Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop/tablet acting weird

Started by Wolfie , Dec 05 2018 05:09 PM

  • Please log in to reply

#1
Wolfie
Posted 05 December 2018 - 05:09 PM

Wolfie

    Member

  • Member
  • PipPip
  • 74 posts

System was running fine, then one time I boot it up and there is no sound, and the Settings option in the start menu won't load up the settings screen.  By no sound, I mean the speaker icon has the red and white 'x' circle over it, and troubleshooting it doesn't help at all.  Tried plugging in a USB device that gives a mic/speaker plugs and the issue remains (the USB adapter has worked before on this laptop).  Opening the volume mixer reports that there are no devices, though the dropdown shows I can select the main speaker system or the USB device, but choosing either of them doesn't do anything.

 

 

 

FRST files

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01.12.2018 01
Ran by Wolfie (administrator) on WOLF-TA (05-12-2018 17:58:03)
Running from C:\Users\Wolfie\Downloads
Loaded Profiles: Wolfie (Available Profiles: Wolfie & mmy19)
Platform: Microsoft Windows 10 Home Version 1803 17134.407 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Intel Corporation) C:\Windows\System32\esif_uf.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLoader.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x86__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(AsusTek) C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\msdt.exe
(Microsoft Corporation) C:\Windows\System32\sdiagnhost.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [83048 2015-06-10] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-1858680902-2865312834-3880466216-1001\...\RunOnce: [Uninstall 18.192.0920.0015_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Wolfie\AppData\Local\Microsoft\OneDrive\18.192.0920.0015_1"
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 164.106.1.1 164.106.2.1
Tcpip\..\Interfaces\{70c62bf4-ea82-483a-b0f7-7ded91b38ef0}: [DhcpNameServer] 164.106.1.1 164.106.2.1
 
Internet Explorer:
==================
 
FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-09-05] (Google Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.com/","hxxps://encrypted.google.com"
CHR DefaultSearchKeyword: Default -> google.com_
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default [2018-12-05]
CHR Extension: (Slides) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-05]
CHR Extension: (Instrumente) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahchimdkljhhfjkklkafookapgikdhkk [2018-09-05]
CHR Extension: (BetterTTV) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-09-05]
CHR Extension: (Docs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-05]
CHR Extension: (Google Drive) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-05]
CHR Extension: (Regex Search) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcdabfmndggphffkchfdcekcokmbnkjl [2018-09-05]
CHR Extension: (Gliffy Diagrams) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2018-09-05]
CHR Extension: (MEGA) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2018-11-28]
CHR Extension: (YouTube) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-05]
CHR Extension: (Honey) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2018-11-14]
CHR Extension: (Adblock Plus) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-05]
CHR Extension: (OkCupid (for the Non-Mainstream User)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgdblghohnaeeejaoincmbcdkdnodkei [2018-09-05]
CHR Extension: (OneTab) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2018-09-05]
CHR Extension: (uBlock Origin) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-10-03]
CHR Extension: (Image Downloader) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnpniohnfphhjihaiiggeabnkjhpaldj [2018-09-05]
CHR Extension: (FLV Player) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhogabmliblgpadclikpkjfnnipeebjm [2018-09-05]
CHR Extension: (Sheets) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-05]
CHR Extension: (Google Docs Offline) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-12]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2018-12-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-11-14]
CHR Extension: (Enable right click) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhojmcideegachlhfgfdhailpfhgknjm [2018-09-05]
CHR Extension: (Vine for Chrome) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfkidejapghjmjphojdbnchkdphccno [2018-09-05]
CHR Extension: (Crackle) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2018-09-05]
CHR Extension: (Social Fixer for Facebook) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifmhoabcaeehkljcfclfiieohkohdgbb [2018-11-14]
CHR Extension: (Recycle Bin) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ikfbchidonfnclempkcojlpijhmoalhi [2018-09-19]
CHR Extension: (SoundCloud) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2018-09-05]
CHR Extension: (Send Your Email to SMS (text)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipghnlmkjdejhibmialipjeaoobhaofe [2018-09-05]
CHR Extension: (BeFrugal Add-On) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcdcneeneoifbeenbbnjodcflhdbaggp [2018-09-05]
CHR Extension: (Google Voice (by Google)) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2018-09-05]
CHR Extension: (SoundCloud Downloader Free) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\libedajeiljdoodmokbppgapcfbignci [2018-09-05]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2018-09-05]
CHR Extension: (Chrono Download Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mciiogijehkdemklbdcbfkefimifhecn [2018-09-05]
CHR Extension: (Awesome Window & Tab Manager) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfjaddknccljfohoaekkibpcceeenkah [2018-09-05]
CHR Extension: (MetaMask) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2018-12-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-05]
CHR Extension: (Soundload) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\obeamklhbmaapccdahgeafnpfkdkbimo [2018-09-05]
CHR Extension: (Print Edit WE) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2018-11-14]
CHR Extension: (Recently Closed Tabs) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\opefiliglgllmponlmoajkfbcaigocfc [2018-09-05]
CHR Extension: (Amazon Assistant for Chrome) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam [2018-12-05]
CHR Extension: (Azimuth: Download Facebook 360° Photos/Videos) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhbghgbdeomiimgpialhailhfaebnmh [2018-10-10]
CHR Extension: (uBlock Origin Extra) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2018-11-28]
CHR Extension: (Adobe HDS / HLS Video Downloader) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pibndofbpkoaipoidbkephfhhnapkccn [2018-11-14]
CHR Extension: (Gmail) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-09-05]
CHR Extension: (Chrome Media Router) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-14]
CHR Extension: (Twitch Giveaways) - C:\Users\Wolfie\AppData\Local\Google\Chrome\User Data\Default\Extensions\poohjpljfecljomfhhimjhddddlidhdd [2018-09-05]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AsHidService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsHidSrv.exe [103224 2014-06-11] (ASUSTek Computer Inc.)
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe [115512 2014-03-26] (ASUSTek Computer Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2011-11-21] (ASUS)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [1677016 2015-04-09] (Broadcom Corporation.)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [290208 2015-07-31] (Intel Corporation)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [85096 2015-06-10] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [98920 2015-06-10] (Intel Corporation)
R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [92264 2015-06-10] (Intel Corporation)
R2 esifsvc; C:\Windows\system32\esif_uf.exe [1230504 2015-08-12] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [283552 2015-07-31] (Intel Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3358832 2018-10-24] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [91584 2018-10-24] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R3 AsusSGDrv; C:\Windows\system32\DRIVERS\AsusSGDrv.sys [116032 2015-07-14] (ASUS Corporation)
R1 ATKWMIACPIIO; C:\Program Files\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi.sys [17720 2013-07-02] (ASUSTek Computer Inc.)
R3 BCMSDH43XX; C:\Windows\system32\DRIVERS\bcmdhd63.sys [302080 2018-04-11] (Broadcom Corp)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [66560 2018-04-11] (Microsoft Corporation)
R3 BthMini; C:\Windows\System32\drivers\BTHMINI.sys [23040 2018-04-11] (Microsoft Corporation)
S3 btwampfl; C:\Windows\system32\DRIVERS\btwampfl.sys [162560 2015-04-09] (Broadcom Corporation.)
R3 BtwSerialBus; C:\Windows\system32\DRIVERS\BtwSerialBus.sys [139520 2015-04-09] (Broadcom Corporation.)
R3 camera; C:\Windows\system32\DRIVERS\camera.sys [462848 2015-06-10] (Intel Corporation)
R3 CM3218x; C:\Windows\System32\drivers\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R3 CPLMACPI; C:\Windows\System32\drivers\CPLMACPI.sys [25040 2015-07-08] (Capella Microsystems, Inc.)
R3 DptfDevDBPT; C:\Windows\system32\DRIVERS\DptfDevPower.sys [25528 2015-06-10] (Intel Corporation)
R3 DptfDevDisplay; C:\Windows\system32\DRIVERS\DptfDevDisplay.sys [28088 2015-06-10] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [36280 2015-06-10] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [80824 2015-06-10] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [181688 2015-06-10] (Intel Corporation)
S3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [51704 2015-08-12] (Intel Corporation)
S3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [227848 2015-08-12] (Intel Corporation)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [23552 2015-06-10] (Intel Corporation)
R3 GpioVirtual; C:\Windows\System32\drivers\iaiogpiovirtual.sys [16896 2015-06-10] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsHIDSwitch.sys [25824 2015-08-19] (ASUS)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [58368 2015-06-10] (Intel Corporation)
R3 iaiouart; C:\Windows\System32\drivers\iaiouart.sys [87552 2015-06-10] (Intel Corporation)
S3 intaud_WaveExtensible; C:\Windows\system32\drivers\intelaud.sys [44096 2015-06-26] (Intel Corporation)
R3 IntelSST; C:\Windows\system32\drivers\isstrtc.sys [264704 2015-06-10] (Intel® Corporation)
R3 INVN_MotionApps; C:\Windows\System32\drivers\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R3 iwdbus; C:\Windows\System32\drivers\iwdbus.sys [35904 2015-06-26] (Intel Corporation)
R3 m1040; C:\Windows\System32\drivers\m1040.sys [90640 2016-04-01] (Intel Corporation)
R0 MBI; C:\Windows\System32\drivers\MBI.sys [21944 2015-06-10] (Intel Corporation)
R3 PMIC; C:\Windows\System32\drivers\PMIC.sys [48128 2015-06-10] (Intel Corporation)
R3 rtii2sac; C:\Windows\system32\DRIVERS\rtii2sac.sys [277760 2015-10-01] (Realtek Semiconductor Corp.)
R3 TXEI; C:\Windows\System32\drivers\TXEI.sys [84520 2015-05-27] (Intel Corporation)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [38504 2018-10-24] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [261816 2018-10-24] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [47800 2018-10-24] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-12-05 17:58 - 2018-12-05 17:58 - 000018504 _____ C:\Users\Wolfie\Downloads\FRST.txt
2018-12-05 17:57 - 2018-12-05 17:58 - 000000000 ____D C:\FRST
2018-12-05 17:57 - 2018-12-05 17:57 - 001776128 _____ (Farbar) C:\Users\Wolfie\Downloads\FRST.exe
2018-12-05 17:56 - 2018-12-05 17:56 - 002417152 _____ (Farbar) C:\Users\Wolfie\Downloads\FRST64.exe
2018-12-05 17:52 - 2018-12-05 17:52 - 000000000 ____D C:\Windows\LastGood
2018-11-29 04:58 - 2018-11-29 04:58 - 000000000 ___HD C:\OneDriveTemp
2018-11-28 19:28 - 2018-11-28 19:37 - 000000424 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2018-11-28 19:28 - 2018-11-28 19:28 - 000001197 _____ C:\Users\Public\Desktop\Driver Easy.lnk
2018-11-28 19:28 - 2018-11-28 19:28 - 000000000 ____D C:\Users\Wolfie\AppData\Roaming\Easeware
2018-11-28 19:28 - 2018-11-28 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Easy
2018-11-28 19:28 - 2018-11-28 19:28 - 000000000 ____D C:\Program Files\Easeware
2018-11-28 19:27 - 2018-11-28 19:27 - 004115408 _____ (Easeware ) C:\Users\Wolfie\Downloads\DriverEasy_Setup.exe
2018-11-14 19:22 - 2018-11-01 05:10 - 004939408 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2018-11-14 19:22 - 2018-11-01 05:10 - 001362440 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2018-11-14 19:22 - 2018-11-01 05:09 - 001027000 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2018-11-14 19:22 - 2018-11-01 05:07 - 000078648 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2018-11-14 19:22 - 2018-11-01 04:54 - 000344576 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-11-14 19:22 - 2018-11-01 04:53 - 000908288 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2018-11-14 19:22 - 2018-10-31 23:50 - 000861712 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 006039064 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 004790184 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 002478872 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 002331480 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 001805656 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 001011872 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2018-11-14 19:22 - 2018-10-31 23:48 - 000502824 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2018-11-14 19:22 - 2018-10-31 23:48 - 000343056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-11-14 19:22 - 2018-10-31 23:47 - 006687032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-11-14 19:22 - 2018-10-31 23:47 - 006570368 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 19:22 - 2018-10-31 23:47 - 001989552 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-11-14 19:22 - 2018-10-31 23:47 - 001379792 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2018-11-14 19:22 - 2018-10-31 23:47 - 001020064 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2018-11-14 19:22 - 2018-10-31 23:47 - 000817768 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-11-14 19:22 - 2018-10-31 23:47 - 000633336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2018-11-14 19:22 - 2018-10-31 23:47 - 000129304 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2018-11-14 19:22 - 2018-10-31 23:35 - 003255296 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2018-11-14 19:22 - 2018-10-31 23:33 - 006661632 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2018-11-14 19:22 - 2018-10-31 23:33 - 003711488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-11-14 19:22 - 2018-10-31 23:32 - 006647296 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2018-11-14 19:22 - 2018-10-31 23:31 - 005307904 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2018-11-14 19:22 - 2018-10-31 23:31 - 000335872 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2018-11-14 19:22 - 2018-10-31 23:31 - 000288768 _____ (Microsoft Corporation) C:\Windows\system32\Search.ProtocolHandler.MAPI2.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 005883904 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 002449408 _____ (Microsoft Corporation) C:\Windows\system32\MapRouter.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 001388032 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 000561152 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 000392704 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2018-11-14 19:22 - 2018-10-31 23:30 - 000310272 _____ (Microsoft Corporation) C:\Windows\system32\wincorlib.dll
2018-11-14 19:22 - 2018-10-31 23:29 - 001986560 _____ (Microsoft Corporation) C:\Windows\system32\MapGeocoder.dll
2018-11-14 19:22 - 2018-10-31 23:29 - 000608768 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2018-11-14 19:22 - 2018-10-31 23:29 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2018-11-14 19:22 - 2018-10-31 23:29 - 000273920 _____ (Microsoft Corporation) C:\Windows\system32\MusNotificationUx.exe
2018-11-14 19:22 - 2018-10-31 23:28 - 000978944 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2018-11-14 19:22 - 2018-10-31 23:28 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 001627648 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000981504 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000977408 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000837632 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000713216 _____ (Microsoft Corporation) C:\Windows\system32\BingOnlineServices.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000534016 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-11-14 19:22 - 2018-10-31 23:27 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2018-11-14 19:22 - 2018-10-31 23:26 - 000735744 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2018-11-14 19:22 - 2018-10-21 06:38 - 000221216 _____ (Microsoft Corporation) C:\Windows\system32\EditionUpgradeManagerObj.dll
2018-11-14 19:22 - 2018-10-21 06:28 - 012501504 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-11-14 19:22 - 2018-10-21 06:26 - 011902464 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-11-14 19:22 - 2018-10-21 02:19 - 001618376 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-11-14 19:22 - 2018-10-21 02:19 - 000142136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-11-14 19:22 - 2018-10-21 02:09 - 013873664 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2018-11-14 19:22 - 2018-10-21 02:02 - 002966528 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2018-11-14 19:22 - 2018-10-21 01:58 - 001657856 _____ (Microsoft Corporation) C:\Windows\system32\WebRuntimeManager.dll
2018-11-14 19:22 - 2018-10-21 01:58 - 001172992 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-11-14 19:21 - 2018-11-01 05:07 - 000316248 _____ (Microsoft Corporation) C:\Windows\system32\MusNotifyIcon.exe
2018-11-14 19:21 - 2018-11-01 04:59 - 005669888 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2018-11-14 19:21 - 2018-11-01 04:57 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\musdialoghandlers.dll
2018-11-14 19:21 - 2018-11-01 04:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-11-14 19:21 - 2018-11-01 04:56 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\msisip.dll
2018-11-14 19:21 - 2018-11-01 04:55 - 000061440 _____ (Microsoft Corporation) C:\Windows\system32\SMSRouter.dll
2018-11-14 19:21 - 2018-11-01 04:53 - 001459200 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2018-11-14 19:21 - 2018-11-01 04:53 - 001082880 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2018-11-14 19:21 - 2018-11-01 04:52 - 002892800 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2018-11-14 19:21 - 2018-11-01 00:08 - 002417952 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2018-11-14 19:21 - 2018-10-31 23:53 - 000994480 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2018-11-14 19:21 - 2018-10-31 23:50 - 004171920 _____ (Microsoft Corporation) C:\Windows\system32\StartTileData.dll
2018-11-14 19:21 - 2018-10-31 23:48 - 002351416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-11-14 19:21 - 2018-10-31 23:48 - 000880248 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2018-11-14 19:21 - 2018-10-31 23:48 - 000384520 _____ (Microsoft Corporation) C:\Windows\system32\coml2.dll
2018-11-14 19:21 - 2018-10-31 23:47 - 000679840 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2018-11-14 19:21 - 2018-10-31 23:47 - 000220472 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2018-11-14 19:21 - 2018-10-31 23:47 - 000197136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-11-14 19:21 - 2018-10-31 23:40 - 022015488 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2018-11-14 19:21 - 2018-10-31 23:35 - 019403776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-11-14 19:21 - 2018-10-31 23:34 - 002700288 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2018-11-14 19:21 - 2018-10-31 23:31 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\dssvc.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 002808320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 002278400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 001751552 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 001361408 _____ (Microsoft Corporation) C:\Windows\system32\MSPhotography.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 000228352 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 000221696 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2018-11-14 19:21 - 2018-10-31 23:30 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 002258944 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000674816 _____ (Microsoft Corporation) C:\Windows\system32\PhoneService.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000255488 _____ (Microsoft Corporation) C:\Windows\system32\dusmsvc.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000203264 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000165376 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000133632 _____ (Microsoft Corporation) C:\Windows\system32\WPTaskScheduler.dll
2018-11-14 19:21 - 2018-10-31 23:29 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2018-11-14 19:21 - 2018-10-31 23:28 - 001272832 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 19:21 - 2018-10-31 23:28 - 001000448 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2018-11-14 19:21 - 2018-10-31 23:28 - 000441344 _____ (Microsoft Corporation) C:\Windows\system32\netprofmsvc.dll
2018-11-14 19:21 - 2018-10-31 23:27 - 001741312 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2018-11-14 19:21 - 2018-10-31 23:27 - 001354240 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2018-11-14 19:21 - 2018-10-31 23:27 - 000856576 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2018-11-14 19:21 - 2018-10-31 23:27 - 000701440 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-11-14 19:21 - 2018-10-31 23:27 - 000678400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 19:21 - 2018-10-31 23:26 - 000795648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 19:21 - 2018-10-31 23:26 - 000345088 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2018-11-14 19:21 - 2018-10-21 06:38 - 001322376 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2018-11-14 19:21 - 2018-10-21 06:38 - 000662312 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2018-11-14 19:21 - 2018-10-21 06:38 - 000660480 _____ (Microsoft Corporation) C:\Windows\system32\LicensingWinRT.dll
2018-11-14 19:21 - 2018-10-21 06:37 - 020381808 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-11-14 19:21 - 2018-10-21 06:37 - 001530560 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2018-11-14 19:21 - 2018-10-21 06:28 - 000084992 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2018-11-14 19:21 - 2018-10-21 06:26 - 003458560 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2018-11-14 19:21 - 2018-10-21 06:26 - 000596480 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2018-11-14 19:21 - 2018-10-21 06:25 - 000126976 _____ (Microsoft Corporation) C:\Windows\system32\LanguageComponentsInstaller.dll
2018-11-14 19:21 - 2018-10-21 06:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\nettrace.dll
2018-11-14 19:21 - 2018-10-21 06:23 - 000998400 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-11-14 19:21 - 2018-10-21 06:23 - 000622080 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2018-11-14 19:21 - 2018-10-21 06:23 - 000523264 _____ (Microsoft Corporation) C:\Windows\system32\UserLanguagesCpl.dll
2018-11-14 19:21 - 2018-10-21 06:22 - 002405888 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2018-11-14 19:21 - 2018-10-21 06:22 - 000224256 _____ (Microsoft Corporation) C:\Windows\system32\wisp.dll
2018-11-14 19:21 - 2018-10-21 02:39 - 000480272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2018-11-14 19:21 - 2018-10-21 02:20 - 000539904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2018-11-14 19:21 - 2018-10-21 02:20 - 000424000 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Enumeration.dll
2018-11-14 19:21 - 2018-10-21 02:20 - 000295224 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2018-11-14 19:21 - 2018-10-21 02:19 - 002487088 _____ (Microsoft Corporation) C:\Windows\system32\CoreUIComponents.dll
2018-11-14 19:21 - 2018-10-21 02:19 - 002144056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-11-14 19:21 - 2018-10-21 02:19 - 001190696 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-11-14 19:21 - 2018-10-21 02:19 - 001130768 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2018-11-14 19:21 - 2018-10-21 02:19 - 000949344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-11-14 19:21 - 2018-10-21 02:19 - 000831216 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-11-14 19:21 - 2018-10-21 02:19 - 000542520 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_StorageSense.dll
2018-11-14 19:21 - 2018-10-21 02:19 - 000505616 _____ (Microsoft Corporation) C:\Windows\system32\TextInputFramework.dll
2018-11-14 19:21 - 2018-10-21 02:19 - 000493368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2018-11-14 19:21 - 2018-10-21 02:18 - 001050488 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-11-14 19:21 - 2018-10-21 02:18 - 000142736 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-11-14 19:21 - 2018-10-21 02:18 - 000140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spacedump.sys
2018-11-14 19:21 - 2018-10-21 02:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-11-14 19:21 - 2018-10-21 02:18 - 000044104 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-11-14 19:21 - 2018-10-21 02:02 - 000157184 _____ (Microsoft Corporation) C:\Windows\system32\spacebridge.dll
2018-11-14 19:21 - 2018-10-21 02:01 - 001189376 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2018-11-14 19:21 - 2018-10-21 02:01 - 000183296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winnat.sys
2018-11-14 19:21 - 2018-10-21 02:01 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Diagnostics.dll
2018-11-14 19:21 - 2018-10-21 02:01 - 000102912 _____ (Microsoft Corporation) C:\Windows\system32\officecsp.dll
2018-11-14 19:21 - 2018-10-21 02:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\ofdeploy.exe
2018-11-14 19:21 - 2018-10-21 02:01 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\wcimage.dll
2018-11-14 19:21 - 2018-10-21 02:01 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhf.sys
2018-11-14 19:21 - 2018-10-21 02:01 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000391680 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000337920 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Activities.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000258048 _____ (Microsoft Corporation) C:\Windows\system32\BthAvctpSvc.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000256512 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000229888 _____ (Microsoft Corporation) C:\Windows\system32\DAFWSD.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000222208 _____ (Microsoft Corporation) C:\Windows\system32\BthAvrcp.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000214528 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2018-11-14 19:21 - 2018-10-21 02:00 - 000084480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2018-11-14 19:21 - 2018-10-21 01:59 - 000602112 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2018-11-14 19:21 - 2018-10-21 01:59 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2018-11-14 19:21 - 2018-10-21 01:59 - 000219136 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 002198528 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 001224192 _____ (Microsoft Corporation) C:\Windows\system32\Windows.CloudStore.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 001124352 _____ (Microsoft Corporation) C:\Windows\system32\cdprt.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2018-11-14 19:21 - 2018-10-21 01:58 - 000547840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdiWiFi.sys
2018-11-14 19:21 - 2018-10-21 01:58 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000349184 _____ (Microsoft Corporation) C:\Windows\system32\BTAGService.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000317952 _____ (Microsoft Corporation) C:\Windows\system32\cdpusersvc.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000230912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2018-11-14 19:21 - 2018-10-21 01:58 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2018-11-14 19:21 - 2018-10-21 01:57 - 002611200 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2018-11-14 19:21 - 2018-10-21 01:57 - 002412544 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-11-14 19:21 - 2018-10-21 01:57 - 001588224 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2018-11-14 19:21 - 2018-10-21 01:57 - 000830976 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2018-11-14 19:21 - 2018-10-21 01:57 - 000515584 _____ (Microsoft Corporation) C:\Windows\system32\PrintRenderAPIHost.DLL
2018-11-14 19:21 - 2018-10-21 01:57 - 000470016 _____ (Microsoft Corporation) C:\Windows\system32\cdpsvc.dll
2018-11-14 19:21 - 2018-10-21 01:56 - 001414144 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2018-11-14 19:21 - 2018-10-21 01:56 - 000910848 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2018-11-14 19:21 - 2018-10-21 01:56 - 000700928 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2018-11-14 19:21 - 2018-10-21 01:56 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2018-11-14 19:21 - 2018-10-21 00:42 - 000806320 _____ C:\Windows\system32\locale.nls
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-12-05 17:54 - 2018-08-31 03:10 - 000793700 _____ C:\Windows\system32\PerfStringBackup.INI
2018-12-05 17:54 - 2018-04-11 15:31 - 000000000 ____D C:\Windows\INF
2018-12-05 17:50 - 2018-04-11 15:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-05 17:49 - 2018-08-31 03:18 - 000000000 ___RD C:\Users\Wolfie\OneDrive
2018-12-05 17:49 - 2018-08-31 03:14 - 000002370 _____ C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-05 17:40 - 2018-08-31 03:57 - 000000000 __SHD C:\Users\Wolfie\IntelGraphicsProfiles
2018-12-05 17:40 - 2018-08-31 03:31 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-12-05 17:40 - 2018-08-31 03:00 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-12-05 17:38 - 2018-08-31 03:00 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-12-05 17:38 - 2018-04-11 15:25 - 000000000 ____D C:\Windows\CbsTemp
2018-11-29 05:18 - 2018-09-08 06:16 - 000000000 ____D C:\Windows\Minidump
2018-11-29 05:06 - 2018-08-31 03:14 - 000000000 ____D C:\Users\Wolfie
2018-11-29 04:57 - 2018-04-11 07:45 - 000786432 _____ C:\Windows\system32\config\BBI
2018-11-28 21:29 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\AppReadiness
2018-11-28 19:02 - 2018-09-05 20:01 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-28 19:02 - 2018-09-05 20:01 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-28 18:45 - 2018-08-31 03:48 - 000000000 ____D C:\Users\Wolfie\AppData\Local\ElevatedDiagnostics
2018-11-28 18:39 - 2018-08-31 03:15 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-28 18:39 - 2018-08-31 03:15 - 000000000 ___RD C:\Users\Wolfie\3D Objects
2018-11-28 18:35 - 2018-08-31 03:00 - 000231040 _____ C:\Windows\system32\FNTCACHE.DAT
2018-11-14 20:41 - 2018-04-11 15:36 - 000000000 ___SD C:\Windows\system32\F12
2018-11-14 20:41 - 2018-04-11 15:36 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-11-14 20:41 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\TextInput
2018-11-14 20:41 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\ShellExperiences
2018-11-14 20:41 - 2018-04-11 15:36 - 000000000 ____D C:\Windows\bcastdvr
2018-11-14 19:37 - 2018-08-31 04:38 - 000000000 ____D C:\Windows\system32\MRT
2018-11-14 19:32 - 2018-08-31 04:37 - 134758520 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-11-14 19:15 - 2018-04-11 15:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-05 12:34 - 2018-04-11 15:39 - 000835168 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-11-05 12:34 - 2018-04-11 15:39 - 000179808 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-08-31 03:00
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01.12.2018 01
Ran by Wolfie (05-12-2018 17:59:29)
Running from C:\Users\Wolfie\Downloads
Microsoft Windows 10 Home Version 1803 17134.407 (X86) (2018-08-31 08:06:11)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1858680902-2865312834-3880466216-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1858680902-2865312834-3880466216-503 - Limited - Disabled)
eddiw (S-1-5-21-1858680902-2865312834-3880466216-1003 - Limited - Enabled)
Guest (S-1-5-21-1858680902-2865312834-3880466216-501 - Limited - Disabled)
mmy19 (S-1-5-21-1858680902-2865312834-3880466216-1002 - Limited - Enabled) => C:\Users\mmy19
WDAGUtilityAccount (S-1-5-21-1858680902-2865312834-3880466216-504 - Limited - Disabled)
Wolfie (S-1-5-21-1858680902-2865312834-3880466216-1001 - Administrator - Enabled) => C:\Users\Wolfie
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
ASUS Smart Gesture (HKLM\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.6 - ASUS)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0038 - ASUS)
Driver Easy 5.6.7 (HKLM\...\DriverEasy_is1) (Version: 5.6.7 - Easeware)
Google Chrome (HKLM\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Microsoft OneDrive (HKU\S-1-5-21-1858680902-2865312834-3880466216-1001\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Windows Driver Package - ASUS (AsusSGDrv) Mouse  (07/07/2015 8.0.0.17) (HKLM\...\957A3BFBBA16065613E677D24C64785D717C6B05) (Version: 07/07/2015 8.0.0.17 - ASUS)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1858680902-2865312834-3880466216-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-07-31] (Intel Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {208DAEF6-010A-407E-8FAC-C5B9889B1233} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-24] (Microsoft Corporation)
Task: {3C18FE13-6295-4864-9855-871D7B1247AA} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2018-10-22] (Easeware)
Task: {3CCD59C7-3552-4FAC-995F-816EDABA1C34} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-24] (Microsoft Corporation)
Task: {3F5AC9DE-39EB-47E7-A267-265DCB4364C7} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {3F62FDCA-433F-4391-9E99-1B163FFA8728} - System32\Tasks\ATK Package A22126881260 => C:\Program Files\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {6C3E2CB6-137C-4460-A170-C79A4C4DB5DE} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback
Task: {87012E98-A3AF-4C83-A1EB-E868654AD2E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-09-05] (Google Inc.)
Task: {96D12FCE-AB72-4F3C-A954-10373F9293AA} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files\ASUS\ASUS Smart Gesture\AsTPCenter\x86\AsusTPLauncher.exe [2015-07-14] (AsusTek)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {EA8CB964-D130-4C9D-891F-C850C3B5E962} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2018-09-05] (Google Inc.)
Task: {ED241590-5C8B-4686-AF77-B0505AA50863} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-24] (Microsoft Corporation)
Task: {FD37536B-31DE-426D-9578-A4BCDC6B3772} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-24] (Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\FLV Player.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=dhogabmliblgpadclikpkjfnnipeebjm
ShortcutWithArgument: C:\Users\Wolfie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gliffy Diagrams.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=bhmicilclplefnflapjmnngmkkkkpfad
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-11 15:29 - 2018-04-11 15:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 15:29 - 2018-04-11 15:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 15:29 - 2018-04-11 15:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-08-31 10:42 - 2018-08-31 10:42 - 001428144 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x86__8wekyb3d8bbwe\Microsoft.Applications.Telemetry.Windows.dll
2018-11-28 19:02 - 2018-11-16 01:34 - 004238168 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-28 19:02 - 2018-11-16 01:34 - 000096600 _____ () C:\Program Files\Google\Chrome\Application\70.0.3538.110\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Wolfie\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity [118]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKLM\...\cmdfile\DefaultIcon:  <==== ATTENTION
HKLM\...\comfile\DefaultIcon:  <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2018-04-11 15:37 - 2018-04-11 15:31 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1858680902-2865312834-3880466216-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 164.106.1.1 - 164.106.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{BDA1324D-804D-4A91-8082-2C3766E177C9}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{0A5E7FF5-73E8-4337-ACC4-C95D48C42440}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/05/2018 05:57:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smartscreen.exe, version: 10.0.17134.137, time stamp: 0x63c9ee98
Faulting module name: Windows.Web.Http.dll, version: 10.0.17134.1, time stamp: 0xd5ee0223
Exception code: 0xc0000005
Fault offset: 0x0003a03a
Faulting process id: 0x1d08
Faulting application start time: 0x01d48cec9cfae307
Faulting application path: C:\Windows\System32\smartscreen.exe
Faulting module path: C:\Windows\System32\Windows.Web.Http.dll
Report Id: c140dd0b-40c2-456a-bc4e-cecfbf7608c5
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/05/2018 05:56:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smartscreen.exe, version: 10.0.17134.137, time stamp: 0x63c9ee98
Faulting module name: Windows.Web.Http.dll, version: 10.0.17134.1, time stamp: 0xd5ee0223
Exception code: 0xc0000005
Fault offset: 0x0003a039
Faulting process id: 0x1d08
Faulting application start time: 0x01d48cec9cfae307
Faulting application path: C:\Windows\System32\smartscreen.exe
Faulting module path: C:\Windows\System32\Windows.Web.Http.dll
Report Id: ba922f4d-5dfb-463e-a0db-419ac0e894dd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/05/2018 05:56:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xb3ceae44
Faulting module name: Windows.Web.Http.dll, version: 10.0.17134.1, time stamp: 0xd5ee0223
Exception code: 0xc0000005
Fault offset: 0x0003a039
Faulting process id: 0x149c
Faulting application start time: 0x01d48cedbd1dfac7
Faulting application path: C:\Windows\system32\backgroundTaskHost.exe
Faulting module path: C:\Windows\System32\Windows.Web.Http.dll
Report Id: d8232896-7350-4fed-b715-1663de879c55
Faulting package full name: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
 
Error: (12/05/2018 05:53:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
 
Error: (12/05/2018 05:53:30 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Defender SmartScreen because of this error.
 
Program: Windows Defender SmartScreen
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (12/05/2018 05:53:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smartscreen.exe, version: 10.0.17134.137, time stamp: 0x63c9ee98
Faulting module name: Windows.Web.Http.dll, version: 10.0.17134.1, time stamp: 0xd5ee0223
Exception code: 0xc0000096
Fault offset: 0x0003a035
Faulting process id: 0x1d08
Faulting application start time: 0x01d48cec9cfae307
Faulting application path: C:\Windows\System32\smartscreen.exe
Faulting module path: C:\Windows\System32\Windows.Web.Http.dll
Report Id: 9f86a500-538b-4611-bc90-e74cdf8a755a
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (12/05/2018 05:53:28 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Defender SmartScreen because of this error.
 
Program: Windows Defender SmartScreen
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
Error: (12/05/2018 05:53:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: smartscreen.exe, version: 10.0.17134.137, time stamp: 0x63c9ee98
Faulting module name: Windows.Web.Http.dll, version: 10.0.17134.1, time stamp: 0xd5ee0223
Exception code: 0xc0000096
Fault offset: 0x0003a035
Faulting process id: 0x1d08
Faulting application start time: 0x01d48cec9cfae307
Faulting application path: C:\Windows\System32\smartscreen.exe
Faulting module path: C:\Windows\System32\Windows.Web.Http.dll
Report Id: 8849cafa-87ea-4e31-8583-382434f4ba60
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (12/05/2018 05:53:40 PM) (Source: DCOM) (EventID: 10016) (User: WOLF-TA)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user WOLF-TA\Wolfie SID (S-1-5-21-1858680902-2865312834-3880466216-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/05/2018 05:53:29 PM) (Source: DCOM) (EventID: 10010) (User: WOLF-TA)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI did not register with DCOM within the required timeout.
 
Error: (12/05/2018 05:50:26 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Audio service, but this action failed with the following error: 
An instance of the service is already running.
 
Error: (12/05/2018 05:49:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Audio service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (12/05/2018 05:49:04 PM) (Source: DCOM) (EventID: 10010) (User: WOLF-TA)
Description: The server Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXynb3eakad12451rv00qxextfnce9sxb8.mca did not register with DCOM within the required timeout.
 
Error: (12/05/2018 05:42:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscDataProtection
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/05/2018 05:42:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscBrokerManager
 and APPID 
Unavailable
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (12/05/2018 05:41:30 PM) (Source: DCOM) (EventID: 10016) (User: WOLF-TA)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID 
Windows.SecurityCenter.WscCloudBackupProvider
 and APPID 
Unavailable
 to the user WOLF-TA\Wolfie SID (S-1-5-21-1858680902-2865312834-3880466216-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
 
Windows Defender:
===================================
Date: 2018-10-10 18:57:16.076
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {2CA60461-EFC7-4CC4-B10E-E9DD0E01CA46}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-09-26 20:21:36.510
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C78A7544-CCDF-4A4A-81B1-B76A3DE0BA0E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-09-26 20:04:06.170
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {DF992985-FC59-437B-A3CD-D04F49C185DA}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-09-19 20:47:08.458
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {350BE78E-C773-46E8-B105-9353A95A6369}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-09-19 20:32:36.737
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {7FFCBEE8-4EC5-4A35-A6F3-69FEFDEA3ADD}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2018-12-05 17:50:24.627
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.118.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80072f8f
Error description: A security error occurred 
 
Date: 2018-12-05 17:40:20.611
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.118.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-12-05 17:40:20.610
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.118.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-12-05 17:40:20.609
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.118.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
Date: 2018-12-05 17:40:20.588
Description: 
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.281.118.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.15400.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved 
 
CodeIntegrity:
===================================
 
Date: 2018-11-29 04:58:25.980
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Ndu.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-10-20 21:56:16.779
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\mrxsmb10.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-10-03 19:03:04.219
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\PEAuth.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2018-08-31 05:31:45.413
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-08-31 05:31:45.394
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-08-31 05:31:45.181
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-08-31 05:31:45.163
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
 
Date: 2018-08-31 05:31:45.135
Description: 
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.
 
==================== Memory info =========================== 
 
Processor: Intel® Atom™ CPU Z3740 @ 1.33GHz
Percentage of memory in use: 73%
Total physical RAM: 1933.14 MB
Available physical RAM: 513.27 MB
Total Virtual: 2701.14 MB
Available Virtual: 1099.42 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:28.21 GB) (Free:14.37 GB) NTFS
 
\\?\Volume{3049accc-1a07-4e53-8a7f-add18c8cdafb}\ (Recovery) (Fixed) (Total:0.68 GB) (Free:0.42 GB) NTFS
\\?\Volume{806a75e4-589a-481f-8ac8-42fa92e5f00c}\ (Restore) (Fixed) (Total:7.03 GB) (Free:2.14 GB) NTFS
\\?\Volume{6051eb31-7a72-4891-b5d6-6c6fc1050162}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 29.1 GB) (Disk ID: 4E1E4192)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 7 GB) (Disk ID: 471CF409)
 
Partition: GPT.
 
==================== End of Addition.txt ============================
 
 

 


  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP