Application Host Helper Service
Running Application Information
Running AppX Deployment Service (AppXSVC)
Running aswbIDSAgent
Running Avast Antivirus
Running Background Tasks Infrastructure Service
Running Base Filtering Engine
Running CNG Key Isolation
Running COM+ Event System
Running Connected Devices Platform Service
Running Connected Devices Platform User Service_6f976
Running Connected User Experiences and Telemetry
Running Contact Data_6f976
Running CoreMessaging
Running Credential Manager
Running Cryptographic Services
Running Data Usage
Running DCOM Server Process Launcher
Running Delivery Optimization
Running Device Association Service
Running DHCP Client
Running Diagnostic Policy Service
Running Diagnostic Service Host
Running Diagnostic System Host
Running Distributed Link Tracking Client
Running DNS Client
Running ESIF Upper Framework Service
Running Function Discovery Provider Host
Running Function Discovery Resource Publication
Running Geolocation Service
Running HomeGroup Provider
Running HP Comm Recovery
Running HP JumpStart Bridge
Running HP Orbit Service
Running HP Support Solutions Framework Service
Running HPWMISVC
Running IKE and AuthIP IPsec Keying Modules
Running Intel Dynamic Application Loader Host Interface
Running Intel HD Graphics Control Panel Service
Running Intuit Update Service v4
Running IP Helper
Running iPod Service
Running IPsec Policy Agent
Running Local Session Manager
Running Microsoft Account Sign-in Assistant
Running Microsoft Office Click-to-Run Service
Running Microsoft Passport
Running Microsoft Passport Container
Running Network Connected Devices Auto-Setup
Running Network Connection Broker
Running Network Connections
Running Network List Service
Running Network Location Awareness
Running Network Store Interface Service
Running Payments and NFC/SE Manager
Running Peer Networking Identity Manager
Running Plug and Play
Running Power
Running Print Spooler
Running Program Compatibility Assistant Service
Running Realtek Audio Service
Running Remote Access Connection Manager
Running Remote Procedure Call (RPC)
Running RPC Endpoint Mapper
Running Secure Socket Tunneling Protocol Service
Running Security Accounts Manager
Running Security Center
Running Server
Running Shell Hardware Detection
Running SSDP Discovery
Running State Repository Service
Running Storage Service
Running Superfetch
Running Sync Host_6f976
Running SynTPEnh Caller Service
Running System Event Notification Service
Running System Events Broker
Running Task Scheduler
Running TCP/IP NetBIOS Helper
Running Telephony
Running Themes
Running Tile Data model server
Running Time Broker
Running Touch Keyboard and Handwriting Panel Service
Running Update Orchestrator Service
Running User Data Access_6f976
Running User Data Storage_6f976
Running User Manager
Running User Profile Service
Running Web Account Manager
Running Windows 10 Update Facilitation Service
Running Windows Audio
Running Windows Audio Endpoint Builder
Running Windows Connection Manager
Running Windows Defender Firewall
Running Windows Defender Security Center Service
Running Windows Event Log
Running Windows Font Cache Service
Running Windows Image Acquisition (WIA)
Running Windows License Manager Service
Running Windows Management Instrumentation
Running Windows Presentation Foundation Font Cache 3.0.0.0
Running Windows Push Notifications System Service
Running Windows Push Notifications User Service_6f976
Running Windows Remediation Service
Running Windows Search
Running Windows Time
Running Windows Update
Running WinHTTP Web Proxy Auto-Discovery Service
Running WLAN AutoConfig
Running Workstation
Stopped %1!s! Update Service (avast)
Stopped %1!s! Update Service (avastm)
Stopped ActiveX Installer (AxInstSV)
Stopped AllJoyn Router Service
Stopped App Readiness
Stopped Application Identity
Stopped Application Layer Gateway Service
Stopped ASP.NET State Service
Stopped Auto Time Zone Updater
Stopped AvastWscReporter
Stopped Background Intelligent Transfer Service
Stopped BitLocker Drive Encryption Service
Stopped Block Level Backup Engine Service
Stopped Bluetooth Handsfree Service
Stopped Bluetooth Support Service
Stopped Capability Access Manager Service
Stopped Certificate Propagation
Stopped Client License Service (ClipSVC)
Stopped COM+ System Application
Stopped Computer Browser
Stopped Data Sharing Service
Stopped Device Install Service
Stopped Device Management Enrollment Service
Stopped Device Setup Manager
Stopped DevicesFlow_6f976
Stopped DevQuery Background Discovery Broker
Stopped Diagnostic Execution Service
Stopped Distributed Transaction Coordinator
Stopped dmwappushsvc
Stopped Downloaded Maps Manager
Stopped Dropbox Update Service (dbupdate)
Stopped Dropbox Update Service (dbupdatem)
Stopped Embedded Mode
Stopped Encrypting File System (EFS)
Stopped Enterprise App Management Service
Stopped Extensible Authentication Protocol
Stopped Fax
Stopped File History Service
Stopped Google Update Service (gupdate)
Stopped Google Update Service (gupdatem)
Stopped GraphicsPerfSvc
Stopped Group Policy Client
Stopped HomeGroup Listener
Stopped HP CASL Framework Service
Stopped Human Interface Device Service
Stopped HV Host Service
Stopped Hyper-V Data Exchange Service
Stopped Hyper-V Guest Service Interface
Stopped Hyper-V Guest Shutdown Service
Stopped Hyper-V Heartbeat Service
Stopped Hyper-V PowerShell Direct Service
Stopped Hyper-V Remote Desktop Virtualization Service
Stopped Hyper-V Time Synchronization Service
Stopped Hyper-V Volume Shadow Copy Requestor
Stopped Infrared monitor service
Stopped Intel Capability Licensing Service TCP IP Interface
Stopped Intel Content Protection HECI Service
Stopped Interactive Services Detection
Stopped Internet Connection Sharing (ICS)
Stopped IP Translation Configuration Service
Stopped KtmRm for Distributed Transaction Coordinator
Stopped Link-Layer Topology Discovery Mapper
Stopped Local Profile Assistant Service
Stopped MessagingService_6f976
Stopped Microsoft Diagnostics Hub Standard Collector Service
Stopped Microsoft iSCSI Initiator Service
Stopped Microsoft Software Shadow Copy Provider
Stopped Microsoft Storage Spaces SMP
Stopped Microsoft Windows SMS Router Service.
Stopped Mozilla Maintenance Service
Stopped Natural Authentication
Stopped Net.Tcp Port Sharing Service
Stopped Netlogon
Stopped Network Connectivity Assistant
Stopped Network Setup Service
Stopped Office Source Engine
Stopped Optimize drives
Start pending Peer Name Resolution Protocol
Stopped Peer Networking Grouping
Stopped Performance Counter DLL Host
Stopped Performance Logs & Alerts
Stopped Phone Service
Stopped PNRP Machine Name Publication Service
Stopped Portable Device Enumerator Service
Stopped Printer Extensions and Notifications
Stopped PrintWorkflow_6f976
Stopped Problem Reports and Solutions Control Panel Support
Stopped Quality Windows Audio Video Experience
Stopped Radio Management Service
Stopped Remote Access Auto Connection Manager
Stopped Remote Desktop Configuration
Stopped Remote Desktop Services
Stopped Remote Desktop Services UserMode Port Redirector
Stopped Remote Procedure Call (RPC) Locator
Stopped Remote Registry
Stopped Retail Demo Service
Stopped Routing and Remote Access
Stopped Secondary Logon
Stopped Sensor Data Service
Stopped Sensor Monitoring Service
Stopped Sensor Service
Stopped Shared PC Account Manager
Stopped Smart Card
Stopped Smart Card Device Enumeration Service
Stopped Smart Card Removal Policy
Stopped SNMP Trap
Stopped Software Protection
Stopped Spatial Data Service
Stopped Spot Verifier
Stopped Still Image Acquisition Events
Stopped Storage Tiers Management
Stopped UPnP Device Host
Stopped Virtual Disk
Stopped Volume Shadow Copy
Stopped W3C Logging Service
Stopped WalletService
Stopped WarpJITSvc
Stopped WebClient
Stopped Wi-Fi Direct Services Connection Manager Service
Stopped Windows Backup
Stopped Windows Biometric Service
Stopped Windows Camera Frame Server
Stopped Windows Connect Now - Config Registrar
Stopped Windows Defender Antivirus Network Inspection Service
Stopped Windows Defender Antivirus Service
Stopped Windows Encryption Provider Host Service
Stopped Windows Error Reporting Service
Stopped Windows Event Collector
Stopped Windows Insider Service
Stopped Windows Installer
Stopped Windows Media Player Network Sharing Service
Stopped Windows Mobile Hotspot Service
Stopped Windows Modules Installer
Stopped Windows Perception Service
Stopped Windows Process Activation Service
Stopped Windows PushToInstall Service
Stopped Windows Remote Management (WS-Management)
Stopped Windows Store Install Service
Stopped Wired AutoConfig
Stopped WMI Performance Adapter
Stopped Work Folders
Stopped WWAN AutoConfig
Stopped Xbox Accessory Management Service
Stopped Xbox Game Monitoring
Stopped Xbox Live Auth Manager
Stopped Xbox Live Game Save
Stopped Xbox Live Networking Service
TimeZone
TimeZone GMT -5:00 Hours
Language English (United States)
Location United States
Format English (United States)
Currency $
Date Format dd/MM/yyyy
Time Format h:mm:ss tt
Scheduler
22/08/2018 1:33 PM; GoogleUpdateTaskMachineUA
22/08/2018 1:50 PM; AvastUpdateTaskMachineUA
22/08/2018 1:51 PM; DropboxUpdateTaskMachineUA
22/08/2018 1:51 PM; HPCustParticipation HP Officejet 6500 E710n-z
22/08/2018 4:00 PM; Adobe Acrobat Update Task
22/08/2018 4:29 PM; update-S-1-5-21-3252656029-1357310190-2560453275-1001
22/08/2018 5:19 PM; update-sys
22/08/2018 5:51 PM; DropboxUpdateTaskMachineCore
22/08/2018 7:50 PM; AvastUpdateTaskMachineCore
23/08/2018 10:33 AM; GoogleUpdateTaskMachineCore
23/08/2018 3:43 PM; OneDrive Standalone Update Task-S-1-5-21-3252656029-1357310190-2560453275-1001
24/08/2018 1:41 AM; OneDrive Standalone Update Task v2
CCleanerSkipUAC
DropboxOEM
HPAudioSwitch
HPEA3JOBS
HPJumpStartLaunch
Tweaking.com - Windows Repair Tray Icon
System Folders
Application Data C:\ProgramData
Cookies C:\Users\eviei\AppData\Local\Microsoft\Windows\INetCookies
Desktop C:\Users\eviei\Desktop
Documents C:\Users\Public\Documents
Fonts C:\WINDOWS\Fonts
Global Favorites C:\Users\eviei\Favorites
Internet History C:\Users\eviei\AppData\Local\Microsoft\Windows\History
Local Application Data C:\Users\eviei\AppData\Local
Music C:\Users\Public\Music
Path for burning CD C:\Users\eviei\AppData\Local\Microsoft\Windows\Burn\Burn
Physical Desktop C:\Users\eviei\Desktop
Pictures C:\Users\Public\Pictures
Program Files C:\Program Files
Public Desktop C:\Users\Public\Desktop
Start Menu C:\ProgramData\Microsoft\Windows\Start Menu
Start Menu Programs C:\ProgramData\Microsoft\Windows\Start Menu\Programs
Startup C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Templates C:\ProgramData\Microsoft\Windows\Templates
Temporary Internet Files C:\Users\eviei\AppData\Local\Microsoft\Windows\INetCache
User Favorites C:\Users\eviei\Favorites
Videos C:\Users\Public\Videos
Windows Directory C:\WINDOWS
Windows/System C:\WINDOWS\system32
Process List
AppleMobileDeviceService.exe
Process ID 3216
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
ApplicationFrameHost.exe
Process ID 5008
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\ApplicationFrameHost.exe
Memory Usage 22 MB
Peak Memory Usage 28 MB
APSDaemon.exe
Process ID 7928
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
Memory Usage 15 MB
Peak Memory Usage 17 MB
armsvc.exe
Process ID 3224
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
Memory Usage 6.15 MB
Peak Memory Usage 6.83 MB
aswidsagenta.exe
Process ID 6136
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
Memory Usage 37 MB
Peak Memory Usage 43 MB
audiodg.exe
Process ID 2344
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\audiodg.exe
Memory Usage 17 MB
Peak Memory Usage 30 MB
AvastBrowser.exe
Process ID 804
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 59 MB
Peak Memory Usage 109 MB
AvastBrowser.exe
Process ID 7976
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 8.92 MB
Peak Memory Usage 8.92 MB
AvastBrowser.exe
Process ID 10832
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 34 MB
Peak Memory Usage 34 MB
AvastBrowser.exe
Process ID 9572
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 8.43 MB
Peak Memory Usage 8.43 MB
AvastBrowser.exe
Process ID 2808
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 102 MB
Peak Memory Usage 111 MB
AvastBrowser.exe
Process ID 6460
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 50 MB
Peak Memory Usage 69 MB
AvastBrowser.exe
Process ID 11184
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 42 MB
Peak Memory Usage 42 MB
AvastBrowser.exe
Process ID 11008
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 46 MB
Peak Memory Usage 47 MB
AvastBrowser.exe
Process ID 8460
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 72 MB
Peak Memory Usage 94 MB
AvastBrowser.exe
Process ID 8752
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 40 MB
Peak Memory Usage 42 MB
AvastBrowser.exe
Process ID 3880
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 47 MB
Peak Memory Usage 51 MB
AvastBrowser.exe
Process ID 8988
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 103 MB
Peak Memory Usage 119 MB
AvastBrowser.exe
Process ID 11780
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 21 MB
Peak Memory Usage 21 MB
AvastBrowser.exe
Process ID 11760
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 35 MB
Peak Memory Usage 35 MB
AvastBrowser.exe
Process ID 11692
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 40 MB
Peak Memory Usage 41 MB
AvastBrowser.exe
Process ID 11620
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Memory Usage 44 MB
Peak Memory Usage 45 MB
AvastBrowserCrashHandler.exe
Process ID 7672
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
Memory Usage 292 KB
Peak Memory Usage 7.00 MB
AvastBrowserCrashHandler64.exe
Process ID 7764
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
Memory Usage 324 KB
Peak Memory Usage 6.50 MB
AvastNM.exe
Process ID 6604
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\AVAST Software\Avast\AvastNM.exe
Memory Usage 7.92 MB
Peak Memory Usage 7.92 MB
AvastNM.exe
Process ID 1640
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\AVAST Software\Avast\AvastNM.exe
Memory Usage 7.91 MB
Peak Memory Usage 7.91 MB
AvastSvc.exe
Process ID 2692
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\AVAST Software\Avast\AvastSvc.exe
Memory Usage 150 MB
Peak Memory Usage 253 MB
AvastUI.exe
Process ID 9872
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\AVAST Software\Avast\AvastUI.exe
Memory Usage 35 MB
Peak Memory Usage 46 MB
CCleaner64.exe
Process ID 8052
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\CCleaner\CCleaner64.exe
Memory Usage 24 MB
Peak Memory Usage 27 MB
cmd.exe
Process ID 288
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\SysWOW64\cmd.exe
Memory Usage 3.84 MB
Peak Memory Usage 3.97 MB
cmd.exe
Process ID 10204
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\SysWOW64\cmd.exe
Memory Usage 3.83 MB
Peak Memory Usage 3.96 MB
conhost.exe
Process ID 8756
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\conhost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
conhost.exe
Process ID 236
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\conhost.exe
Memory Usage 12 MB
Peak Memory Usage 12 MB
conhost.exe
Process ID 2732
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\conhost.exe
Memory Usage 4.77 MB
Peak Memory Usage 5.44 MB
csrss.exe
Process ID 620
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 4.70 MB
Peak Memory Usage 5.50 MB
csrss.exe
Process ID 716
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\csrss.exe
Memory Usage 4.97 MB
Peak Memory Usage 13 MB
ctfmon.exe
Process ID 8716
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\ctfmon.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
dasHost.exe
Process ID 3080
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\dasHost.exe
Memory Usage 15 MB
Peak Memory Usage 19 MB
dllhost.exe
Process ID 6688
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\dllhost.exe
Memory Usage 8.95 MB
Peak Memory Usage 11 MB
dllhost.exe
Process ID 8944
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\dllhost.exe
Memory Usage 6.13 MB
Peak Memory Usage 6.13 MB
dllhost.exe
Process ID 4216
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\dllhost.exe
Memory Usage 6.39 MB
Peak Memory Usage 6.39 MB
DropboxUpdate.exe
Process ID 7092
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Memory Usage 188 KB
Peak Memory Usage 7.79 MB
dwm.exe
Process ID 1124
User DWM-1
Domain Window Manager
Path C:\Windows\System32\dwm.exe
Memory Usage 50 MB
Peak Memory Usage 61 MB
esif_assist_64.exe
Process ID 6948
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\Temp\DPTF\esif_assist_64.exe
Memory Usage 4.64 MB
Peak Memory Usage 5.26 MB
esif_uf.exe
Process ID 3232
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\SysWOW64\esif_uf.exe
Memory Usage 6.34 MB
Peak Memory Usage 7.54 MB
explorer.exe
Process ID 6092
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\explorer.exe
Memory Usage 91 MB
Peak Memory Usage 99 MB
fontdrvhost.exe
Process ID 980
User UMFD-0
Domain Font Driver Host
Path C:\Windows\System32\fontdrvhost.exe
Memory Usage 3.48 MB
Peak Memory Usage 4.92 MB
fontdrvhost.exe
Process ID 988
User UMFD-1
Domain Font Driver Host
Path C:\Windows\System32\fontdrvhost.exe
Memory Usage 6.85 MB
Peak Memory Usage 16 MB
HPAudioSwitch.exe
Process ID 2876
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
Memory Usage 37 MB
Peak Memory Usage 43 MB
HPCommRecovery.exe
Process ID 2744
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\HPCommRecovery\HPCommRecovery.exe
Memory Usage 16 MB
Peak Memory Usage 17 MB
HPJumpStartBridge.exe
Process ID 10648
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
Memory Usage 27 MB
Peak Memory Usage 27 MB
HPJumpStartLaunch.exe
Process ID 7108
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
Memory Usage 816 KB
Peak Memory Usage 6.62 MB
HPMSGSVC.exe
Process ID 9812
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
Memory Usage 8.75 MB
Peak Memory Usage 9.60 MB
HPOrbitService.exe
Process ID 3904
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
Memory Usage 13 MB
Peak Memory Usage 17 MB
HPRadioMgr64.exe
Process ID 9856
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
Memory Usage 8.68 MB
Peak Memory Usage 9.32 MB
HPSupportSolutionsFrameworkService.exe
Process ID 11172
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
Memory Usage 47 MB
Peak Memory Usage 49 MB
HPWMISVC.exe
Process ID 3208
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
Memory Usage 7.55 MB
Peak Memory Usage 8.15 MB
hpwuschd2.exe
Process ID 9888
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
Memory Usage 6.04 MB
Peak Memory Usage 6.63 MB
iCloudDrive.exe
Process ID 1004
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
Memory Usage 29 MB
Peak Memory Usage 33 MB
iCloudPhotos.exe
Process ID 7272
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
Memory Usage 26 MB
Peak Memory Usage 34 MB
iCloudServices.exe
Process ID 9048
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
Memory Usage 49 MB
Peak Memory Usage 66 MB
igfxCUIService.exe
Process ID 1944
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\igfxCUIService.exe
Memory Usage 7.62 MB
Peak Memory Usage 8.97 MB
igfxEM.exe
Process ID 7604
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\igfxEM.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
igfxHK.exe
Process ID 6160
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\igfxHK.exe
Memory Usage 8.42 MB
Peak Memory Usage 9.47 MB
IntuitUpdateService.exe
Process ID 10644
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
Memory Usage 2.89 MB
Peak Memory Usage 36 MB
iPodService.exe
Process ID 9940
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\iPod\bin\iPodService.exe
Memory Usage 7.21 MB
Peak Memory Usage 8.46 MB
iTunesHelper.exe
Process ID 8924
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\iTunes\iTunesHelper.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
jhi_service.exe
Process ID 11060
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
Memory Usage 6.21 MB
Peak Memory Usage 6.52 MB
Lightshot.exe
Process ID 10120
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
Memory Usage 10 MB
Peak Memory Usage 15 MB
lsass.exe
Process ID 844
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\lsass.exe
Memory Usage 15 MB
Peak Memory Usage 17 MB
Memory Compression
Process ID 1840
User SYSTEM
Domain NT AUTHORITY
Memory Usage 57 MB
Peak Memory Usage 57 MB
MSASCuiL.exe
Process ID 6704
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Windows Defender\MSASCuiL.exe
Memory Usage 8.84 MB
Peak Memory Usage 9.79 MB
notepad.exe
Process ID 9560
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\notepad.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
notepad.exe
Process ID 9128
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\notepad.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
notepad.exe
Process ID 8980
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\notepad.exe
Memory Usage 18 MB
Peak Memory Usage 18 MB
OfficeClickToRun.exe
Process ID 3328
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
Memory Usage 24 MB
Peak Memory Usage 31 MB
OneDrive.exe
Process ID 2380
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Users\eviei\AppData\Local\Microsoft\OneDrive\OneDrive.exe
Memory Usage 41 MB
Peak Memory Usage 46 MB
PresentationFontCache.exe
Process ID 7000
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
Memory Usage 16 MB
Peak Memory Usage 19 MB
RtkAudioService64.exe
Process ID 2248
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
Memory Usage 7.00 MB
Peak Memory Usage 8.14 MB
RtkNGUI64.exe
Process ID 6628
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
Memory Usage 16 MB
Peak Memory Usage 18 MB
RuntimeBroker.exe
Process ID 9176
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 17 MB
Peak Memory Usage 22 MB
RuntimeBroker.exe
Process ID 7204
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 15 MB
Peak Memory Usage 27 MB
RuntimeBroker.exe
Process ID 7960
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\RuntimeBroker.exe
Memory Usage 18 MB
Peak Memory Usage 25 MB
ScanToPCActivationApp.exe
Process ID 7504
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
SearchIndexer.exe
Process ID 5644
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SearchIndexer.exe
Memory Usage 23 MB
Peak Memory Usage 29 MB
SearchUI.exe
Process ID 7852
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Memory Usage 72 MB
Peak Memory Usage 182 MB
secd.exe
Process ID 10460
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
Memory Usage 16 MB
Peak Memory Usage 18 MB
SecurityHealthService.exe
Process ID 3448
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\SecurityHealthService.exe
Memory Usage 15 MB
Peak Memory Usage 16 MB
sedsvc.exe
Process ID 10024
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\rempl\sedsvc.exe
Memory Usage 9.66 MB
Peak Memory Usage 11 MB
services.exe
Process ID 828
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\services.exe
Memory Usage 8.30 MB
Peak Memory Usage 11 MB
SettingSyncHost.exe
Process ID 6316
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\SettingSyncHost.exe
Memory Usage 5.72 MB
Peak Memory Usage 22 MB
ShellExperienceHost.exe
Process ID 7656
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Memory Usage 43 MB
Peak Memory Usage 72 MB
sihost.exe
Process ID 6968
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\sihost.exe
Memory Usage 22 MB
Peak Memory Usage 24 MB
SkypeHost.exe
Process ID 8896
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Memory Usage 4.19 MB
Peak Memory Usage 12 MB
smartscreen.exe
Process ID 11220
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\smartscreen.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
smss.exe
Process ID 424
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\smss.exe
Memory Usage 1.01 MB
Peak Memory Usage 1.27 MB
Speccy64.exe
Process ID 9160
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Speccy\Speccy64.exe
Memory Usage 29 MB
Peak Memory Usage 30 MB
spoolsv.exe
Process ID 2972
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\spoolsv.exe
Memory Usage 13 MB
Peak Memory Usage 17 MB
svchost.exe
Process ID 6008
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.34 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1264
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 1228
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 25 MB
svchost.exe
Process ID 964
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 3.56 MB
Peak Memory Usage 3.90 MB
svchost.exe
Process ID 1052
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.57 MB
Peak Memory Usage 7.53 MB
svchost.exe
Process ID 6980
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 23 MB
svchost.exe
Process ID 3828
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.21 MB
Peak Memory Usage 8.21 MB
svchost.exe
Process ID 7024
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\svchost.exe
Memory Usage 29 MB
Peak Memory Usage 33 MB
svchost.exe
Process ID 7084
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 6036
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.99 MB
Peak Memory Usage 9.79 MB
svchost.exe
Process ID 3932
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 836
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 372
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 26 MB
Peak Memory Usage 29 MB
svchost.exe
Process ID 5436
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1384
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.73 MB
Peak Memory Usage 6.25 MB
svchost.exe
Process ID 2600
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.28 MB
Peak Memory Usage 6.30 MB
svchost.exe
Process ID 7408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.25 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 5144
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 7740
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\svchost.exe
Memory Usage 30 MB
Peak Memory Usage 31 MB
svchost.exe
Process ID 4668
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.55 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 4268
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.20 MB
Peak Memory Usage 8.89 MB
svchost.exe
Process ID 10924
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.49 MB
Peak Memory Usage 5.51 MB
svchost.exe
Process ID 5016
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 4.99 MB
Peak Memory Usage 5.47 MB
svchost.exe
Process ID 7432
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 4784
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.27 MB
Peak Memory Usage 8.99 MB
svchost.exe
Process ID 4496
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.35 MB
Peak Memory Usage 9.45 MB
svchost.exe
Process ID 3492
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.15 MB
Peak Memory Usage 5.66 MB
svchost.exe
Process ID 4404
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.89 MB
Peak Memory Usage 7.88 MB
svchost.exe
Process ID 4364
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 17 MB
Peak Memory Usage 23 MB
svchost.exe
Process ID 2572
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.86 MB
Peak Memory Usage 7.45 MB
svchost.exe
Process ID 4076
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.39 MB
Peak Memory Usage 7.14 MB
svchost.exe
Process ID 3968
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 38 MB
Peak Memory Usage 54 MB
svchost.exe
Process ID 3860
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.00 MB
Peak Memory Usage 5.52 MB
svchost.exe
Process ID 3516
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.11 MB
Peak Memory Usage 6.65 MB
svchost.exe
Process ID 3508
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 18 MB
Peak Memory Usage 21 MB
svchost.exe
Process ID 3460
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.17 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 3440
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.84 MB
Peak Memory Usage 6.61 MB
svchost.exe
Process ID 3388
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.17 MB
Peak Memory Usage 9.12 MB
svchost.exe
Process ID 3376
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 3336
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.75 MB
Peak Memory Usage 6.64 MB
svchost.exe
Process ID 3320
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 3300
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 20 MB
Peak Memory Usage 66 MB
svchost.exe
Process ID 3292
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 31 MB
Peak Memory Usage 43 MB
svchost.exe
Process ID 3284
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 24 MB
Peak Memory Usage 26 MB
svchost.exe
Process ID 3248
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.24 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 3240
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.50 MB
Peak Memory Usage 7.66 MB
svchost.exe
Process ID 3020
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.44 MB
Peak Memory Usage 8.14 MB
svchost.exe
Process ID 10564
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.45 MB
Peak Memory Usage 5.91 MB
svchost.exe
Process ID 2704
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 2604
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 2484
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.81 MB
Peak Memory Usage 7.53 MB
svchost.exe
Process ID 2372
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 13 MB
svchost.exe
Process ID 9768
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 15 MB
Peak Memory Usage 15 MB
svchost.exe
Process ID 6916
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 12 MB
Peak Memory Usage 63 MB
svchost.exe
Process ID 2360
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.63 MB
Peak Memory Usage 6.42 MB
svchost.exe
Process ID 2352
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.27 MB
Peak Memory Usage 8.00 MB
svchost.exe
Process ID 9408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 2144
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 10 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 2084
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1796
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 16 MB
Peak Memory Usage 20 MB
svchost.exe
Process ID 2044
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.00 MB
Peak Memory Usage 7.73 MB
svchost.exe
Process ID 2032
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.20 MB
Peak Memory Usage 8.18 MB
svchost.exe
Process ID 1896
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.45 MB
Peak Memory Usage 8.48 MB
svchost.exe
Process ID 1884
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.02 MB
Peak Memory Usage 10 MB
svchost.exe
Process ID 1504
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.39 MB
Peak Memory Usage 8.04 MB
svchost.exe
Process ID 1872
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.39 MB
Peak Memory Usage 9.45 MB
svchost.exe
Process ID 1788
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.17 MB
Peak Memory Usage 7.92 MB
svchost.exe
Process ID 1780
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 5.30 MB
Peak Memory Usage 5.86 MB
svchost.exe
Process ID 1772
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 40 MB
Peak Memory Usage 75 MB
svchost.exe
Process ID 1728
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 11 MB
Peak Memory Usage 12 MB
svchost.exe
Process ID 1624
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.81 MB
Peak Memory Usage 7.62 MB
svchost.exe
Process ID 1552
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.44 MB
Peak Memory Usage 9.03 MB
svchost.exe
Process ID 1532
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 6.85 MB
Peak Memory Usage 9.29 MB
svchost.exe
Process ID 1420
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 19 MB
svchost.exe
Process ID 1408
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 13 MB
Peak Memory Usage 14 MB
svchost.exe
Process ID 1360
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 9.91 MB
Peak Memory Usage 11 MB
svchost.exe
Process ID 11420
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 7.39 MB
Peak Memory Usage 7.40 MB
svchost.exe
Process ID 1320
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 14 MB
Peak Memory Usage 16 MB
svchost.exe
Process ID 1272
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\svchost.exe
Memory Usage 8.77 MB
Peak Memory Usage 9.79 MB
SynTPEnh.exe
Process ID 6328
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Memory Usage 14 MB
Peak Memory Usage 20 MB
SynTPEnhService.exe
Process ID 3476
User SYSTEM
Domain NT AUTHORITY
Path C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
Memory Usage 7.27 MB
Peak Memory Usage 8.80 MB
SynTPHelper.exe
Process ID 7364
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
Memory Usage 4.28 MB
Peak Memory Usage 4.89 MB
System
Process ID 4
Memory Usage 6.33 MB
Peak Memory Usage 11 MB
System Idle Process
Process ID 0
TabTip.exe
Process ID 8740
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
Memory Usage 14 MB
Peak Memory Usage 15 MB
TabTip32.exe
Process ID 8812
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
Memory Usage 4.51 MB
Peak Memory Usage 5.24 MB
taskhostw.exe
Process ID 7124
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Windows\System32\taskhostw.exe
Memory Usage 14 MB
Peak Memory Usage 15 MB
unsecapp.exe
Process ID 6488
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\unsecapp.exe
Memory Usage 6.61 MB
Peak Memory Usage 8.48 MB
wininit.exe
Process ID 700
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wininit.exe
Memory Usage 5.43 MB
Peak Memory Usage 6.61 MB
winlogon.exe
Process ID 788
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\winlogon.exe
Memory Usage 8.27 MB
Peak Memory Usage 14 MB
wlanext.exe
Process ID 2720
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wlanext.exe
Memory Usage 6.13 MB
Peak Memory Usage 7.05 MB
WmiPrvSE.exe
Process ID 3740
User SYSTEM
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 8.72 MB
Peak Memory Usage 9.59 MB
WmiPrvSE.exe
Process ID 2648
User NETWORK SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\wbem\WmiPrvSE.exe
Memory Usage 13 MB
Peak Memory Usage 13 MB
WR_Tray_Icon.exe
Process ID 10656
User eviei
Domain LAPTOP-VCBMR6EO
Path C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
Memory Usage 2.09 MB
Peak Memory Usage 8.60 MB
WUDFHost.exe
Process ID 972
User LOCAL SERVICE
Domain NT AUTHORITY
Path C:\Windows\System32\WUDFHost.exe
Memory Usage 13 MB
Peak Memory Usage 35 MB
Security Options
Accounts: Administrator account status Disabled
Accounts: Block Microsoft accounts Not Defined
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Accounts: Rename administrator account Administrator
Accounts: Rename guest account Guest
Audit: Audit the access of global system objects Disabled
Audit: Audit the use of Backup and Restore privilege Disabled
Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
Audit: Shut down system immediately if unable to log security audits Disabled
DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
Devices: Allow undock without having to log on Enabled
Devices: Allowed to format and eject removable media Not Defined
Devices: Prevent users from installing printer drivers Disabled
Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
Devices: Restrict floppy access to locally logged-on user only Not Defined
Domain controller: Allow server operators to schedule tasks Not Defined
Domain controller: LDAP server signing requirements Not Defined
Domain controller: Refuse machine account password changes Not Defined
Domain member: Digitally encrypt or sign secure channel data (always) Enabled
Domain member: Digitally encrypt secure channel data (when possible) Enabled
Domain member: Digitally sign secure channel data (when possible) Enabled
Domain member: Disable machine account password changes Disabled
Domain member: Maximum machine account password age 30 days
Domain member: Require strong (Windows 2000 or later) session key Enabled
Interactive logon: Display user information when the session is locked Not Defined
Interactive logon: Do not require CTRL+ALT+DEL Not Defined
Interactive logon: Don't display last signed-in Disabled
Interactive logon: Don't display username at sign-in Not Defined
Interactive logon: Machine account lockout threshold Not Defined
Interactive logon: Machine inactivity limit Not Defined
Interactive logon: Message text for users attempting to log on
Interactive logon: Message title for users attempting to log on
Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
Interactive logon: Prompt user to change password before expiration 5 days
Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
Interactive logon: Require Windows Hello for Business or smart card Disabled
Interactive logon: Smart card removal behavior No Action
Microsoft network client: Digitally sign communications (always) Disabled
Microsoft network client: Digitally sign communications (if server agrees) Enabled
Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
Microsoft network server: Amount of idle time required before suspending session Not Defined
Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined
Microsoft network server: Digitally sign communications (always) Disabled
Microsoft network server: Digitally sign communications (if client agrees) Disabled
Microsoft network server: Disconnect clients when logon hours expire Enabled
Microsoft network server: Server SPN target name validation level Not Defined
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
Network access: Do not allow storage of passwords and credentials for network authentication Disabled
Network access: Let Everyone permissions apply to anonymous users Disabled
Network access: Named Pipes that can be accessed anonymously
Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
Network access: Restrict anonymous access to Named Pipes and Shares Enabled
Network access: Restrict clients allowed to make remote calls to SAM
Network access: Shares that can be accessed anonymously Not Defined
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Network security: Allow Local System to use computer identity for NTLM Not Defined
Network security: Allow LocalSystem NULL session fallback Not Defined
Network security: Allow PKU2U authentication requests to this computer to use online identities.
 
Not Defined
Network security: Configure encryption types allowed for Kerberos Not Defined
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: Force logoff when logon hours expire Disabled
Network security: LAN Manager authentication level Not Defined
Network security: LDAP client signing requirements Negotiate signing
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
Recovery console: Allow automatic administrative logon Enabled
Recovery console: Allow floppy copy and access to all drives and all folders Enabled
Shutdown: Allow system to be shut down without having to log on Enabled
Shutdown: Clear virtual memory pagefile Disabled
System cryptography: Force strong key protection for user keys stored on the computer Not Defined
System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
System objects: Require case insensitivity for non-Windows subsystems Enabled
System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
System settings: Optional subsystems
System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
User Account Control: Admin Approval Mode for the Built-in Administrator account Not Defined
User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Prompt for consent for non-Windows binaries
User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
User Account Control: Detect application installations and prompt for elevation Enabled
User Account Control: Only elevate executables that are signed and validated Disabled
User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
User Account Control: Run all administrators in Admin Approval Mode Enabled
User Account Control: Switch to the secure desktop when prompting for elevation Enabled
User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Device Tree
ACPI x64-based PC
Microsoft ACPI-Compliant System
ACPI Fan
ACPI Fixed Feature Button
ACPI Thermal Zone
ACPI Thermal Zone
Intel Dynamic Platform and Thermal Framework Generic Participant
Intel Dynamic Platform and Thermal Framework Manager
Intel Pentium CPU N3710 @ 1.60GHz
Intel Pentium CPU N3710 @ 1.60GHz
Intel Pentium CPU N3710 @ 1.60GHz
Intel Pentium CPU N3710 @ 1.60GHz
Microsoft Windows Management Interface for ACPI
System CMOS/real time clock
Trusted Platform Module 2.0
PCI Express Root Complex
Intel Dynamic Platform and Thermal Framework Processor Participant
Intel Trusted Execution Engine Interface
Motherboard resources
Motherboard resources
PCI standard host CPU bridge
PCI-to-PCI Bridge
Synaptics SMBus Driver
Intel® HD Graphics
Generic PnP Monitor
Standard SATA AHCI Controller
hp DVDRW DA8AESH
WDC WD5000LPCX-60VHAT0
Intel® USB 3.0 eXtensible Host Controller - 1.0 (Microsoft)
USB Root Hub (USB 3.0)
USB Input Device
HID-compliant mouse
Generic USB Hub
USB Input Device
HID-compliant device
HID-compliant touch screen
HID-compliant vendor-defined device
HID-compliant vendor-defined device
USB Composite Device
HP Webcam
High Definition Audio Controller
Intel Display Audio
Realtek High Definition Audio
Microphone (Realtek High Definition Audio)
Speaker/Headphone (Realtek High Definition Audio)
PCI-to-PCI Bridge
Realtek RTL8188EE 802.11b/g/n PCIe Adapter
Microsoft Wi-Fi Direct Virtual Adapter
PCI-to-PCI Bridge
Realtek PCIe GBE Family Controller #2
PCI standard ISA bridge
ACPI Lid
Legacy device
Microsoft AC Adapter
Microsoft ACPI-Compliant Control Method Battery
Microsoft ACPI-Compliant Embedded Controller
Motherboard resources
Programmable interrupt controller
Standard PS/2 Keyboard
Synaptics SMBus TouchPad
System timer
HP Wireless Button Driver
HID-compliant wireless radio controls
Microsoft UEFI-Compliant System
System Firmware
CPU
Intel Pentium J3710
Cores 4
Threads 4
Name Intel Pentium J3710
Code Name Braswell
Package Socket 1170 BGA
Technology 14nm
Specification Intel Pentium CPU N3710 @ 1.60GHz
Family 6
Extended Family 6
Model C
Extended Model 4C
Stepping 4
Instructions MMX, SSE, SSE2, SSE3, SSSE3, SSE4.1, SSE4.2, Intel 64, NX, VMX, AES
Virtualization Supported, Disabled
Hyperthreading Not supported
Bus Speed 80.0 MHz
Stock Core Speed 1600 MHz
Stock Bus Speed 80 MHz
Average Temperature 42 °C
Caches
L1 Data Cache Size 4 x 24 KBytes
L1 Instructions Cache Size 4 x 32 KBytes
L2 Unified Cache Size 2 x 1024 KBytes
Cores
Core 0
Core Speed 799.7 MHz
Multiplier x 10.0
Bus Speed 80.0 MHz
Temperature 40 °C
Threads APIC ID: 0
Core 1
Core Speed 799.7 MHz
Multiplier x 10.0
Bus Speed 80.0 MHz
Temperature 40 °C
Threads APIC ID: 2
Core 2
Core Speed 799.7 MHz
Multiplier x 10.0
Bus Speed 80.0 MHz
Temperature 43 °C
Threads APIC ID: 4
Core 3
Core Speed 799.7 MHz
Multiplier x 10.0
Bus Speed 80.0 MHz
Temperature 43 °C
Threads APIC ID: 6
RAM
Memory slots
Total memory slots 2
Used memory slots 1
Free memory slots 1
Memory
Type DDR3
Size 4096 MBytes
DRAM Frequency 1599.3 MHz
CAS# Latency (CL) 11 clocks
RAS# to CAS# Delay (tRCD) 11 clocks
RAS# Precharge (tRP) 11 clocks
Cycle Time (tRAS) 28 clocks
Command Rate (CR) 1T
Physical Memory
Memory Usage 63 %
Total Physical 3.91 GB
Available Physical 1.43 GB
Total Virtual 7.91 GB
Available Virtual 5.01 GB
SPD
Number Of SPD Modules 1
Slot #1
Type DDR3
Size 4096 MBytes
Manufacturer Samsung
Max Bandwidth PC3-12800 (800 MHz)
Part Number M471B5173EB0-YK0
Serial Number 889868137
Week/year 09 / 17
Timing table
JEDEC #1
Frequency 381.0 MHz
CAS# Latency 5.0
RAS# To CAS# 5
RAS# Precharge 5
tRAS 14
tRC 19
Voltage 1.350 V
JEDEC #2
Frequency 457.1 MHz
CAS# Latency 6.0
RAS# To CAS# 6
RAS# Precharge 6
tRAS 16
tRC 22
Voltage 1.350 V
JEDEC #3
Frequency 533.3 MHz
CAS# Latency 7.0
RAS# To CAS# 7
RAS# Precharge 7
tRAS 19
tRC 26
Voltage 1.350 V
JEDEC #4
Frequency 609.5 MHz
CAS# Latency 8.0
RAS# To CAS# 8
RAS# Precharge 8
tRAS 22
tRC 30
Voltage 1.350 V
JEDEC #5
Frequency 685.7 MHz
CAS# Latency 9.0
RAS# To CAS# 9
RAS# Precharge 9
tRAS 24
tRC 33
Voltage 1.350 V
JEDEC #6
Frequency 761.9 MHz
CAS# Latency 10.0
RAS# To CAS# 10
RAS# Precharge 10
tRAS 27
tRC 37
Voltage 1.350 V
JEDEC #7
Frequency 800.0 MHz
CAS# Latency 11.0
RAS# To CAS# 11
RAS# Precharge 11
tRAS 28
tRC 39
Voltage 1.350 V
Motherboard
Manufacturer HP
Model 832C (CHV)
Version 25.26
Chipset Vendor Intel
Chipset Model Braswell Host Bridge
Chipset Revision 35
Southbridge Vendor Intel
Southbridge Model Braswell LPC Bridge
Southbridge Revision 35
BIOS
Brand Insyde
Version F.10
Date 10/05/2017
PCI Data
Slot PCI-E x4
Slot Type PCI-E x4
Slot Usage Available
Data lanes x4
Slot Designation J5C1
Characteristics PME, Hot Plug, SMBus
Slot Number 0
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J4B3
Characteristics PME, Hot Plug, SMBus
Slot Number 1
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J6C1
Characteristics PME, Hot Plug, SMBus
Slot Number 2
Slot PCI-E x1
Slot Type PCI-E x1
Slot Usage Available
Data lanes x1
Slot Designation J6D1
Characteristics PME, Hot Plug, SMBus
Slot Number 3
Graphics
Monitor
Name Generic PnP Monitor on Intel HD Graphics
Current Resolution 1366x768 pixels
Work Resolution 1366x728 pixels
State Enabled, Primary
Monitor Width 1366
Monitor Height 768
Monitor BPP 32 bits per pixel
Monitor Frequency 60 Hz
Device \\.\DISPLAY1\Monitor0
Intel HD Graphics
Manufacturer Intel
Model HD Graphics
Device ID 8086-22B1
Revision 36
Subvendor HP (103C)
Current Performance Level Level 0
Driver version 20.19.15.4568
Count of performance levels : 1
Level 1 - "Perf Level 0"
Storage
Hard drives
WDC WD5000LPCX-60VHAT0
Manufacturer Western Digital
Heads 16
Cylinders 60,801
Tracks 15,504,255
Sectors 976,768,065
SATA type SATA-III 6.0Gb/s
Device type Fixed
ATA Standard ACS3
Serial Number WD-WXC1A27H0ZT4
Firmware Version Number 01.01A01
LBA Size 48-bit LBA
Power On Count 177 times
Power On Time 6.9 days
Speed 5400 RPM
Features S.M.A.R.T., APM, NCQ
Max. Transfer Mode SATA III 6.0Gb/s
Used Transfer Mode SATA III 6.0Gb/s
Interface SATA
Capacity 465 GB
Real size 500,107,862,016 bytes
RAID Type None
S.M.A.R.T
Status Good
Temperature 36 °C
Temperature Range OK (less than 50 °C)
S.M.A.R.T attributes
01
Attribute name Read Error Rate
Real value 0
Current 200
Worst 200
Threshold 51
Raw Value 0000000000
Status Good
03
Attribute name Spin-Up Time
Real value 1425 ms
Current 151
Worst 147
Threshold 21
Raw Value 0000000591
Status Good
04
Attribute name Start/Stop Count
Real value 536
Current 100
Worst 100
Threshold 0
Raw Value 0000000218
Status Good
05
Attribute name Reallocated Sectors Count
Real value 0
Current 200
Worst 200
Threshold 140
Raw Value 0000000000
Status Good
07
Attribute name Seek Error Rate
Real value 0
Current 200
Worst 200
Threshold 51
Raw Value 0000000000
Status Good
09
Attribute name Power-On Hours (POH)
Real value 6d 21h
Current 100
Worst 100
Threshold 0
Raw Value 00000000A5
Status Good
0A
Attribute name Spin Retry Count
Real value 0
Current 100
Worst 100
Threshold 51
Raw Value 0000000000
Status Good
0B
Attribute name Recalibration Retries
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
0C
Attribute name Device Power Cycle Count
Real value 177
Current 100
Worst 100
Threshold 0
Raw Value 00000000B1
Status Good
B7
Attribute name SATA Downshift Error Count
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
B8
Attribute name End-to-End error / IOEDC
Real value 0
Current 100
Worst 100
Threshold 97
Raw Value 0000000000
Status Good
BB
Attribute name Reported Uncorrectable Errors
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BC
Attribute name Command Timeout
Real value 0
Current 100
Worst 100
Threshold 0
Raw Value 0000000000
Status Good
BE
Attribute name Temperature Difference from 100
Real value 36 °C
Current 64
Worst 54
Threshold 40
Raw Value 0025190024
Status Good
BF
Attribute name G-sense error rate
Real value 15
Current 85
Worst 85
Threshold 0
Raw Value 000000000F
Status Good
C0
Attribute name Power-off Retract Count
Real value 8
Current 200
Worst 200
Threshold 0
Raw Value 0000000008
Status Good
C1
Attribute name Load/Unload Cycle Count
Real value 2,052
Current 200
Worst 200
Threshold 0
Raw Value 0000000804
Status Good
C2
Attribute name Temperature
Real value 36 °C
Current 107
Worst 97
Threshold 0
Raw Value 0000000024
Status Good
C4
Attribute name Reallocation Event Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
C5
Attribute name Current Pending Sector Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
C6
Attribute name Uncorrectable Sector Count
Real value 0
Current 100
Worst 253
Threshold 0
Raw Value 0000000000
Status Good
C7
Attribute name UltraDMA CRC Error Count
Real value 0
Current 200
Worst 200
Threshold 0
Raw Value 0000000000
Status Good
C8
Attribute name Write Error Rate / Multi-Zone Error Rate
Real value 0
Current 100
Worst 253
Threshold 51
Raw Value 0000000000
Status Good
Partition 0
Partition ID Disk #0, Partition #0
File System FAT32
Volume Serial Number 020EF7EF
Size 256 MB
Used Space 91 MB (35%)
Free Space 164 MB (65%)
Partition 1
Partition ID Disk #0, Partition #1
Disk Letter C:
File System NTFS
Volume Serial Number 0EDFFD28
Size 450 GB
Used Space 63 GB (14%)
Free Space 386 GB (86%)
Partition 2
Partition ID Disk #0, Partition #2
File System NTFS
Volume Serial Number 20ABBF28
Size 979 MB
Used Space 587 MB (59%)
Free Space 392 MB (41%)
Partition 3
Partition ID Disk #0, Partition #3
Disk Letter D:
File System NTFS
Volume Serial Number 247FAE57
Size 13.6 GB
Used Space 12 GB (88%)
Free Space 1.62 GB (12%)
Optical Drives
hp DVDRW  DA8AESH
Media Type DVD Writer
Name hp DVDRW DA8AESH
Availability Running/Full Power
Capabilities Random Access, Supports Writing, Supports Removable Media
Read capabilities CD-R, CD-RW, CD-ROM, DVD-ROM, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Write capabilities CD-R, CD-RW, DVD-R, DVD-RW, DVD+R, DVD+RW, DVD-R DL, DVD+R DL
Config Manager Error Code Device is working properly
Config Manager User Config FALSE
Drive E:
Media Loaded FALSE
SCSI Bus 1
SCSI Logical Unit 0
SCSI Port 0
SCSI Target Id 0
Status OK
Audio
Sound Cards
Realtek High Definition Audio
Intel Display Audio
Playback Device
Speaker/Headphone (Realtek High Definition Audio)
Recording Device
Microphone (Realtek High Definition Audio)
Speaker Configuration
Speaker type Stereo
Peripherals
Standard PS/2 Keyboard
Device Kind Keyboard
Device Name Standard PS/2 Keyboard
Vendor MSFT
Location PCI standard ISA bridge
Driver
Date 6-21-2006
Version 10.0.16299.15
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\DRIVERS\kbdclass.sys
HID-compliant mouse
Device Kind Mouse
Device Name HID-compliant mouse
Vendor Logitech
Location USB Input Device
Driver
Date 6-21-2006
Version 10.0.16299.15
File C:\WINDOWS\system32\DRIVERS\mouhid.sys
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
Synaptics SMBus TouchPad
Device Kind Mouse
Device Name Synaptics SMBus TouchPad
Vendor SYN
Location PCI standard ISA bridge
Driver
Date 3-19-2018
Version 19.5.10.69
File C:\WINDOWS\system32\DRIVERS\SynTP.sys
File C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel_Aux.sys
File C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF_Aux.sys
File C:\WINDOWS\system32\DRIVERS\SynRMIHID_Aux.sys
File C:\WINDOWS\system32\SynTPAPI.dll
File C:\WINDOWS\system32\SynCOM.dll
File C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
File C:\Program Files\Synaptics\SynTP\SynTPRes.dll
File C:\Program Files\Synaptics\SynTP\InstNT.exe
File C:\Program Files\Synaptics\SynTP\SynISDLL.dll
File C:\Program Files\Synaptics\SynTP\SynUnst.ini
File C:\Program Files\Synaptics\SynTP\SynRemoveUserSettings.dat
File C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
File C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
File C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
File C:\Program Files\Synaptics\SynTP\SynZMetr.exe
File C:\Program Files\Synaptics\SynTP\SynMood.exe
File C:\Program Files\Synaptics\SynTP\Tutorial.exe
File C:\Program Files\Synaptics\SynTP\SynCntxt.rtf
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynPinch.mpg
File C:\Program Files\Synaptics\SynTP\SynMomentum.mpg
File C:\Program Files\Synaptics\SynTP\SynLinearVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynTwoFingerVHScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_ChiralRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\SynThreeFingersDown.mpg
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\SynChiralTwistRotate.mpg
File C:\Program Files\Synaptics\SynTP\StaticImg.html
File C:\Program Files\Synaptics\SynTP\StaticImg.png
File C:\Program Files\Synaptics\SynTP\StaticImgNB.html
File C:\Program Files\Synaptics\SynTP\StaticImgNB.png
File C:\Program Files\Synaptics\SynTP\SynSysDetect.js
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FFlickVNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSmartSense.wmv
File C:\Program Files\Synaptics\SynTP\SynSmartSenseNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDownNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRightNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentum.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.wmv
File C:\Program Files\Synaptics\SynTP\SynBlackScreen.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotate.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrained.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotion.wmv
File C:\Program Files\Synaptics\SynTP\SynTapping.wmv
File C:\Program Files\Synaptics\SynTP\SynButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.wmv
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDragging.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeed.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointing.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressure.wmv
File C:\Program Files\Synaptics\SynTP\SynNoButtons.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZones.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDrag.wmv
File C:\Program Files\Synaptics\SynTP\SynTapLockingDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn1FingerClickDragNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerClickDrag.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickLRNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlickLR.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FingerPressNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynButtonsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoastingScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynCoverGestureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionDraggingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionFixedSpeedNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionPressureNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapHoldToDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapLockingDragNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPointingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumVScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerMomentumHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVCoasting_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHCoasting_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerVCoastingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHCoastingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrolling.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumVHScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoasting.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynChiralScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearHScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotate_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynPivotRotateNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotate_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTwistRotateNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgePulls.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlick.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickUpDown.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerFlickLeftRight.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerPress.html
File C:\Program Files\Synaptics\SynTP\Syn4FingerTapping.html
File C:\Program Files\Synaptics\SynTP\SynEdgeMotion.html
File C:\Program Files\Synaptics\SynTP\SynMomentum.html
File C:\Program Files\Synaptics\SynTP\SynPinchZoom.html
File C:\Program Files\Synaptics\SynTP\SynRotating.html
File C:\Program Files\Synaptics\SynTP\SynTwistRotate.html
File C:\Program Files\Synaptics\SynTP\SynCoverGesture.html
File C:\Program Files\Synaptics\SynTP\SynAccessibility.html
File C:\Program Files\Synaptics\SynTP\SynSmartSense.html
File C:\Program Files\Synaptics\SynTP\SynButtons.html
File C:\Program Files\Synaptics\SynTP\SynClicking.html
File C:\Program Files\Synaptics\SynTP\SynMultiFingerGestures.html
File C:\Program Files\Synaptics\SynTP\SynPalmCheck.html
File C:\Program Files\Synaptics\SynTP\SynPointing.html
File C:\Program Files\Synaptics\SynTP\SynScrolling.html
File C:\Program Files\Synaptics\SynTP\SynSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynTapping.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykButton.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSelect.html
File C:\Program Files\Synaptics\SynTP\SynTouchStykSensitivity.html
File C:\Program Files\Synaptics\SynTP\SynScrollingVertical.html
File C:\Program Files\Synaptics\SynTP\SynScrollingHorizontal.html
File C:\Program Files\Synaptics\SynTP\SynScrollingChiral.html
File C:\Program Files\Synaptics\SynTP\SynLockingDrags.html
File C:\Program Files\Synaptics\SynTP\SynEdgePulls.html
File C:\Program Files\Synaptics\SynTP\Syn3FingerTapping.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrolling_win8.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerScrollingNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynTappingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerRightClickNB.wmv
File C:\Program Files\Synaptics\SynTP\SynVHCoastingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgePullsNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPalmCheckNB.wmv
File C:\Program Files\Synaptics\SynTP\SynLinearScrollingNB.wmv
File C:\Program Files\Synaptics\SynTP\SynPinchZoomNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSensitivityNB.wmv
File C:\Program Files\Synaptics\SynTP\SynMomentumNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB.wmv
File C:\Program Files\Synaptics\SynTP\SynTapZonesNB_win8.wmv
File C:\Program Files\Synaptics\SynTP\SynEdgeMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSlowMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynConstrainedMotionNB.wmv
File C:\Program Files\Synaptics\SynTP\SynWindowConstrainedNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FHSlide.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FHSlideNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapActionCenter.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapCortana.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FTapCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapActionCenter.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapCortana.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FTapCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FClickActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FClickCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FClickActionCenterNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn4FClickCortanaNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FVSlide.wmv
File C:\Program Files\Synaptics\SynTP\Syn3FVSlideNB.wmv
File C:\Program Files\Synaptics\SynTP\SynSmbDrv.ini
File C:\Program Files\Synaptics\SynTP\SynRMIHID.ini
File C:\Program Files\Synaptics\SynTP\SynLinearVScroll.mpg
File C:\Program Files\Synaptics\SynTP\SynWingGesture.wmv
File C:\Program Files\Synaptics\SynTP\SynWingGesture.html
File C:\Program Files\Synaptics\SynTP\Syn2FingerTappingNB.wmv
File C:\Program Files\Synaptics\SynTP\Syn2FingerTapping.html
File C:\Program Files\Synaptics\SynTP\Ckp2FingerScrolling.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerDown.mpg
File C:\Program Files\Synaptics\SynTP\Ckp3FingerFlick.mpg
File C:\Program Files\Synaptics\SynTP\CkpChiralMotion.mpg
File C:\Program Files\Synaptics\SynTP\CkpClickDrag.mpg
File C:\Program Files\Synaptics\SynTP\CkpLinearScroll.mpg
File C:\Program Files\Synaptics\SynTP\CkpLRClick.mpg
File C:\Program Files\Synaptics\SynTP\CkpMomentum.mpg
File C:\Program Files\Synaptics\SynTP\CkpPinch.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate.mpg
File C:\Program Files\Synaptics\SynTP\CkpPivotRotate2.mpg
File C:\Program Files\Synaptics\SynTP\CkpTouchpadDisable.mpg
File C:\WINDOWS\SysWOW64\SynCom.dll
File C:\WINDOWS\system32\DRIVERS\mouclass.sys
File C:\WINDOWS\system32\DRIVERS\i8042prt.sys
File C:\WINDOWS\system32\SynTPCo65.dll
File C:\WINDOWS\system32\WdfCoInstaller01011.dll
HP Officejet 6500 E710n-z
Device Kind Printer
Device Name HP Officejet 6500 E710n-z
Vendor HP
Driver
Date 9-12-2012
Version 9.84.0.1189
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpoj_6500_e710n-z.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\HPMACRONAMES.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpvpl09.ini
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpoj_6500_e710n-z_n.inx
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpvpldrv09.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpvplui09.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpfime51.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpvplres09.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\copyright.txt
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpinksts5412LM.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\hpinksts5412.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\unidrv.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\unidrvui.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\unires.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\unidrv.hlp
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\locale.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{DDD9BB4A-8383-4C86-ACC2-ED3628D2E83A}\stdnames.gpd
File C:\WINDOWS\system32\spool\drivers\color\Adobe RGB (1998) D65 WP 2.2 Gamma.icc
File C:\WINDOWS\system32\hpinkcoi5412.dll
File C:\WINDOWS\system32\hpinkins5412.exe
File C:\WINDOWS\system32\hpinksts5412LM.dll
Fax - HP Officejet 6500 E710n-z
Device Kind Printer
Device Name Fax - HP Officejet 6500 E710n-z
Vendor HP
Driver
Date 9-12-2012
Version 3.0.0.0
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\HPOJ6500_E710n-z_fax_print.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\HPOJ6500_E710n-z_FaxPCSend.ini
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\HPOJ6500_E710n-z_FaxPCSendRenderPlugin.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\HPOJ6500_E710n-z_FaxPCSendDialogUI.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\unidrv.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\unidrvui.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\unires.dll
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\unidrv.hlp
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\locale.gpd
File C:\WINDOWS\system32\spool\DRIVERS\x64\{AE1506EA-DF9D-477E-88EB-96B54594A113}\stdnames.gpd
HP Officejet 6500 E710n-z (NET)
Device Kind Camera/scanner
Device Name HP Officejet 6500 E710n-z (NET)
Vendor Hewlett-Packard
Driver
Date 9-12-2012
Version 28.0.1287.0
File C:\WINDOWS\system32\HPWia2_OJ6500_E710n-z.dll
File C:\WINDOWS\system32\HPScanTRDrv_OJ6500_E710n-z.dll
File C:\WINDOWS\system32\drivers\serscan.sys
Printers
Fax
Printer Port SHRFAX:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Monochrome
Status Unknown
Driver
Driver Name Microsoft Shared Fax Driver (v4.00)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\FXSDRV.DLL
Fax - HP Officejet 6500 E710n-z (Network)
Printer Port CN0CP124F805JW_FAX
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 200 * 200 dpi Color
Status Unknown
Driver
Driver Name Fax - HP Officejet 6500 E710n-z (v6.03)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
HP Officejet 6500 E710n-z (Network) (Default Printer)
Printer Port CN0CP124F805JW
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name HP Officejet 6500 E710n-z (v6.03)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\UNIDRV.DLL
Microsoft Print to PDF
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft Print To PDF (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_ab738c05d09b470b\Amd64\mxdwdrv.dll
Microsoft XPS Document Writer
Printer Port PORTPROMPT:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Microsoft XPS Document Writer v4 (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_ab738c05d09b470b\Amd64\mxdwdrv.dll
Quicken PDF Printer
Printer Port LPT1:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 dpi Color
Status Unknown
Driver
Driver Name Amyuni Document Converter 400 (v0.64)
Driver Path C:\WINDOWS\system32\spool\DRIVERS\x64\3\acpdf400.dll
Send To OneNote 2016
Printer Port nul:
Print Processor winprint
Availability Always
Priority 1
Duplex None
Print Quality 600 * 600 dpi Color
Status Unknown
Driver
Driver Name Send to Microsoft OneNote 16 Driver (v6.03)
Driver Path C:\WINDOWS\System32\DriverStore\FileRepository\ntprint.inf_amd64_ab738c05d09b470b\Amd64\mxdwdrv.dll
Network
You are connected to the internet
Connected through Realtek RTL8188EE 802.11b/g/n PCIe Adapter
IP Address 192.168.1.236
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
Preferred DNS server 192.168.1.254
DHCP Enabled
DHCP server 192.168.1.254
External IP Address 108.244.134.164
Adapter Type IEEE 802.11 wireless
NetBIOS over TCP/IP Enabled via DHCP
NETBIOS Node Type Hybrid node
Link Speed 0 Bps
Computer Name
NetBIOS Name LAPTOP-VCBMR6EO
DNS Name LAPTOP-VCBMR6EO
Membership Part of workgroup
Workgroup WORKGROUP
Remote Desktop
Disabled
Console
State Active
Domain LAPTOP-VCBMR6EO
WinInet Info
LAN Connection
Local system uses a local area network to connect to the Internet
Local system has RAS to connect to the Internet
Wi-Fi Info
Using native Wi-Fi API version 2
Available access points count 13
Wi-Fi (2WIRE262)
SSID 2WIRE262
Frequency 2457000 kHz
Channel Number 10
Name 2WIRE262
Signal Strength/Quality 11
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (ATT4eUK8vB)
SSID ATT4eUK8vB
Frequency 2457000 kHz
Channel Number 10
Name ATT4eUK8vB
Signal Strength/Quality 8
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (ATTZ8awkTA2g)
SSID ATTZ8awkTA2g
Frequency 2412000 kHz
Channel Number 1
Name ATTZ8awkTA2g
Signal Strength/Quality 85
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags Currently Connected to this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (BHNTG1682GA924)
SSID BHNTG1682GA924
Frequency 2462000 kHz
Channel Number 11
Name BHNTG1682GA924
Signal Strength/Quality 5
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (HEY_YOU_KIDS)
SSID HEY_YOU_KIDS
Frequency 2442000 kHz
Channel Number 7
Name HEY_YOU_KIDS
Signal Strength/Quality 13
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (HP-Print-98-Photosmart 7520)
SSID HP-Print-98-Photosmart 7520
Frequency 2412000 kHz
Channel Number 1
Name HP-Print-98-Photosmart 7520
Signal Strength/Quality 12
Security Disabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network No Cipher algorithm is enabled/supported
Default Auth used to join this network for the first time IEEE 802.11 Open System authentication algorithm
Wi-Fi (Kevin-2G)
SSID Kevin-2G
Frequency 2422000 kHz
Channel Number 3
Name Kevin-2G
Signal Strength/Quality 7
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (MySpectrumWiFi10-2G)
SSID MySpectrumWiFi10-2G
Frequency 2412000 kHz
Channel Number 1
Name MySpectrumWiFi10-2G
Signal Strength/Quality 6
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (NETGEAR93)
SSID NETGEAR93
Frequency 2427000 kHz
Channel Number 4
Name NETGEAR93
Signal Strength/Quality 7
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (PartyGuest)
SSID PartyGuest
Frequency 2442000 kHz
Channel Number 7
Name PartyGuest
Signal Strength/Quality 12
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (TP-LINK_E1E8)
SSID TP-LINK_E1E8
Frequency 2432000 kHz
Channel Number 5
Name TP-LINK_E1E8
Signal Strength/Quality 35
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (Turner)
SSID Turner
Frequency 2417000 kHz
Channel Number 2
Name Turner
Signal Strength/Quality 5
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
Wi-Fi (moran)
SSID moran
Frequency 2412000 kHz
Channel Number 1
Name moran
Signal Strength/Quality 12
Security Enabled
State The interface is connected to a network
Dot11 Type Infrastructure BSS network
Network Connectible
Network Flags There is a profile for this network
Cipher Algorithm to be used when joining this network AES-CCMP algorithm
Default Auth used to join this network for the first time 802.11i RSNA algorithm that uses PSK
WinHTTPInfo
WinHTTPSessionProxyType No proxy
Session Proxy
Session Proxy Bypass
Connect Retries 5
Connect Timeout (ms) 60,000
HTTP Version HTTP 1.1
Max Connects Per 1.0 Servers INFINITE
Max Connects Per Servers INFINITE
Max HTTP automatic redirects 10
Max HTTP status continue 10
Send Timeout (ms) 30,000
IEProxy Auto Detect Yes
IEProxy Auto Config
IEProxy
IEProxy Bypass
Default Proxy Config Access Type No proxy
Default Config Proxy
Default Config Proxy Bypass
Sharing and Discovery
Network Discovery Enabled
File and Printer Sharing Disabled
File and printer sharing service Enabled
Simple File Sharing Enabled
Administrative Shares Enabled
Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
Adapters List
Enabled
Realtek PCIe GBE Family Controller #2
Connection Name Ethernet 2
DHCP enabled Yes
MAC Address 18-60-24-19-90-33
Realtek RTL8188EE 802.11b/g/n PCIe Adapter
Connection-specific DNS Suffix attlocal.net
Connection Name Wi-Fi
NetBIOS over TCPIP Yes
DHCP enabled Yes
MAC Address 54-13-79-23-00-00
IP Address 192.168.1.236
Subnet mask 255.255.255.0
Gateway server 192.168.1.254
DHCP 192.168.1.254
DNS Server 192.168.1.254
Network Shares
No network shares
Current TCP Connections
AppleMobileDeviceService.exe (3216)
Local 127.0.0.1:27015 LISTEN
Local 127.0.0.1:27015 ESTABLISHED Remote 127.0.0.1:49748 (Querying... )
AvastSvc.exe (2692)
Local 192.168.1.236:49707 ESTABLISHED Remote 77.234.42.247:80 (Querying... ) (HTTP)
Local 127.0.0.1:12025 LISTEN
Local 127.0.0.1:12110 LISTEN
Local 127.0.0.1:12119 LISTEN
Local 127.0.0.1:12143 LISTEN
Local 127.0.0.1:12465 LISTEN
Local 127.0.0.1:12563 LISTEN
Local 127.0.0.1:12993 LISTEN
Local 127.0.0.1:12995 LISTEN
Local 127.0.0.1:27275 LISTEN
C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (2808)
Local 192.168.1.236:49891 ESTABLISHED Remote 192.0.73.2:443 (Querying... ) (HTTPS)
Local 192.168.1.236:49900 ESTABLISHED Remote 104.28.29.94:80 (Querying... ) (HTTP)
Local 192.168.1.236:49917 CLOSE-WAIT Remote 104.28.29.94:80 (Querying... ) (HTTP)
Local 192.168.1.236:49912 ESTABLISHED Remote 104.28.29.94:80 (Querying... ) (HTTP)
Local 192.168.1.236:49914 ESTABLISHED Remote 104.28.29.94:80 (Querying... ) (HTTP)
Local 192.168.1.236:49915 ESTABLISHED Remote 104.28.29.94:80 (Querying... ) (HTTP)
Local 192.168.1.236:49916 ESTABLISHED Remote 104.28.29.94:80 (Querying... ) (HTTP)
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (7928)
Local 192.168.1.236:49764 ESTABLISHED Remote 17.249.188.14:5223 (Querying... )
C:\Program Files\iTunes\iTunesHelper.exe (8924)
Local 127.0.0.1:49748 ESTABLISHED Remote 127.0.0.1:27015 (Querying... )
C:\Users\eviei\AppData\Local\Microsoft\OneDrive\OneDrive.exe (2380)
Local 192.168.1.236:49779 ESTABLISHED Remote 52.173.28.179:443 (Querying... ) (HTTPS)
C:\Windows\System32\svchost.exe (7024)
Local 192.168.1.236:49909 ESTABLISHED Remote 104.65.241.172:443 (Querying... ) (HTTPS)
Local 192.168.1.236:49910 ESTABLISHED Remote 104.88.102.128:443 (Querying... ) (HTTPS)
Local 192.168.1.236:49911 ESTABLISHED Remote 104.88.102.128:443 (Querying... ) (HTTPS)
HPJumpStartBridge.exe (10648)
Local 0.0.0.0:8733 LISTEN
lsass.exe (844)
Local 0.0.0.0:49669 LISTEN
OfficeClickToRun.exe (3328)
Local 192.168.1.236:49905 ESTABLISHED Remote 52.109.12.19:443 (Querying... ) (HTTPS)
services.exe (828)
Local 0.0.0.0:49668 LISTEN
spoolsv.exe (2972)
Local 0.0.0.0:49667 LISTEN
svchost.exe (1320)
Local 0.0.0.0:49666 LISTEN
svchost.exe (1420)
Local 0.0.0.0:49665 LISTEN
svchost.exe (3508)
Local 192.168.1.236:49683 ESTABLISHED Remote 52.173.28.179:443 (Querying... ) (HTTPS)
svchost.exe (5436)
Local 192.168.1.236:5040 LISTEN
svchost.exe (836)
Local 0.0.0.0:135 (DCE) LISTEN
System Process
Local 192.168.1.236:49908 TIME-WAIT Remote 184.51.144.105:80 (Querying... ) (HTTP)
System Process
Local 0.0.0.0:445 (Windows shares) LISTEN
Local 0.0.0.0:5357 LISTEN
Local 0.0.0.0:13148 LISTEN
Local 192.168.1.236:139 (NetBIOS session service) LISTEN
wininit.exe (700)
Local 0.0.0.0:49664 LISTEN
Generated with Speccy v1.32.740
 

 

 

 

 

Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/08/2018 1:34:55 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/08/2018 5:29:05 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user LAPTOP-VCBMR6EO\eviei SID (S-1-5-21-3252656029-1357310190-2560453275-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:27:17 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user LAPTOP-VCBMR6EO\eviei SID (S-1-5-21-3252656029-1357310190-2560453275-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:26:00 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:20:35 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:12:21 PM
Type: Error Category: 0
Event: 7011 Source: Service Control Manager
A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
 
Log: 'System' Date/Time: 22/08/2018 5:11:53 PM
Type: Error Category: 0
Event: 10001 Source: Microsoft-Windows-DistributedCOM
Unable to start a DCOM Server: Microsoft.AAD.BrokerPlugin_1000.16299.15.0_neutral_neutral_cw5n1h2txyewy!Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider as Unavailable/Unavailable. The error: "31" Happened while starting this command: "C:\WINDOWS\system32\BackgroundTaskHost.exe" -ServerName:BackgroundTaskHost.WebAccountProvider
 
Log: 'System' Date/Time: 22/08/2018 5:10:59 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:10:59 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:10:59 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:10:59 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 5:09:22 PM
Type: Error Category: 0
Event: 10005 Source: Microsoft-Windows-DistributedCOM
DCOM got error "1115" attempting to start the service tiledatamodelsvc with arguments "Unavailable" in order to run the server: {B31118B2-1F49-48E5-B6F5-BC21CAEC56FB}
 
Log: 'System' Date/Time: 22/08/2018 1:53:01 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user LAPTOP-VCBMR6EO\eviei SID (S-1-5-21-3252656029-1357310190-2560453275-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 1:52:20 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user LAPTOP-VCBMR6EO\eviei SID (S-1-5-21-3252656029-1357310190-2560453275-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 1:51:03 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 9:36:06 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 9:36:06 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 9:36:06 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 9:36:06 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}  and APPID  {4839DDB7-58C2-48F5-8283-E1D1807D0D7D}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/08/2018 9:34:46 AM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The Update Orchestrator Service service terminated with the following error:  This operation returned because the timeout period expired.
 
Log: 'System' Date/Time: 22/08/2018 9:20:31 AM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {D63B10C5-BB46-4990-A94F-E40B9D520160}  and APPID  {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/08/2018 5:13:46 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/08/2018 5:10:38 PM
Type: Warning Category: 0
Event: 15301 Source: Microsoft-Windows-HttpEvent
SSL Certificate Settings created by an admin process for endpoint : 0.0.0.0:13148 .
 
Log: 'System' Date/Time: 22/08/2018 5:10:37 PM
Type: Warning Category: 0
Event: 15300 Source: Microsoft-Windows-HttpEvent
SSL Certificate Settings deleted for endpoint : 0.0.0.0:13148 .
 
Log: 'System' Date/Time: 22/08/2018 5:10:15 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 22/08/2018 5:09:30 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\Rtlihvs.dll 
 
Log: 'System' Date/Time: 22/08/2018 1:53:04 PM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name stats.avastbrowser.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/08/2018 9:35:41 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 22/08/2018 9:35:06 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\Rtlihvs.dll 
 
Log: 'System' Date/Time: 22/08/2018 9:17:35 AM
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/08/2018 4:50:07 AM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device ACPI\INT3400\2&daba3ff&1.
 
Log: 'System' Date/Time: 22/08/2018 4:49:13 AM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\WINDOWS\system32\Rtlihvs.dll 
 
 
 
 
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 22/08/2018 1:35:23 PM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/08/2018 5:16:48 PM
Type: Error Category: 0
Event: 1008 Source: Microsoft-Windows-Perflib
The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageModificationEvent" whose target class "WSP_ReplicationGroupStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageDepartureEvent" whose target class "WSP_ReplicationGroupStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:31 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_ReplicationGroupStorageArrivalEvent" whose target class "WSP_ReplicationGroupStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_StorageHealthStatusChangeEvent" whose target class "WSP_StorageHealthStatusChangeEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_StorageFaultEvent" whose target class "WSP_StorageFaultEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_health attempted to register query "select * from WSP_HealthActionEvent" whose target class "WSP_HealthActionEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_StorageHealthStatusChangeEvent" whose target class "WSP_StorageHealthStatusChangeEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_StorageFaultEvent" whose target class "WSP_StorageFaultEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:30 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_HealthActionEvent" whose target class "WSP_HealthActionEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_fs attempted to register query "select * from WSP_FsStorageModificationEvent" whose target class "WSP_FsStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_fs attempted to register query "select * from WSP_FsStorageDepartureEvent" whose target class "WSP_FsStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider wsp_fs attempted to register query "select * from WSP_FsStorageArrivalEvent" whose target class "WSP_FsStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_FsStorageModificationEvent" whose target class "WSP_FsStorageModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_FsStorageDepartureEvent" whose target class "WSP_FsStorageDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:28 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider  attempted to register query "select * from WSP_FsStorageArrivalEvent" whose target class "WSP_FsStorageArrivalEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:18 PM
Type: Error Category: 0
Event: 24 Source: Microsoft-Windows-WMI
Event provider StorageWMI attempted to register query "select * from MSFT_StorageModificationEvent" whose target class "MSFT_StorageModificationEvent" in //./root/Microsoft/Windows/Storage namespace does not exist. The query will be ignored.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 22/08/2018 5:06:27 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:27 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:21 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:06:21 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:05:59 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_FolderRedirectionConfiguration, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:05:59 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_FolderRedirectionConfiguration, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:05:59 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:05:59 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:05:59 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, DSCCoreProviders, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\DesiredStateConfiguration to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:42 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:42 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, WsmAgent, has been registered in the Windows Management Instrumentation namespace root\Microsoft\Windows\winrm to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:35 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:35 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, HiPerfCooker_v1, has been registered in the Windows Management Instrumentation namespace Root\WMI to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:26 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:26 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, CommandLineEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:26 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:26 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, LogFileEventConsumer, has been registered in the Windows Management Instrumentation namespace root\default to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:24 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:24 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, Win32_UserStateConfigurationProvider, has been registered in the Windows Management Instrumentation namespace root\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 22/08/2018 5:04:23 PM
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, UserProfileConfigurationProvider, has been registered in the Windows Management Instrumentation namespace ROOT\CIMV2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 

Edited by psjbob, 22 August 2018 - 11:39 AM.

  • 0

#20
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

Looks like fixing WMI helped a lot.  Process Explorer looks acceptable.  Interrupts is a tad bit high so there may be a driver that needs updating but System Idle + ProcExp > 90% so things should be running OK now.

 

Speccy says the temps are good on the PC, hard drive is in good shape and has lots of free space, Wireless is not getting any interfering channels and is strong enough.

 

VEW shows the usual Win 10 errors. 

 

How is it running now?

 

What is the make and model of the PC?


  • 0

#21
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts
It's a 2017 Walmart Black Friday Special so we know its a cheapo.
HP Notebook   HP 15-bs020wm
 
Windows update is also refusing to install a Feature Update to Windows 10, version 1803
I followed a couple steps I found on a Microsoft forum to resolve this but they failed.

 

It appears to keep downloading 1803 then stopping and starting over again.

 

w1peuq.jpg


  • 0

#22
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

You might try installing the update manually:

 

https://www.groovypo...pdate-manually/

 

Windows Repair All In One might also help if you check:

 

Reset Registry Permissions
Reset File Permissions
Register System Files

 

Repair Windows Updates

 

Then let it repair as before.

 

Appears HP has a new system for their drivers and I need the serial number instead of the model number.


  • 0

#23
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I was able to upload the Feature Windows 10 1803 update manually and it appears to have taken just fine.

 

Windows kept flashing me a prompt stating Avast was turned off even though everything within Avast appeared to be ON so I uninstalled / reinstalled it and Windows reports it as being ON now.

 

I individually updated several drivers via Device Manager too. If you still want the serial, is that something I should post here or PM to your profile?


  • 0

#24
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

There's nothing special about the HP serial number but if you want to send it in a PM that's OK.  I still want to look to see what drivers they might want to replace. 

 

Which drivers did you update?

 

Can I see a new Process Explorer log?


  • 0

#25
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

sn: CND7274N0F

 

 

Some of the drivers updated were Display, speakers, and others I can't remember. I just gave it a try even though the 1803 update had already been installed.

 

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    86.14    52 K    8 K    0            
procexp(1)64.exe    14.47    50,776 K    76,928 K    3960    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
HPNetworkCommunicator.exe    3.15    2,952 K    9,960 K    13824    HPNetworkCommunicator    Hewlett-Packard Co.    (Verified) Hewlett Packard
System    1.70    192 K    2,236 K    4            
dwm.exe    1.60    42,420 K    57,672 K    1104    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    0.96    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dllhost.exe    1.19    1,836 K    7,160 K    9084    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
aswidsagenta.exe    0.07    22,188 K    40,432 K    6480    Avast Behavior Shield    AVAST Software    (Verified) AVAST Software s.r.o.
ScanToPCActivationApp.exe    0.89    3,496 K    13,152 K    8856    ScanToPCActivationApp    Hewlett-Packard Co.    (Verified) Hewlett Packard
AvastUI.exe    0.61    31,408 K    45,464 K    8464    Avast Antivirus    AVAST Software    (Verified) AVAST Software s.r.o.
csrss.exe    0.40    2,476 K    5,952 K    712    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    10,688 K    16,064 K    876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        6,728 K    14,456 K    3420    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe        25,780 K    29,456 K    4212    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
explorer.exe    0.15    45,508 K    112,000 K    6356    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
AvastSvc.exe    0.02    93,956 K    158,404 K    2604    Avast Service    AVAST Software    (Verified) AVAST Software s.r.o.
svchost.exe        15,412 K    16,888 K    1440    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
taskhostw.exe        7,540 K    15,576 K    5188    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        1,476 K    5,564 K    1720    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,472 K    25,752 K    3796    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
dasHost.exe    < 0.01    6,948 K    17,760 K    2192    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
CCleaner64.exe    0.04    9,956 K    22,592 K    9144    CCleaner    Piriform Ltd    (Verified) Piriform Ltd
iPodService.exe    0.03    2,496 K    7,764 K    9208    iPod Service    Apple Inc.    (Verified) Apple Inc.
lsass.exe        7,816 K    17,204 K    848    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    0.02    5,644 K    9,932 K    820    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,544 K    7,388 K    1576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe    0.01    3,548 K    11,088 K    4056    MobileDeviceService    Apple Inc.    (Verified) Apple Inc.
svchost.exe        5,632 K    9,348 K    1540    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe    0.01    2,188 K    7,132 K    6880    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
SynTPEnh.exe    < 0.01    6,136 K    18,140 K    5980    Synaptics TouchPad 64-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        5,020 K    16,904 K    6628    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
esif_assist_64.exe    < 0.01    1,448 K    4,668 K    5564    Intel® Dynamic Platform and Thermal Framework Utility Application    Intel Corporation    (Verified) Intel® Software
svchost.exe        5,992 K    25,864 K    3360    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
csrss.exe    < 0.01    1,988 K    5,000 K    616    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,236 K    23,876 K    2932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe    < 0.01    2,952 K    10,036 K    8340    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
iTunesHelper.exe    < 0.01    4,816 K    13,916 K    8332    iTunesHelper    Apple Inc.    (Verified) Apple Inc.
svchost.exe    < 0.01    48,508 K    54,360 K    1728    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WUDFHost.exe        25,160 K    13,868 K    992    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
WR_Tray_Icon.exe        2,436 K    1,744 K    9332    Tweaking.com - Windows Repair Tray Icon    Tweaking.com    (Verified) Tweaking LLC
WmiPrvSE.exe        3,036 K    9,248 K    8764    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
wlanext.exe        2,012 K    6,556 K    2732    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows
WinStore.App.exe    Suspended    48,156 K    68,888 K    12048    Store    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
winlogon.exe        2,740 K    9,672 K    792    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,496 K    6,056 K    700    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Video.UI.exe    Suspended    25,404 K    13,620 K    10484            (No signature was present in the subject)
unsecapp.exe        1,520 K    6,548 K    6180    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
TabTip.exe    0.04    4,036 K    14,344 K    6608    Touch Keyboard and Handwriting Panel    Microsoft Corporation    (Verified) Microsoft Windows
SystemSettingsBroker.exe        4,784 K    19,396 K    12028    System Settings Broker    Microsoft Corporation    (Verified) Microsoft Windows
SystemSettings.exe    Suspended    21,448 K    45,980 K    7412    Settings    Microsoft Corporation    (Verified) Microsoft Windows
SynTPHelper.exe        1,084 K    4,164 K    7160    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPEnhService.exe        2,300 K    7,936 K    3128    64-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        14,056 K    30,228 K    976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,796 K    7,660 K    1064    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.03    12,964 K    21,356 K    1236    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,304 K    7,596 K    1736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,840 K    34,516 K    9268    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,560 K    11,468 K    2592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,708 K    15,188 K    8480    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,780 K    15,720 K    2560    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,844 K    16,252 K    6120    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,308 K    11,260 K    2024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,604 K    9,444 K    1692    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,020 K    11,884 K    1632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,192 K    6,420 K    2252    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        14,360 K    21,164 K    3820    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,072 K    3,788 K    960    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,348 K    15,220 K    1508    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,244 K    8,520 K    3780    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,924 K    34,544 K    5684    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,052 K    6,808 K    10332    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,464 K    12,416 K    2064    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,752 K    5,700 K    12676    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,324 K    13,616 K    14024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,488 K    9,316 K    2940    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,232 K    9,640 K    1092    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,076 K    7,764 K    13784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,748 K    10,796 K    216    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,720 K    10,228 K    1392    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,964 K    5,924 K    4740    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,880 K    10,264 K    3812    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,420 K    5,176 K    3504    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,412 K    5,404 K    3868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,920 K    7,504 K    1384    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,492 K    21,684 K    3852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,624 K    10,100 K    7092    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,600 K    10,140 K    3836    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,640 K    6,820 K    3656    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,512 K    7,268 K    2468    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,732 K    6,260 K    3032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,892 K    8,488 K    4172    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,472 K    9,080 K    1828    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,824 K    12,152 K    4540    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,204 K    7,820 K    3524    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,152 K    6,616 K    4012    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,708 K    6,188 K    3804    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,004 K    7,168 K    3844    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    7,544 K    1952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,432 K    8,616 K    11336    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,868 K    12,224 K    2260    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,512 K    9,520 K    1248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,540 K    10,196 K    4124    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,920 K    6,908 K    4712    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,008 K    8,192 K    6564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,940 K    7,248 K    1960    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,328 K    12,840 K    3880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,472 K    5,828 K    6208    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,332 K    8,316 K    2244    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,696 K    14,876 K    1304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,508 K    10,368 K    5852    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,096 K    8,168 K    1880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,104 K    24,264 K    10436    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,072 K    11,836 K    3828    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    2,448 K    8,472 K    3608    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,624 K    7,536 K    3100    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,604 K    13,384 K    2320    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,068 K    19,116 K    1996    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,908 K    9,096 K    1564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smss.exe        604 K    1,060 K    420    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smartscreen.exe        11,756 K    20,968 K    13388    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
SkypeHost.exe    Suspended    43,336 K    61,336 K    7632    Microsoft Skype    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
sihost.exe        7,108 K    24,984 K    5600    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe        54,288 K    100,336 K    7840    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        2,376 K    4,424 K    11176    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SettingSyncHost.exe        11,272 K    15,064 K    7788    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        3,952 K    13,320 K    3860    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
secd.exe        7,336 K    21,644 K    9364    Apple Security Manager    Apple, Inc.    (Verified) Apple Inc.
SearchUI.exe    Suspended    58,892 K    73,096 K    8036    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,032 K    22,224 K    6548    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        9,332 K    30,336 K    8104    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,484 K    12,456 K    6912    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,884 K    10,316 K    14120    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,552 K    19,236 K    9772    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,820 K    15,580 K    9900    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,068 K    7,068 K    9888    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        3,172 K    10,536 K    8408    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,348 K    18,000 K    8624    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RtkNGUI64.exe        4,960 K    12,472 K    8228    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe        1,972 K    7,712 K    2108    Realtek Audio Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
Registry        2,512 K    17,444 K    96            
procexp(1).exe        3,304 K    10,496 K    11728    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PresentationFontCache.exe        20,568 K    18,512 K    5656    PresentationFontCache.exe    Microsoft Corporation    (Verified) Microsoft Corporation
OneDrive.exe        15,380 K    46,632 K    8524    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
OfficeHubTaskHost.exe    Suspended    7,324 K    26,472 K    7548    Office Hub Task Host    Microsoft Corporation    (Verified) Microsoft Corporation
OfficeClickToRun.exe    0.02    32,500 K    45,896 K    3280    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
MSASCuiL.exe        2,316 K    8,780 K    6948    Windows Defender notification icon    Microsoft Corporation    (Verified) Microsoft Windows
MicrosoftEdgeCP.exe    Suspended    5,224 K    22,516 K    6904    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdgeCP.exe    Suspended    5,996 K    25,016 K    6932    Microsoft Edge Content Process    Microsoft Corporation    (Verified) Microsoft Corporation
MicrosoftEdge.exe    Suspended    26,000 K    48,192 K    11292    Microsoft Edge    Microsoft Corporation    (Verified) Microsoft Corporation
Microsoft.Photos.exe    Suspended    27,392 K    49,460 K    11404            (No signature was present in the subject)
Memory Compression        240 K    76,952 K    1844            
Lightshot.exe        19,460 K    28,444 K    8768    Lightshot    Skillbrains    (No signature was present in the subject) Skillbrains
jhi_service.exe        1,572 K    5,884 K    10964    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel Corporation - Embedded Subsystems and IP Blocks Group
IntuitUpdateService.exe        13,284 K    12,316 K    10736    Intuit Update Service    Intuit Inc.    (Verified) Intuit
igfxHK.exe        2,432 K    8,312 K    6728    igfxHK Module    Intel Corporation    (Verified) Intel® pGFX
igfxEM.exe        3,660 K    11,832 K    6704    igfxEM Module    Intel Corporation    (Verified) Intel® pGFX
igfxCUIService.exe        2,100 K    8,324 K    1924    igfxCUIService Module    Intel Corporation    (Verified) Intel® pGFX
iCloudPhotos.exe        15,988 K    31,636 K    8708    iCloud Photo Library    Apple Inc.    (Verified) Apple Inc.
iCloudDrive.exe        13,940 K    29,128 K    8616    iCloud Drive    Apple Inc.    (Verified) Apple Inc.
hpwuschd2.exe        1,568 K    5,892 K    8216    hpwuSchd Application    Hewlett-Packard    (Verified) Hewlett-Packard Company
HPWMISVC.exe        1,852 K    7,840 K    4048    HP WMI Service    HP Inc.    (Verified) HP Inc.
HPSupportSolutionsFrameworkService.exe        24,108 K    33,320 K    1136    HP Support Solutions Framework Service    HP Inc.    (Verified) HP Inc.
HPOrbitService.exe        3,856 K    14,324 K    4472    HP Orbit    HP Inc.    (Verified) HP Inc.
HPMSGSVC.exe        2,204 K    8,852 K    8724    HP Message Service    HP Inc.    (Verified) HP Inc.
HPJumpStartLaunch.exe        3,904 K    716 K    5448            (Verified) HP Inc.
HPJumpStartBridge.exe        12,216 K    26,040 K    9236    HP JumpStart Bridge    HP Inc.    (Verified) HP Inc.
HPCommRecovery.exe        8,844 K    17,928 K    8980    CommRecovery    HP Inc.    (No signature was present in the subject) HP Inc.
HPAudioSwitch.exe        30,448 K    44,076 K    3316    HPAudioSwitch    HP Inc.    (Verified) HP Inc.
fontdrvhost.exe        2,740 K    4,844 K    1016    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        1,984 K    3,476 K    1020    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
esif_uf.exe        1,928 K    6,588 K    4000    Intel® Dynamic Platform and Thermal Framework    Intel Corporation    (Verified) Intel® Software
DropboxUpdate.exe        2,144 K    640 K    6024    Dropbox Update    Dropbox, Inc.    (Verified) Dropbox
dllhost.exe        3,460 K    9,492 K    11484    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        2,288 K    7,848 K    7976    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe    0.12    4,520 K    13,612 K    3252    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,352 K    5,096 K    2772    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
browser_broker.exe        2,088 K    9,260 K    11860    Browser_Broker    Microsoft Corporation    (Verified) Microsoft Windows
AvastBrowserCrashHandler64.exe        1,992 K    484 K    7876    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
AvastBrowserCrashHandler.exe        2,060 K    524 K    7172    Avast Browser Update    AVAST Software    (Verified) AVAST Software s.r.o.
audiodg.exe        10,836 K    17,760 K    13676    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
armsvc.exe        1,444 K    6,220 K    3932    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems
APSDaemon.exe        5,200 K    15,672 K    9088    Apple Push    Apple Inc.    (Verified) Apple Inc.
ApplicationFrameHost.exe        16,784 K    34,272 K    11744    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

 


  • 0

Advertisements


#26
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

Process Explorer looks really good ( tho I think there is a bug in the program.  System Idle + ProcExp when added together are more than 100%).

"Interrupts" which is a critical value is now down to less than 1.00 so the new drivers really helped.

 

How is it running now?

 

I went to

https://support.hp.c...291?sku=2DV78UA

 

and looked at the BIOS.  They have a much newer version.  Also under

Driver-Chipset are several that might be useful:

 

Intel Chipset Installation Utility and Driver - Kaby Lake / Skylake / Braswell / Apollo Lake (Windows 10 v1803) Jun 18, 2018

 

Intel Dynamic Platform and Thermal Framework Client Driver - Kaby Lake / Apollo Lake (Windows 10 v1803)
    8.3.10207.5567 Rev.A    7.2 MB    Jun 18, 2018

Under Drivers - Storage:

 

Intel Rapid Storage Technology Driver - Kaby Lake (Windows 10 v1803)
    16.0.9.1101 Rev.A    17.6 MB    Jun 18, 2018

 

or

 

Intel Rapid Storage Technology Driver - Skylake (Windows 10 v1803)
    15.9.1.1018 Rev.A    17.8 MB    Jun 18, 2018

 

Don't know why they don't show just one since they should know if you have Skylake or Kaby Lake architecture.  Expect the one which does not apply will not install if you try it.

 

Since things are looking pretty good you might not want to do anything. 

 

Does Latency Monitor still look good?


  • 0

#27
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

I've updated the BIOS and tried to update the chipset through both the HP support part of their website where the BIOS update was located and the HP Support Assistant on the laptop itself but it appears to be failing per the prompts I am getting.

 

I'm not having any luck determining which storage driver to use either, The HP Support assistant update isn't trying to update the Storage driver either.

 

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for  0:00:29  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LAPTOP-VCBMR6EO
OS version:                                           Windows 10 , 10.0, build: 17134 (x64)
Hardware:                                             HP Laptop 15-bs0xx, HP, 832C
CPU:                                                  GenuineIntel Intel® Pentium® CPU N3710 @ 1.60GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  4001 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   160 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   383.371777
Average measured interrupt to process latency (µs):   15.138895

Highest measured interrupt to DPC latency (µs):       315.529693
Average measured interrupt to DPC latency (µs):       3.646011


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              52.73750
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Highest reported total ISR routine time (%):          0.002462
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Total time spent in ISRs (%)                          0.002462

ISR count (execution time <250 µs):                   463
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              437.68750
Driver with highest DPC routine execution time:       CLASSPNP.SYS - SCSI Class System Dll, Microsoft Corporation

Highest reported total DPC routine time (%):          0.030346
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Total time spent in DPCs (%)                          0.138594

DPC count (execution time <250 µs):                   11301
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                10
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 compattelrunner.exe

Total number of hard pagefaults                       200
Hard pagefault count of hardest hit process:          139
Number of processes hit:                              7


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.584930
CPU 0 ISR highest execution time (µs):                52.73750
CPU 0 ISR total execution time (s):                   0.002122
CPU 0 ISR count:                                      296
CPU 0 DPC highest execution time (µs):                387.2250
CPU 0 DPC total execution time (s):                   0.112579
CPU 0 DPC count:                                      9391
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.380952
CPU 1 ISR highest execution time (µs):                9.86250
CPU 1 ISR total execution time (s):                   0.000179
CPU 1 ISR count:                                      40
CPU 1 DPC highest execution time (µs):                437.68750
CPU 1 DPC total execution time (s):                   0.022718
CPU 1 DPC count:                                      969
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.257519
CPU 2 ISR highest execution time (µs):                10.51250
CPU 2 ISR total execution time (s):                   0.000381
CPU 2 ISR count:                                      78
CPU 2 DPC highest execution time (µs):                223.16250
CPU 2 DPC total execution time (s):                   0.014032
CPU 2 DPC count:                                      493
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.234370
CPU 3 ISR highest execution time (µs):                8.9750
CPU 3 ISR total execution time (s):                   0.000204
CPU 3 ISR count:                                      49
CPU 3 DPC highest execution time (µs):                424.51250
CPU 3 DPC total execution time (s):                   0.013168
CPU 3 DPC count:                                      458
_________________________________________________________________________________________________________
 


  • 0

#28
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

It's possible that the drivers other than the BIOS have already been updated via Windows Update.  (Looking at the Speccy log it appears that you have Braswell 14nm Technology so probably neither of the 2 storage drivers would be appropriate.  I don't see it installed in your install list so it's probably just using the Win 10 driver anyway.)  As it appears to be running OK now per Process Explorer and Latency Monitor I wouldn't worry about it.  You do have some hard pagefaults but with only 4 GB of RAM there's probably nothing we can do about that. 

 

On second thought you might get some improvement by turning off some of the Windows telemetry.  Go to:

 

https://github.com/1...cking/releases/

 

Download: dwt-x.x-cp27-win_x86.zip

 

Follow the Instructions.  Once the program is running click on

 

Services  (make sure the Disable button is selected under Service Method)

Telemetry

then hit Go!

 

Just to be sure you can also search for

 

task scheduler

 

hit Enter

 

Click on Task Scheduler Library

Click on Microsoft

Click on Windows

Click on Customer Experience Improvement Program

In the pane to the right, right click on each of the three tasks and Disable.

 

Reboot

 

Run Latency Monitor again.


  • 0

#29
psjbob

psjbob

    Member

  • Topic Starter
  • Member
  • PipPip
  • 19 posts

Only 2 telemetry items to disable.

2ymhcoi.png

 

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be suitable for handling real-time audio and other tasks without dropouts.
LatencyMon has been analyzing your system for  0:00:23  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LAPTOP-VCBMR6EO
OS version:                                           Windows 10 , 10.0, build: 17134 (x64)
Hardware:                                             HP Laptop 15-bs0xx, HP, 832C
CPU:                                                  GenuineIntel Intel® Pentium® CPU N3710 @ 1.60GHz
Logical processors:                                   4
Processor groups:                                     1
RAM:                                                  4001 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   160 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   377.613775
Average measured interrupt to process latency (µs):   27.448075

Highest measured interrupt to DPC latency (µs):       327.051931
Average measured interrupt to DPC latency (µs):       6.511392


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              27.10
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Highest reported total ISR routine time (%):          0.000584
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation

Total time spent in ISRs (%)                          0.000584

ISR count (execution time <250 µs):                   70
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              438.41250
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%):          0.041921
Driver with highest DPC total execution time:         ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Total time spent in DPCs (%)                          0.132967

DPC count (execution time <250 µs):                   7201
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                81
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 latmon.exe

Total number of hard pagefaults                       1
Hard pagefault count of hardest hit process:          1
Number of processes hit:                              1


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.596029
CPU 0 ISR highest execution time (µs):                27.10
CPU 0 ISR total execution time (s):                   0.000402
CPU 0 ISR count:                                      44
CPU 0 DPC highest execution time (µs):                438.41250
CPU 0 DPC total execution time (s):                   0.113238
CPU 0 DPC count:                                      6923
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.265408
CPU 1 ISR highest execution time (µs):                6.78750
CPU 1 ISR total execution time (s):                   0.000013
CPU 1 ISR count:                                      3
CPU 1 DPC highest execution time (µs):                67.46250
CPU 1 DPC total execution time (s):                   0.000469
CPU 1 DPC count:                                      25
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.248727
CPU 2 ISR highest execution time (µs):                9.1750
CPU 2 ISR total execution time (s):                   0.000082
CPU 2 ISR count:                                      13
CPU 2 DPC highest execution time (µs):                266.6750
CPU 2 DPC total execution time (s):                   0.008922
CPU 2 DPC count:                                      292
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.270817
CPU 3 ISR highest execution time (µs):                8.40
CPU 3 ISR total execution time (s):                   0.000046
CPU 3 ISR count:                                      10
CPU 3 DPC highest execution time (µs):                101.36250
CPU 3 DPC total execution time (s):                   0.000945
CPU 3 DPC count:                                      42
_________________________________________________________________________________________________________
 


  • 0

#30
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,017 posts
  • MVP

Looks good.  The only page faults now are from Latency Monitor.  Does it seem to be running fairly quickly now or does it still have problems?


  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP