my computer has been running incredibly slow. I have a fairly new modem (less than a year) but it shows I am only running between 2 & 3 bars. There are two other computers and three tablets as well as 3 phones that are running at full connection. I have re-booted multiple times and reset the modem several times but nothing has fixed it leaving me to wonder if I have a virus or malware on my computer. Attached below are logs from FRST
Thank you ! ! !
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by Jeana (administrator) on JEANA (12-11-2018 09:23:53)
Running from C:\Users\Jeana\Downloads
Loaded Profiles: Jeana (Available Profiles: Jeana)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Provo Craft & Novelty, Inc.) C:\Users\Jeana\AppData\Roaming\CricutDesignSpace\BRIDGE\CricutLauncher.exe
(Provo Craft & Novelty, Inc.) C:\Users\Jeana\AppData\Roaming\CricutDesignSpace\BRIDGE\CricutBridge.exe
(Google Inc.) C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Provo Craft & Novelty, Inc.) C:\Users\Jeana\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutLauncher4.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Provo Craft & Novelty, Inc.) C:\Users\Jeana\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutBridge4.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(The Qt Company Ltd) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
() C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Update Manager\bin\ui\updateui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Jeana\Downloads\FRST64 (1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7636696 2015-01-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-12-14] (Synaptics Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320360 2014-06-25] (Intel Corporation)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2015-01-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [653576 2015-06-29] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3785536 2018-11-06] (Dropbox, Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [CAHeadless] => C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe [1400224 2013-09-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [Power2GoExpress8] => C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe [1728952 2015-06-22] (CyberLink Corp.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [Cricut Design Space] => C:\Users\Jeana\AppData\Roaming\CricutDesignSpace\BRIDGE\CricutLauncher.exe [421704 2015-12-16] (Provo Craft & Novelty, Inc.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [Google Update] => C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-16] (Google Inc.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [MusicManager] => C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [5968896 2018-01-29] (Google Inc.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [Cricut Design Space3] => C:\Users\Jeana\AppData\Roaming\CricutDesignSpace3\BRIDGE\CricutLauncher4.exe [445080 2017-08-31] (Provo Craft & Novelty, Inc.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\MountPoints2: {8ba57040-757e-11e4-8269-b010418f7402} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-28] (Microsoft Corporation)
Startup: C:\Users\Jeana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrightBrowser.lnk [2016-06-04]
ShortcutTarget: BrightBrowser.lnk -> C:\Program Files (x86)\BrightBrowse\BrightBrowser.exe (No File)
Startup: C:\Users\Jeana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2018-06-02]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{F23D8409-B8BA-4B92-81B3-79160ECB7A08}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT14/1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001 -> DefaultScope {199EEE01-9C1A-4244-931F-143EF064DE01} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US747D20141122&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001 -> {199EEE01-9C1A-4244-931F-143EF064DE01} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US747D20141122&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-02-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2017-09-22] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-25] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2018-03-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2018-03-13] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll => No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: (HP SimplePass) - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-08-23] [Legacy] [not signed]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-08-12] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-10-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-19] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3379037760-1199495795-1500520215-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3379037760-1199495795-1500520215-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3332130&octid=EB_ORIGINAL_CTID&ISID=I74F21992-9A62-4758-8C08-FCBD959D3227&SearchSource=55&CUI=&UM=8&UP=SP966F0024-1A3A-4A28-8503-9B227986B554&SSPV=&SSPV=
CHR StartupUrls: Default -> "hxxps://www.google.com/webhp?rls=ig"
CHR Profile: C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default [2018-11-12]
CHR Extension: (Slides) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Sheets) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Google Docs Offline) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (AdBlock) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-10-26]
CHR Extension: (Avast Online Security) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-09-30]
CHR Extension: (Pinterest Save Button) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-10-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Evernote Web Clipper) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-11-07]
CHR Extension: (Gmail) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jeana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-03]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [looohgelibjoplmkhecmalapkgadkfcc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-30] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-12-30] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-11-06] (Dropbox, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [602888 2015-06-29] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-06-25] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2015-01-04] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
R3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-04-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [291032 2015-01-11] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-12-14] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [100624 2015-06-08] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2017-01-23] (McAfee, Inc.)
R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2432656 2014-08-12] (MediaTek Inc.)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-03] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1205872 2015-01-04] (Ralink Technology, Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2013-12-12] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2014-12-14] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-12 09:23 - 2018-11-12 09:24 - 000023811 _____ C:\Users\Jeana\Downloads\FRST.txt
2018-11-12 09:19 - 2018-11-12 09:20 - 002415616 _____ (Farbar) C:\Users\Jeana\Downloads\FRST64 (1).exe
2018-11-10 12:52 - 2018-11-10 12:52 - 000000017 _____ C:\Users\Jeana\AppData\Local\resmon.resmoncfg
2018-11-08 18:14 - 2018-11-08 18:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-11-07 18:26 - 2018-11-07 18:26 - 000030832 _____ C:\Users\Jeana\Downloads\apprentice-removal-template3.pdf
2018-11-06 05:06 - 2018-11-06 05:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-11-06 05:06 - 2018-11-06 05:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-11-06 05:06 - 2018-11-06 05:06 - 000047768 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-11-06 05:06 - 2018-11-06 05:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-11-04 15:07 - 2018-11-04 15:07 - 000001535 _____ C:\Users\Jeana\Downloads\Textbook_Answers to Exercises & Review Questions.pdf - Shortcut.lnk
2018-11-04 14:15 - 2018-11-04 14:15 - 001270189 _____ C:\Users\Jeana\Desktop\Textbook_Answers to Exercises & Review Questions.pdf
2018-10-28 13:20 - 2018-11-10 12:41 - 000000000 ____D C:\Users\Jeana\Documents\CFPC
2018-10-27 13:17 - 2018-10-27 13:17 - 000000000 ____D C:\Users\Jeana\Documents\New folder
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-12 09:23 - 2015-07-12 13:09 - 000000000 ____D C:\FRST
2018-11-12 09:22 - 2014-11-09 20:57 - 003574784 ___SH C:\Users\Jeana\Downloads\Thumbs.db
2018-11-12 09:21 - 2017-08-24 16:59 - 000000550 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3379037760-1199495795-1500520215-1001.job
2018-11-12 09:04 - 2015-01-15 14:23 - 000000000 ____D C:\Users\Jeana\AppData\Local\Adobe
2018-11-12 09:04 - 2014-10-24 14:54 - 000003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0689C0C5-59A9-4738-B8B6-F6CEDB29B294}
2018-11-12 09:01 - 2013-08-22 07:36 - 000000000 ____D C:\Windows\system32\NDF
2018-11-11 17:53 - 2017-08-24 16:59 - 000000646 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3379037760-1199495795-1500520215-1001.job
2018-11-11 17:38 - 2017-12-30 19:18 - 000000918 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-11-11 16:38 - 2017-12-30 19:18 - 000000914 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-11-10 16:05 - 2014-03-18 01:53 - 000006702 _____ C:\Windows\system32\PerfStringBackup.INI
2018-11-10 16:04 - 2014-10-24 14:51 - 000000000 ____D C:\Users\Jeana\Documents\Youcam
2018-11-10 16:02 - 2013-08-22 05:36 - 000000000 ____D C:\Windows\Inf
2018-11-10 16:00 - 2017-11-23 13:41 - 000000000 ___RD C:\Users\Jeana\OneDrive
2018-11-10 15:59 - 2013-08-22 06:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-11-10 15:58 - 2013-08-22 05:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-11-10 14:20 - 2017-08-08 17:31 - 000000000 ____D C:\Users\Jeana\Documents\CEU
2018-11-10 08:25 - 2014-10-24 14:54 - 000003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3379037760-1199495795-1500520215-1001
2018-11-09 16:27 - 2016-02-13 16:25 - 003576832 _____ C:\Users\Jeana\Desktop\Check_RegisterSort_Jeana.xls
2018-11-08 18:14 - 2017-12-30 19:18 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-11-07 18:08 - 2014-10-24 14:49 - 000000000 ____D C:\Users\Jeana\AppData\Local\Packages
2018-11-04 13:21 - 2017-08-24 16:58 - 000000000 ____D C:\Users\Jeana\AppData\Local\GoToMeeting
2018-11-02 16:50 - 2017-08-24 16:59 - 000003640 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3379037760-1199495795-1500520215-1001
2018-11-02 16:50 - 2017-08-24 16:59 - 000003544 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3379037760-1199495795-1500520215-1001
2018-11-01 16:02 - 2015-06-29 06:36 - 000002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-01 16:02 - 2015-06-29 06:36 - 000002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-26 16:08 - 2017-02-17 18:18 - 000000000 ____D C:\Users\Jeana\Documents\Coding school
2018-10-25 16:57 - 2015-08-26 13:58 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Files in the root of some directories =======
2018-11-10 12:52 - 2018-11-10 12:52 - 000000017 _____ () C:\Users\Jeana\AppData\Local\resmon.resmoncfg
2015-02-21 13:23 - 2015-02-21 13:23 - 000000000 _____ () C:\Users\Jeana\AppData\Local\{7ED733B9-5049-4C6B-96C7-643DE7E0BE98}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-11-08 18:27
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by Jeana (12-11-2018 09:25:14)
Running from C:\Users\Jeana\Downloads
Windows 8.1 (Update) (X64) (2014-10-24 22:48:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3379037760-1199495795-1500520215-500 - Administrator - Disabled)
Guest (S-1-5-21-3379037760-1199495795-1500520215-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3379037760-1199495795-1500520215-1003 - Limited - Enabled)
Jeana (S-1-5-21-3379037760-1199495795-1500520215-1001 - Administrator - Enabled) => C:\Users\Jeana
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4 Elements II (HKLM-x32\...\WTA-6a199fa1-38f1-44b3-a101-934f39e3f93c) (Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20080 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Airport Mania (HKLM-x32\...\WTA-f11a0709-a1c3-40ee-8032-f61d3268c3dc) (Version: 2.2.0.95 - WildTangent) Hidden
Azkend 2: The World Beneath (HKLM-x32\...\WTA-efd1fcbc-5ab8-460f-84d6-236841cef9a9) (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (HKLM-x32\...\WTA-2f234d5b-d479-48fa-98de-277ce43b117e) (Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (HKLM-x32\...\WTA-a640bb4c-a935-44f0-bcf5-f632e3880877) (Version: 2.2.0.97 - WildTangent) Hidden
Build-a-lot (HKLM-x32\...\WTA-d1f09a10-b598-4241-85af-a55e773df399) (Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cradle Of Egypt Collector's Edition (HKLM-x32\...\WTA-49d4c6b7-8cde-4cb6-a371-3b42db330957) (Version: 2.2.0.110 - WildTangent) Hidden
Cradle of Rome 2 (HKLM-x32\...\WTA-9d2834b3-8e45-414a-a4b4-3f22755e8953) (Version: 2.2.0.98 - WildTangent) Hidden
Cricut Design Space Client (HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\Cricut Design Space Client) (Version: 5.3.1.2 - Provo Craft)
Curse at Twilight (HKLM-x32\...\WTA-6c2273fa-fc27-493a-a971-65d758f05d49) (Version: 3.0.2.32 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.10.5422 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Delicious: Emily's Childhood Memories Premium Edition (HKLM-x32\...\WTA-37e68c7b-be4d-4447-b2bf-c9b96990e3a3) (Version: 3.0.2.32 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 6.11.2 (HKLM-x32\...\{FC67AAF6-3477-11E8-B094-005056951CAD}) (Version: 6.11.2.7027 - Evernote Corp.)
Farm Frenzy (HKLM-x32\...\WTA-c0345513-4d55-4beb-8f79-b514f21925d1) (Version: 2.2.0.98 - WildTangent) Hidden
Fishdom 3: Collector's Edition (HKLM-x32\...\WTA-1e94da68-c4ab-419c-98ae-0155eb46eaee) (Version: 3.0.2.38 - WildTangent) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 8.37.0.10996 (HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\GoToMeeting) (Version: 8.37.0.10996 - LogMeIn, Inc.)
Governor of Poker 2 Premium Edition (HKLM-x32\...\WTA-7b403209-d16e-4175-b662-b52d90f47008) (Version: 2.2.0.110 - WildTangent) Hidden
H&R Block Deluxe + Efile + State 2014 (HKLM-x32\...\{BDA77C08-60A6-4AAB-B5A9-849ECF399A49}) (Version: 14.05.5801 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2015 (HKLM-x32\...\{E7BFC29A-9459-4534-9E35-BF1D66A18BAA}) (Version: 15.05.8101 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2016 (HKLM-x32\...\{E7065AD9-D2DB-423B-B853-8310038D7D42}) (Version: 16.05.6301 - HRB Technology, LLC.)
H&R Block Deluxe + Efile + State 2017 (HKLM-x32\...\{191D85BA-E6EA-4F97-8D2A-76A220043D87}) (Version: 17.05.8401 - HRB Technology, LLC.)
H&R Block Oregon 2014 (HKLM-x32\...\{F21CF983-6C86-4086-B34E-3ACF4972126D}) (Version: 1.14.4301 - HRB Technology, LLC.)
H&R Block Oregon 2015 (HKLM-x32\...\{81C3084E-7AC7-4611-91F8-5664A38257EE}) (Version: 1.15.7601 - HRB Technology, LLC.)
H&R Block Oregon 2016 (HKLM-x32\...\{6AFB1565-0296-4567-B83B-D4E11474EC6B}) (Version: 1.16.5301 - HRB Technology, LLC.)
H&R Block Oregon 2017 (HKLM-x32\...\{C81BBB0C-DBA5-43F3-BD14-51A0792C3CCA}) (Version: 1.17.4501 - H&R Block, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
House of 1000 Doors: Family Secrets (HKLM-x32\...\WTA-1e95c3d9-df03-4c02-8c0f-8b6fb144c86f) (Version: 2.2.0.98 - WildTangent) Hidden
HP Documentation (HKLM-x32\...\{F29E3AA8-CF19-4452-92B7-F1FE31CD11C5}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
Inst5675 (HKLM\...\{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}) (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (HKLM\...\{878F6913-7421-4713-97F7-0A736EE2A188}) (Version: 8.01.46 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.0.1016 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{84A2B59B-6A7B-4C01-8592-15C9BFE6AC36}) (Version: 2.4.3 - Intel Corporation)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-2fe7d742-fdd7-4c3a-b607-ec6293578a76) (Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (HKLM-x32\...\WTA-6ae21466-8c8e-4449-9639-b3ac0827411e) (Version: 2.2.0.95 - WildTangent) Hidden
King Oddball (HKLM-x32\...\WTA-c7a4f2ec-c319-4945-9d26-4232b362e01b) (Version: 3.0.2.48 - WildTangent) Hidden
Luxor Evolved (HKLM-x32\...\WTA-ad0f0cf6-b1d4-4c11-9ee4-2fef9880b6a0) (Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe (HKLM-x32\...\WTA-7b04a5a6-c8d9-4b2b-83da-69b3a5557886) (Version: 2.2.0.95 - WildTangent) Hidden
Mediatek Bluetooth (HKLM\...\{904C579C-9366-D3B7-7F31-4879401DBD4A}) (Version: 11.0.756.0 - Mediatek)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5059.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Music Manager (HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\...\MusicManager) (Version: - Google, Inc.)
Mystery P.I. - Curious Case of Counterfeit Cove (HKLM-x32\...\WTA-c2cfafbe-4ca2-4be5-80eb-feac17908e28) (Version: 2.2.0.98 - WildTangent) Hidden
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5059.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5059.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5059.1000 - Microsoft Corporation) Hidden
Pdf995 (installed by H&R Block) (HKLM-x32\...\Pdf995) (Version: 15.0s - )
PdfEdit995 (installed by H&R Block) (HKLM-x32\...\PdfEdit995) (Version: - )
Peggle Nights (HKLM-x32\...\WTA-51104e8b-419d-4661-a1d7-2ac84b9a7931) (Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (HKLM-x32\...\WTA-0eb7a9d1-0bd7-4297-8595-2442d002c333) (Version: 2.2.0.98 - WildTangent) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinger (HKLM-x32\...\{9B56B031-A6C0-4BB7-8F61-938548C1B759}) (Version: 1.4.0.1 - Pinger Inc.) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Plants vs. Zombies - Game of the Year (HKLM-x32\...\WTA-eb607eec-616d-47d6-9067-4ce2b4f63207) (Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (HKLM-x32\...\WTA-ca882f22-ffce-4139-89bd-db4f9771e198) (Version: 2.2.0.97 - WildTangent) Hidden
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.50.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.35.716.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7335 - Realtek Semiconductor Corp.)
Roads of Rome 3 (HKLM-x32\...\WTA-1dba3fbf-1ffa-49b0-8493-c2fb6d845670) (Version: 2.2.0.98 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.20 - Synaptics Incorporated)
Tales of Lagoona (HKLM-x32\...\WTA-9f3f6591-d18d-4edc-b944-52a2309f311b) (Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden
Vacation Quest™ - Australia (HKLM-x32\...\WTA-50a84edc-6d7b-42ef-a96f-c43f761e4026) (Version: 3.0.2.32 - WildTangent) Hidden
VitalSource Bookshelf (HKLM-x32\...\{4bb6f5ce-1e01-41b1-833d-ffa2297df6f4}) (Version: 6.08.0017 - Ingram Content Group)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (HP Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.10.15 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Youda Jewel Shop (HKLM-x32\...\WTA-19b97c33-a9f4-4b41-9fe1-23bbfc2a8f90) (Version: 3.0.2.32 - WildTangent) Hidden
Zuma's Revenge (HKLM-x32\...\WTA-388a67e5-25e7-413f-aa22-b4763a8a2ed7) (Version: 2.2.0.98 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Jeana\AppData\Local\GoToMeeting\7468\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3379037760-1199495795-1500520215-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Jeana\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-09-20] (Cyberlink)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-09-20] (Cyberlink)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-01-04] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-01-04] (Intel Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2EB466F9-DB42-480B-9691-3B54339D68B7} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {30DD518D-D2BD-4BF9-B42F-09F1471FB75D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {385E8D75-3775-42B7-9797-985CDF456DF5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {3C7E41DC-7A3C-4805-9DB0-0FBDCD37946B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {3F73E4AA-6A78-4A20-AF06-4AA675587123} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.)
Task: {499C1C4D-4237-47CE-A970-3297F87EE98C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {4BA539A0-4FB5-4864-B6D4-CB60C3D37D9A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {5A1E649B-23DF-436C-ABE8-559788BB6C34} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {5A4BBFD0-F9FC-429B-ABCE-61D8CF5AA6DB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-04-09] ()
Task: {608EBECF-78E1-43CB-A62F-F35ED0904856} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {64110566-44C0-4A69-815F-7C9FF090D722} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {71962E72-7325-421D-A8C3-72C023C21553} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-30] (Dropbox, Inc.)
Task: {8EA964A2-494A-4431-9537-1DBAC28D7C20} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {91C9B4A3-096E-4EF3-9B91-A2B467B41287} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
Task: {9772224F-8A96-4D78-B9DB-D9C9C63D2FF8} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {9EF12D3C-ED78-4B7E-809E-B929B4692481} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2017-03-14] (Microsoft Corporation)
Task: {B0502C48-2560-4156-A1BE-E64AE285594C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-12-30] (Dropbox, Inc.)
Task: {B13F538F-9EAB-405E-B9C8-7D1B1AD10AF2} - System32\Tasks\
[email protected] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {B542C26B-C019-4EB7-B01B-5CA15FDBD531} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {BEE586A4-1BB8-4FAD-BF2D-CF5D3100C0F8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-29] (Google Inc.)
Task: {C4F8D31C-D538-4B0F-A90F-4C781BC4BD3B} - System32\Tasks\G2MUpdateTask-S-1-5-21-3379037760-1199495795-1500520215-1001 => C:\Users\Jeana\AppData\Local\GoToMeeting\10996\g2mupdate.exe [2018-11-02] (LogMeIn, Inc.)
Task: {C725CC5F-6C36-4A70-ADFA-A0734804DF19} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {DA594369-9E19-4351-B6CF-6D9DD2921C6A} - \SpyHunter4Startup -> No File <==== ATTENTION
Task: {E3CBAF60-0484-4945-AB3D-40397F4F248F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001Core1d1e91661bda98a => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {E97ECF3B-5456-4E32-B2EC-FA4AB4149833} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-12-14] (Synaptics Incorporated)
Task: {F67CC741-30B9-46DB-9DFB-40BAF7AF5907} - System32\Tasks\G2MUploadTask-S-1-5-21-3379037760-1199495795-1500520215-1001 => C:\Users\Jeana\AppData\Local\GoToMeeting\10996\g2mupload.exe [2018-11-02] (LogMeIn, Inc.)
Task: {FA74AB33-A1E3-41C1-AFD1-952493ACD54F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001UA => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe [2016-01-07] (Google Inc.)
Task: {FAF1E340-DB53-4A4B-8CCF-D63B14DE01EE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {FF71F0CD-52FE-4AF7-B70D-769B2382D235} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-01-12] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3379037760-1199495795-1500520215-1001.job => C:\Users\Jeana\AppData\Local\GoToMeeting\10996\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3379037760-1199495795-1500520215-1001.job => C:\Users\Jeana\AppData\Local\GoToMeeting\10996\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001Core.job => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001Core1d149cf520b40ce.job => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001Core1d15e25b80bf8da.job => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3379037760-1199495795-1500520215-1001Core1d1ab25396d7e4.job => C:\Users\Jeana\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForJeana.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-02-20 08:22 - 2014-03-05 10:18 - 000040448 _____ () C:\Windows\System32\pdf995mon64.dll
2014-10-24 15:19 - 2017-01-17 03:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-04-09 11:29 - 2014-04-09 11:29 - 000174368 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
2018-11-01 16:02 - 2018-10-23 13:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-11-01 16:02 - 2018-10-23 13:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2015-09-20 10:51 - 2015-06-22 01:18 - 000865720 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
2015-09-20 10:51 - 2014-04-16 22:35 - 001323992 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\Language\ENU\P2GRC.dll
2015-09-20 10:51 - 2015-06-22 01:18 - 000175544 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
2018-01-29 17:55 - 2018-01-29 17:55 - 000090112 _____ () C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2018-01-29 17:55 - 2018-01-29 17:55 - 000217600 _____ () C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2018-01-29 17:55 - 2018-01-29 17:55 - 000273920 _____ () C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\libaudioenc.DLL
2018-01-29 17:55 - 2018-01-29 17:55 - 000172032 _____ () C:\Users\Jeana\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2018-03-30 17:34 - 2018-03-30 17:34 - 000668384 _____ () C:\Program Files (x86)\Evernote\Evernote\tidy.dll
2018-11-08 18:13 - 2018-11-06 05:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-08 18:13 - 2018-11-06 05:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-08 18:14 - 2018-11-06 05:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-08 18:14 - 2018-11-06 05:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-08 18:13 - 2018-11-06 05:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:06 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 011144016 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-08 18:14 - 2018-11-06 05:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-08 18:14 - 2018-11-06 05:09 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-11-08 18:13 - 2018-11-06 05:08 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-08 18:14 - 2018-11-06 05:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2018-11-08 18:14 - 2018-11-06 05:09 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000530768 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp35-win32.pyd
2018-11-08 18:13 - 2018-11-06 05:08 - 000348496 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp35-win32.pyd
2014-09-03 11:03 - 2014-09-03 11:03 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-04-09 11:30 - 2014-04-09 11:30 - 000041248 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32api.pyd
2014-04-09 11:29 - 2014-04-09 11:29 - 000059680 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\pywintypes27.dll
2014-04-09 11:29 - 2014-04-09 11:29 - 000119072 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\pythoncom27.dll
2014-04-09 11:29 - 2014-04-09 11:29 - 000562464 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\urlmon.dll
2014-04-09 11:29 - 2014-04-09 11:29 - 000401184 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iertutil.dll
2014-04-09 11:29 - 2014-04-09 11:29 - 000412448 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\WININET.dll
2014-04-09 11:30 - 2014-04-09 11:30 - 000020256 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_multiprocessing.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000025376 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32service.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000022816 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\servicemanager.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000018208 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32event.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000027424 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_socket.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000277280 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_ssl.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000113952 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_hashlib.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000016672 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\select.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000040736 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_ctypes.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000023328 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32process.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000020256 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32ts.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000018720 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32profile.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000042784 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32security.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000336160 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\_bsddb.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000023328 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32evtlog.pyd
2014-04-09 11:30 - 2014-04-09 11:30 - 000024864 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\win32inet.pyd
2014-04-09 11:29 - 2014-04-09 11:29 - 000021280 _____ () C:\Program Files (x86)\Intel\Intel® Update Manager\bin\EnvironmentID.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 05:25 - 2013-08-22 05:25 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3379037760-1199495795-1500520215-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{48E95D83-9B8B-414B-A9A7-2AFD0BA50208}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F82BB814-FD51-4987-A33F-250BD832B780}] => (Allow) LPort=2869
FirewallRules: [{819306FA-D122-44F5-A748-CC1307C44A50}] => (Allow) LPort=1900
FirewallRules: [{ACDBC342-58F3-4625-8A64-B8384551E1AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AF01CC45-8027-43B6-8D75-55F9508E0254}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B69C123-65C4-457E-89EE-83CE63B64276}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AC9F44EA-CA99-4B7E-AFE1-D6D4936E732F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{58C65E18-42B1-4BF3-BC6A-E904C7C4C1FA}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{C0AA8B84-8995-4763-8B1B-D5203EB37713}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{62BFD3CC-A601-4CD1-B768-23E76476C8CA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{BD0432F9-AE31-41D5-86B1-BE9732CB35B0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe
FirewallRules: [{5FE91576-A314-4843-B162-097695DECBD3}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{1BBEF309-94F5-4AAC-959C-CCDCDE3D6ED4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{35DC66A2-BBA9-4D3B-BE49-45289CE0CBA6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{20F08BA1-0A89-47CC-8EEC-CE94812DDB4A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{11223FDC-2601-42A2-8A16-BF3085145409}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3556B7DD-B20F-4C06-8A12-C930FA5751B6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{E7DE152B-2CDB-490F-A29E-423083F80F07}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{53B6D13C-3ED4-4CE5-9774-E73F7F505C21}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{C08AA87A-7602-4A5B-9844-E3550CEFDA5F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{5665C43B-7E55-4182-A36D-AEDE1AAD73E5}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{A40B229D-0280-4979-86D9-92C861406CC7}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [TCP Query User{F6DF3B8B-31A9-493E-84C9-02A92E4BFE76}C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe
FirewallRules: [UDP Query User{FF6DCCE9-6A34-46BF-8C13-2A8BDF93B28D}C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe
FirewallRules: [TCP Query User{B165E053-325F-4A1A-BF24-BF4A752CA857}C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe
FirewallRules: [UDP Query User{8CD96A85-EC2C-42D6-B9EC-B285B5F05656}C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace\bridge\cricutbridge.exe
FirewallRules: [TCP Query User{7D27BCB0-25D4-4EDB-83E8-B60C48110F53}C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [UDP Query User{5955292D-83A5-48D1-A432-594052400A27}C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Allow) C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [TCP Query User{34E0FC1F-A74D-41D8-B7D6-2E13F8B493DF}C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Block) C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [UDP Query User{D0DF5288-A1B8-40EA-A737-7B755FE3C97A}C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe] => (Block) C:\users\jeana\appdata\roaming\cricutdesignspace3\bridge\cricutbridge4.exe
FirewallRules: [{BC636C65-2250-412E-B992-063A1FF36C65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{55CCD412-286D-4997-89E7-B5A0771E73F9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
18-10-2018 16:42:22 Scheduled Checkpoint
26-10-2018 16:19:05 Scheduled Checkpoint
08-11-2018 19:01:18 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/12/2018 09:20:41 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (39760) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:20:41 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (39760) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:20:01 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (39760) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:20:01 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (39760) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:04:24 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (37992) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:04:24 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (37992) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:04:01 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (37992) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
Error: (11/12/2018 09:04:01 AM) (Source: ESENT) (EventID: 412) (User: )
Description: svchost (37992) Instance: Unable to read the header of logfile C:\ProgramData\Microsoft\Windows\AppRepository\edb.log. Error -501.
System errors:
=============
Error: (11/09/2018 05:02:02 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (11/09/2018 05:01:32 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (11/09/2018 04:58:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.
Error: (11/09/2018 04:58:30 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ClickToRunSvc service.
Error: (10/20/2018 03:50:54 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {752073A1-23F2-4396-85F0-8FDB879ED0ED} did not register with DCOM within the required timeout.
Error: (10/18/2018 06:10:53 PM) (Source: DCOM) (EventID: 10010) (User: JEANA)
Description: The server Windows.Networking.BackgroundTransfer.Internal.NetworkChangeTask.ClassId.4 did not register with DCOM within the required timeout.
Error: (10/08/2018 05:10:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (09/09/2018 07:11:01 AM) (Source: DCOM) (EventID: 10010) (User: JEANA)
Description: The server Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mca did not register with DCOM within the required timeout.
Windows Defender:
===================================
Date: 2018-11-10 08:41:24.814
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {45553179-AD69-4FAA-A3A8-AA655389F8D0}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-10 08:31:50.713
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {F87B543F-EE7A-497D-A8A4-FBB0CAFA885C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-09 15:59:29.132
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4547BC87-1085-42C4-AC30-6F68B9801A58}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-08 19:58:03.235
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {4700C8CD-46BC-4432-806F-4D592CF73733}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-11-08 19:10:51.723
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {B15292B3-7D4A-463B-99BF-7784B8244123}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2017-04-09 09:05:05.854
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted: Current
Error Code: 0x80073aba
Error description: The resource is too old to be compatible.
Signature version: 1.169.55.0;1.169.55.0
Engine version: 1.1.10401.0
Date: 2014-11-22 18:53:32.342
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.169.55.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.10401.0
Error code: 0x80070643
Error description: Fatal error during installation.
Date: 2014-11-22 18:53:11.495
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.189.520.0
Previous Signature Version: 1.169.55.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.10401.0
Previous Engine Version: 1.1.10401.0
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2014-11-22 18:53:11.479
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.189.520.0
Previous Signature Version: 1.169.55.0
Update Source: User
Signature Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.10401.0
Previous Engine Version: 1.1.10401.0
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
Date: 2014-11-22 18:46:26.845
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.169.55.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.10401.0
Error code: 0x8024001e
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
CodeIntegrity:
===================================
Date: 2018-11-12 09:23:46.821
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-12 09:23:46.368
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-12 09:23:07.983
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-11-12 09:23:07.467
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel® Core i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 60%
Total physical RAM: 4027.84 MB
Available physical RAM: 1573.02 MB
Total Virtual: 5755.84 MB
Available Virtual: 2831.62 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:442.48 GB) (Free:386.17 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:22.26 GB) (Free:2.18 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{4d046355-80bd-406e-929c-7ef78da92ca1}\ (WINRE) (Fixed) (Total:0.63 GB) (Free:0.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 57DF2823)
Partition: GPT.
==================== End of Addition.txt ============================