Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Possible Malware or Registry Issue


  • Please log in to reply

#1
sroney

sroney

    Member

  • Member
  • PipPip
  • 18 posts

Hello,

 

I cannot tell if I have a malware issue, or if it is a registry issue.  My computer has been working great, until a couple of days ago.  Now it is just slow doing everything.  I tried to do a 'restore' to an earlier date, but I keep getting a message that there is a virus protection program running, and I cannot figure out how to disable it.

 

Any help is appreciated.

Thank you.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-11-2019
Ran by srone (administrator) on LAPTOP-TPQUSEMR (HP HP Laptop 15-bs1xx) (04-11-2019 20:23:37)
Running from C:\Users\srone\Desktop
Loaded Profiles: srone (Available Profiles: srone)
Platform: Windows 10 Home Version 1903 18362.418 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\84.4.170\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\84.4.170\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\84.4.170\QtWebEngineProcess.exe
(Fitbit) C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw\Fitbit.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett Packard -> HP Inc.) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\ScanToPCActivationApp.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\IntelCpHeciSvc.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\srone\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19071.17920.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19101.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NAVIONICS S.P.A. -> ) C:\Program Files (x86)\Chart Installer\NavService.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(WildTangent Inc -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [297272 2017-12-11] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdproxy.exe [57344 2005-09-09] (Adobe Systems Incorporated) [File not signed]
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6210368 2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709160 2018-05-22] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [24552064 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30796352 2018-10-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\...\Run: [HP OfficeJet Pro 7740 (NET)] => C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\ScanToPCActivationApp.exe [3770504 2018-04-06] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\78.0.3904.70\Installer\chrmstp.exe [2019-10-23] (Google LLC -> Google LLC)
Startup: C:\Users\srone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NavService.lnk [2018-05-03]
ShortcutTarget: NavService.lnk -> C:\Program Files (x86)\Chart Installer\NavService.exe (NAVIONICS S.P.A. -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03C7E8FE-E293-4D61-B2DF-3E655E687239} - System32\Tasks\HPCeeScheduleForsrone => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {040042D0-BF57-4E36-AC13-7031D8A846A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-28] (Google Inc -> Google Inc.)
Task: {0F8F159A-2DA3-4094-9974-051A23C27F5C} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [39920 2018-10-24] (Garmin International, Inc. -> )
Task: {13900E90-4884-461B-BC0C-E366B010A677} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {1EE51481-544F-4F63-8DE6-3F91CFCE7EA9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {24F6F527-DE1D-4AA9-9728-CCA2115B5FE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {2577EC57-0328-4F98-B4E4-29C6686380B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [144248 2019-10-10] (HP Inc. -> HP Inc.)
Task: {33CBED8C-9A80-4B61-B058-F38BF75A11C7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [250232 2019-10-08] (HP Inc. -> HP Inc.)
Task: {3D929F56-4FC8-4E95-8E11-AAB991BD4FF1} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-09-13] (HP Inc. -> )
Task: {40F788A5-1D0B-4E63-B58C-C3A6161821AB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4B6A37DF-0A2D-493E-8346-59719CB43435} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {4C4DE8BA-47DD-44BB-881F-FE609EED11F4} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {4C4EE127-6E58-4D9E-9C5D-135E381366CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-05-28] (Google Inc -> Google Inc.)
Task: {54828B86-2FEA-4E3C-99B2-C0BDC33D382C} - System32\Tasks\HPCustParticipation HP OfficeJet Pro 7740 series => C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {558F22C2-0313-469B-B183-05E1B595CB0A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {571DF57F-2CEC-4328-B04F-DD67B407F0C4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-10-27] (Dropbox, Inc -> Dropbox, Inc.)
Task: {5B52109B-7415-4C3E-93FE-7AD3738A53A8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1423680 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {665AD81F-2AAF-44D8-929C-5321DDFDCF94} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [114720 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {8EDE7B66-DFF7-40E3-9762-08BF5A7924C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {908F26DD-F3AD-4DFF-AACF-6F79F18152D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH96Q2N0QW => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {A0422100-904E-4D05-B157-516C2F1EC443} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-04-07] (HP Inc. -> HP Inc.)
Task: {A26A954D-8F3E-4964-A7AC-B257C38A5961} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {A309FE3A-ACDB-411C-99DF-9E6C9153AC7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {A34CEB00-3F77-4381-B44C-F181981C3F63} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {A4B95667-A467-43F9-B936-85C9F6BD9F86} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644472 2019-06-21] (HP Inc. -> HP Inc.)
Task: {AC73D97C-F41A-4C6C-8248-337A672FA444} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {AD9C2B1E-5700-4E25-A9BE-4E34A341257E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4427584 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD215B66-8471-4CCE-8654-8070C3964991} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4427584 2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BD485B18-1BC1-4C8F-8EC9-8265D5EC9C30} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe
Task: {BFCC6957-F1D1-453F-B5BB-B4F8C2EAC4AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF5846EB-1CDE-4302-9CE8-1BE82E6D285E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN7CF250QM => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {E1C8127E-F8D1-48B9-9752-CB2E2956C63E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1094008 2019-10-10] (HP Inc. -> HP Inc.)
Task: {F9354E22-CB47-47D4-ABD3-9CF487DB0A66} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27367496 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {FFA7BC67-A292-459C-880C-33F39AB7881F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-10-27] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{50939ef9-222f-4888-a393-3ab48bb18d30}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{b5cfe6bb-0678-4d97-b442-dc87454bbae3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{be16cb5c-d1af-4c1e-aafc-2e8e00ff72bf}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {5A64869A-2A9F-445D-9C55-BC6A3B22A682} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {5A64869A-2A9F-445D-9C55-BC6A3B22A682} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2384352896-1203634740-2024044642-1001 -> {5A64869A-2A9F-445D-9C55-BC6A3B22A682} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-2384352896-1203634740-2024044642-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\IEExt\ie_plugin.dll [2019-10-28] (Kaspersky Lab -> AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-11-04] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
DownloadDir: C:\Users\srone\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2384352896-1203634740-2024044642-1001 -> hxxp://yahoo.com/

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-10-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 18.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-04] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-10-11] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxps://yahoo.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Notifications: Default -> hxxps://us.letgo.com; hxxps://www.truthfinder.com
CHR Profile: C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default [2019-11-04]
CHR Extension: (Kaspersky Protection) - C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkpcclbbgegoafihnpgomddadjhcadd [2019-10-14]
CHR Extension: (Docs) - C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-01-16]
CHR Extension: (Adobe Acrobat) - C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-09-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Chrome Media Router) - C:\Users\srone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-10-23]
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeActiveFileMonitor4.0; C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe [102400 2005-09-09] () [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-11-27] (Apple Inc. -> Apple Inc.)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11642744 2019-10-25] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-10-27] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-10-27] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-10-30] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe [1701480 2018-02-10] (Intel Corporation -> Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1327400 2017-09-05] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [472576 2017-09-13] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-04] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [360312 2019-10-14] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\vssbridge64.exe [414352 2018-12-12] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6744288 2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [382008 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1575728 2019-10-31] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [69560 2018-02-10] (Intel Corporation -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [382392 2018-02-10] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2019-10-29] (Malwarebytes Corporation -> Malwarebytes)
S2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1096192 2019-08-12] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\System32\drivers\ibtusb.sys [199192 2018-05-10] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [75600 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [126288 2019-08-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [91472 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [236672 2019-08-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1093248 2019-06-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP19.0.0\Bases\klids.sys [197760 2019-09-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1168000 2019-08-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [58704 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [60536 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [60784 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [50304 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [46416 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [251256 2019-10-09] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [306248 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [119744 2019-10-17] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [204520 2019-10-09] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [104576 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [184960 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [218240 2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-10-29] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-06-26] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [224408 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [275232 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [116832 2019-11-03] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel® Wireless Connectivity Solutions -> Intel Corporation)
S2 Parclass; C:\Windows\SysWOW64\Drivers\Parclass.sys [19824 2000-04-04] (Microsoft Corporation) [File not signed]
S3 pmxdrv; C:\WINDOWS\system32\drivers\pmxdrv.sys [31152 2019-11-02] (PAIPTAC  Driver -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-11-20] (Realtek Semiconductor Corp. -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420832 2017-04-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [45144 2017-08-24] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [49208 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-04 19:58 - 2019-11-04 20:01 - 000048727 _____ C:\Users\srone\Desktop\Addition.txt
2019-11-04 19:50 - 2019-11-04 20:24 - 000037885 _____ C:\Users\srone\Desktop\FRST.txt
2019-11-04 19:50 - 2019-11-04 20:24 - 000000000 ____D C:\FRST
2019-11-04 19:48 - 2019-11-04 19:48 - 001619456 _____ (Farbar) C:\Users\srone\Desktop\FRST64.exe
2019-11-03 00:30 - 2019-11-03 00:30 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2019-11-03 00:29 - 2019-11-03 00:29 - 000275232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-11-03 00:29 - 2019-11-03 00:29 - 000224408 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2019-11-03 00:29 - 2019-11-03 00:29 - 000116832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2019-11-02 22:31 - 2019-11-03 00:25 - 000000000 ___HD C:\$SysReset
2019-11-01 21:39 - 2019-11-01 21:39 - 000096483 _____ C:\Users\srone\Downloads\Online Docket _ Hall County Clerk of Courts.pdf
2019-10-30 20:08 - 2019-11-03 00:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-10-30 13:45 - 2019-10-30 13:45 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-10-30 13:45 - 2019-10-30 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-10-30 13:45 - 2019-10-30 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-10-30 13:45 - 2019-10-30 13:45 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-10-30 12:16 - 2019-10-30 12:16 - 000000000 ____D C:\Users\srone\AppData\Roaming\Accubid
2019-10-30 11:54 - 2005-06-14 12:01 - 000296448 _____ (Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\Drivers\hardlock.sys
2019-10-30 11:53 - 2019-11-02 22:24 - 000000000 ____D C:\Program Files (x86)\Accubid data
2019-10-29 19:00 - 2019-10-29 19:00 - 000019631 _____ C:\Users\srone\Downloads\Check V104534.pdf
2019-10-29 18:54 - 2019-10-29 18:54 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-10-28 21:30 - 2019-10-28 21:30 - 002031188 _____ C:\Users\srone\Downloads\26314933510.tcx
2019-10-24 16:05 - 2019-10-24 16:05 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000065064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-10-24 16:05 - 2019-10-24 16:05 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-10-24 16:05 - 2019-10-24 16:05 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-10-22 17:18 - 2019-10-22 17:18 - 000019636 _____ C:\Users\srone\Downloads\Check V104064.pdf
2019-10-21 16:07 - 2019-10-21 16:07 - 000000000 ____D C:\WINDOWS\Firmware
2019-10-17 16:11 - 2019-10-17 16:11 - 000306248 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2019-10-17 15:49 - 2019-10-17 15:49 - 000119744 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2019-10-10 00:33 - 2019-10-10 00:33 - 000002505 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002500 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002499 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002463 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002462 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002450 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-10-10 00:33 - 2019-10-10 00:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2019-10-09 23:46 - 2019-10-09 23:46 - 025900544 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 022628352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 019849216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 019811840 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 018019840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 014816256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 008010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 007195648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 007015936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 006517640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 006232064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 005915648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 005041664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 004129616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 003525592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 002861568 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2019-10-09 23:46 - 2019-10-09 23:46 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2019-10-09 23:46 - 2019-10-09 23:46 - 002703360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 002494440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 002422592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-10-09 23:46 - 2019-10-09 23:46 - 002314648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 002236144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 002138472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-10-09 23:46 - 2019-10-09 23:46 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001952360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001847808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001730560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001687040 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001664928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001563648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001562424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001394488 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001273392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001217904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001152016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001098712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 001012792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000904208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000856576 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-10-09 23:46 - 2019-10-09 23:46 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000842752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000829536 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 000818688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000774672 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 000701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.FileExplorer.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000679880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000669496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000598024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000452408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000422008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000404392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000380216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000300184 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-10-09 23:46 - 2019-10-09 23:46 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000199480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-10-09 23:46 - 2019-10-09 23:46 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-10-09 23:46 - 2019-10-09 23:46 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsgqec.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000033048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NtlmShared.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\cngkeyhelper.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000013824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDJPN.DLL
2019-10-09 23:46 - 2019-10-09 23:46 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cngkeyhelper.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbd106.dll
2019-10-09 23:46 - 2019-10-09 23:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6r.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 017787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 009928504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 007600664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 004562688 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 004012544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 003771392 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 003701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002762504 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002723328 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 002456064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002448712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002284032 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002114048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002081976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 002000168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001743672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001656392 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001439744 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 001084432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000890472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000880088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000844800 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000758584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mousocoreworker.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000516408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000515896 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000466416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000456504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000412152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000225080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000220472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000202040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000117048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-10-09 23:45 - 2019-10-09 23:45 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000039304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NtlmShared.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000037176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2019-10-09 23:45 - 2019-10-09 23:45 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\bindflt.dll
2019-10-09 23:45 - 2019-10-09 23:45 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6r.dll
2019-10-09 23:25 - 2019-10-09 23:25 - 000251256 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2019-10-09 23:25 - 2019-10-09 23:25 - 000204520 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2019-10-09 23:08 - 2019-10-09 23:09 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2019-10-09 23:08 - 2019-10-09 23:09 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2019-10-06 21:07 - 2019-10-06 21:07 - 000283239 _____ C:\Users\srone\Downloads\Fitness Challenge 2.0- Week 1.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-04 20:23 - 2019-08-07 01:20 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-11-04 20:18 - 2019-03-18 23:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-11-04 20:01 - 2019-03-18 23:50 - 000000000 ____D C:\WINDOWS\INF
2019-11-04 19:17 - 2019-03-18 23:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-11-04 19:17 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-11-04 19:17 - 2017-12-10 09:56 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-11-04 18:53 - 2019-08-07 02:11 - 000004168 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{0FD0F692-41CC-4969-AD62-54694299DC03}
2019-11-04 18:50 - 2019-08-07 02:11 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-04 18:50 - 2019-08-07 02:11 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-04 18:49 - 2018-05-28 09:00 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-04 06:58 - 2017-06-30 04:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-03 07:18 - 2017-11-30 19:46 - 000000000 __SHD C:\Users\srone\IntelGraphicsProfiles
2019-11-03 00:28 - 2019-08-07 02:11 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-11-03 00:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2019-11-03 00:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\setup
2019-11-03 00:25 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\appcompat
2019-11-03 00:25 - 2019-03-18 23:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-11-03 00:25 - 2018-11-18 13:48 - 000000000 ____D C:\ProgramData\Garmin
2019-11-03 00:25 - 2018-10-27 13:42 - 000000000 ___RD C:\Users\srone\Dropbox
2019-11-03 00:25 - 2018-06-25 11:32 - 000000000 ____D C:\Users\srone\Downloads\HP Downloads
2019-11-03 00:25 - 2017-10-16 22:06 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2019-11-02 23:51 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\registration
2019-11-02 23:44 - 2018-05-25 15:52 - 000000000 ____D C:\Users\srone\AppData\Local\PlaceholderTileLogoFolder
2019-11-02 22:41 - 2019-08-07 01:30 - 000000000 ____D C:\Users\srone
2019-11-02 08:51 - 2017-06-30 04:41 - 000000000 ____D C:\SWSetup
2019-11-02 08:50 - 2018-02-02 18:06 - 000031152 _____ C:\WINDOWS\system32\Drivers\pmxdrv.sys
2019-11-02 08:19 - 2019-08-07 01:43 - 000935156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-11-02 08:06 - 2018-09-16 19:00 - 000000364 _____ C:\WINDOWS\Tasks\HPCeeScheduleForsrone.job
2019-11-01 19:39 - 2019-08-07 02:11 - 000003256 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForsrone
2019-10-31 18:50 - 2018-07-11 18:15 - 000000000 ____D C:\ProgramData\Packages
2019-10-30 20:09 - 2018-10-27 13:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-10-29 18:54 - 2019-07-28 07:56 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-10-28 22:18 - 2017-12-01 21:47 - 000000000 ____D C:\Users\srone\Documents\Files
2019-10-28 16:01 - 2019-08-07 02:11 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2384352896-1203634740-2024044642-1001
2019-10-28 16:01 - 2019-08-07 01:30 - 000002374 _____ C:\Users\srone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-10-28 16:01 - 2017-11-30 19:50 - 000000000 ___RD C:\Users\srone\OneDrive
2019-10-28 06:51 - 2019-03-18 23:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-10-27 15:38 - 2019-01-16 00:15 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-10-24 16:05 - 2019-03-18 23:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-23 17:40 - 2019-01-16 00:16 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-23 17:40 - 2019-01-16 00:16 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-23 17:40 - 2019-01-16 00:16 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2019-10-22 17:15 - 2018-01-01 10:45 - 000000000 ____D C:\Users\srone\AppData\Local\Packages
2019-10-22 17:04 - 2017-12-10 11:11 - 000000000 ____D C:\Program Files\CCleaner
2019-10-18 18:00 - 2017-11-30 20:05 - 000000000 ____D C:\Users\srone\AppData\Local\PackageStaging
2019-10-17 15:35 - 2018-10-27 13:37 - 000000000 ____D C:\Users\srone\AppData\Local\Dropbox
2019-10-16 16:18 - 2019-08-07 02:11 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2019-10-16 16:15 - 2018-02-04 18:41 - 000000000 ____D C:\Users\srone\AppData\Local\Adobe
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ___RD C:\WINDOWS\PrintDialog
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-10-10 00:24 - 2019-03-18 23:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-10-09 23:56 - 2017-12-03 10:13 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-10-09 23:52 - 2017-12-03 10:12 - 127230528 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-11-2019
Ran by srone (04-11-2019 20:25:15)
Running from C:\Users\srone\Desktop
Windows 10 Home Version 1903 18362.418 (X64) (2019-08-07 07:15:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2384352896-1203634740-2024044642-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2384352896-1203634740-2024044642-503 - Limited - Disabled)
Guest (S-1-5-21-2384352896-1203634740-2024044642-501 - Limited - Disabled)
srone (S-1-5-21-2384352896-1203634740-2024044642-1001 - Administrator - Enabled) => C:\Users\srone
WDAGUtilityAccount (S-1-5-21-2384352896-1203634740-2024044642-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated)
Adobe Photoshop Elements 4.0 (HKLM-x32\...\Adobe Photoshop Elements 4) (Version: 4.0 - Adobe Systems Inc.)
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{BC7C46A4-D7A7-48EC-A98C-32A7762B5EFA}) (Version: 6.2.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Chart Installer (HKLM-x32\...\Chart Installer 1.0.0.114) (Version: 1.0.0.114 - Navionics)
CycliqPlus Desktop (HKLM-x32\...\{E5BBC5AF-2FA0-497C-987C-7A75DBFDF3E4}) (Version: 1.0.0 - Cycliq Products pty. ltd.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 84.4.170 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
Golden Cheetah v3.5-DEV1903 (64bit) (HKLM-x32\...\Golden Cheetah) (Version: v3.5-DEV1903 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 78.0.3904.70 - Google LLC)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.9.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Dropbox Plugin (HKLM-x32\...\{D12BC084-97D6-438A-AA7C-5962608D17A0}) (Version: 36.0.41.58587 - HP)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP Google Drive Plugin (HKLM-x32\...\{BFA42100-DB54-467A-BB87-CF70732B4065}) (Version: 36.0.41.58587 - HP)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{6A139049-EBB9-4076-8664-B468888E55A3}) (Version: 1.3.392.0 - HP Inc.)
HP OfficeJet Pro 7740 series Basic Device Software (HKLM\...\{F1FD1844-666E-4968-B873-3B92897D51C1}) (Version: 40.12.1161.1896 - HP Inc.)
HP OfficeJet Pro 7740 series Help (HKLM-x32\...\{7217DB76-9244-47AB-9541-C6BE8EE2209B}) (Version: 39.0.0 - HP)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{5C591A5B-EA74-44F7-81DD-A757B5935AAD}) (Version: 1.5.0.0 - HP Inc)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{183BD477-774B-4700-B40B-EE43886E74D2}) (Version: 12.13.42.1 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{9DD60999-A4F0-4333-9D00-E45C718EA6C1}) (Version: 1.4.30 - HP Inc.)
I.R.I.S. OCR (HKLM-x32\...\{11ED31EC-7EFA-4D56-B71D-E0214C8984CC}) (Version: 12.3.7.0 - HP)
Intel® Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10205.4743 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6518 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.9.1101 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{718613F4-492D-4272-ACC3-D04A8EF0F883}) (Version: 19.0.0.1088 - Kaspersky Lab)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 16.0.12130.20272 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0013 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Movavi Video Editor 11 (HKLM-x32\...\Movavi Video Editor 11) (Version: 11.4.1 - Movavi)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12130.20272 - Microsoft Corporation) Hidden
Product Improvement Study for HP OfficeJet Pro 7740 series (HKLM\...\{129F87F7-02AA-4301-9E00-860E58C12B67}) (Version: 40.12.1161.1896 - HP Inc.)
R for Windows 3.5.2 (HKLM\...\R for Windows 3.5.2_is1) (Version: 3.5.2 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8734.1 - Realtek Semiconductor Corp.)
Stellarium 0.19.1.1 (HKLM\...\Stellarium_is1) (Version: 0.19.1.1 - Stellarium team)
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.9 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.373 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-11-03] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.2.6.0_x86__kgqvnymyfvs32 [2019-11-03] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.151.300.0_x86__kgqvnymyfvs32 [2019-11-04] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_4.4.0.5_x86__h6adky7gbf63m [2019-11-03] (Gameloft.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-11-03] (Fitbit)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.3.407.0_x86__v10z8vjag6ke6 [2019-11-03] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-11-03] (HP Inc.)
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.33.0_x64__kejf07qmg0jnm [2019-11-03] (Keeper Security Inc)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20368.0_x64__8wekyb3d8bbwe [2019-11-04] (Microsoft Corporation) [MS Ad]
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.4.0.10_x86__h6adky7gbf63m [2019-11-03] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-11-03] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.10022.0_x64__8wekyb3d8bbwe [2019-11-03] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.13.34.0_x64__8wekyb3d8bbwe [2019-11-04] (Microsoft Studios)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-11-03] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-11-03] (Netflix, Inc.)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-11-03] (CYBERLINKCOM CORP)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-11-03] (Random Salad Games LLC) [MS Ad]
Smartfriend by HP Care -> C:\Program Files\WindowsApps\AD2F1837.SmartfriendbyHPCare_1.1.13.0_x64__v10z8vjag6ke6 [2019-11-03] (HP Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0 [2019-11-04] (Spotify AB) [Startup Task]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-11-02] (Synaptics Incorporated)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.80.0_x64__qt5r5pa5dyg8m [2019-11-02] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2384352896-1203634740-2024044642-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\srone\Dropbox [2018-10-27 13:42]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers2: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki131191.inf_amd64_d668106cb6f2eae0\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 19.0.0] -> {755D388B-420B-4692-A974-84AAF0E577D3} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\ShellEx.dll [2019-04-15] (Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.LWLR] => C:\Windows\SysWOW64\RGBACodec.dll [37488 2017-04-03] (EditShare EMEA (X-Edit Limited) -> )

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2019-10-16 16:32 - 2019-10-16 16:32 - 000138240 _____ ( ) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\4d3a823aa0be68af95d36e8074dded84\Interop.IWshRuntimeLibrary.ni.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2019-10-18 18:00 - 2019-10-18 18:00 - 167297024 _____ () [File not signed] C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw\Fitbit.dll
2019-10-18 18:00 - 2019-10-18 18:00 - 000680448 _____ () [File not signed] C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw\GoldenGateWrapper.dll
2019-10-18 18:00 - 2019-10-18 18:00 - 000016384 _____ () [File not signed] C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw\ReplayGainPort.dll
2019-10-16 16:30 - 2019-10-16 16:30 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\f6e75e17f51ae695391706ef26e476fa\BRIDGECommon.ni.dll
2019-10-16 16:31 - 2019-10-16 16:31 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\472c971e04e529eeabd7c3c86be95bcc\BridgeExtension.ni.dll
2019-10-16 16:32 - 2019-10-16 16:32 - 000370688 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\82e1fb331624396b3617db85aa4477bc\CleanStartController.ni.dll
2019-10-16 16:31 - 2019-10-16 16:31 - 000072704 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\6602081d657e7f1005b52dce22297dee\NativeInterop.ni.dll
2005-09-09 01:18 - 2005-09-09 01:18 - 000114688 _____ (Adobe Systems Incorporated) [File not signed] C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\apdboot.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 000890880 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Chart Installer\platforms\qwindows.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 004085248 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Chart Installer\Qt5Core.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 004601344 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:\Program Files (x86)\Chart Installer\Qt5Gui.dll
2018-10-24 15:17 - 2018-10-24 15:17 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2019-10-16 16:32 - 2019-10-16 16:32 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\2b1c5ee3bedd08046609eef7553ed5d7\Hardcodet.Wpf.TaskbarNotification.ni.dll
2019-10-16 16:32 - 2019-10-16 16:32 - 001701376 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\d302bbf536bb76d22eb7f7d9908abf23\NAudio.ni.dll
2005-09-09 01:22 - 2005-09-09 01:22 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\MSVCP71.dll
2005-09-09 01:22 - 2005-09-09 01:22 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Adobe\Photoshop Elements 4.0\MSVCR71.dll
2019-10-16 16:32 - 2019-10-16 16:32 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\7ec3906175a4c347d9c3eb2033bc3ae5\Newtonsoft.Json.ni.dll
2018-10-24 15:16 - 2018-10-24 15:16 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-10-18 18:00 - 2019-10-18 18:00 - 001659904 _____ (SQLite Development Team) [File not signed] C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw\sqlite3.dll
2019-10-16 16:32 - 2019-10-16 16:32 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\df276c996822413a84f2cef6b0cc660b\log4net.ni.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 021529088 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Chart Installer\icudt53.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 001961472 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Chart Installer\icuin53.dll
2018-05-03 22:22 - 2018-04-04 07:08 - 001316352 _____ (The ICU Project) [File not signed] C:\Program Files (x86)\Chart Installer\icuuc53.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 16:03 - 2017-03-18 16:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\iCLS\;C:\Program Files\Intel\Intel® Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2384352896-1203634740-2024044642-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\srone\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\backgrounddefault.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DF51C0F2-D248-47AC-80FB-830AE5DB3C39}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1C9F4943-7ECD-4F41-8325-14339723B6F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A3B075E-4711-41E0-8C4F-EFB549CA3CBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{567F459C-4613-4B95-BEF1-B2A99B4B476B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{B4AFB88C-8BBB-4C58-B958-C9905FA6EA8B}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{391B15B5-7D80-4A96-B02E-ED14E0FEF1BB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{E2ADC3D8-FBCB-4353-8CAB-43BF6150F546}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{ABAAEAF4-BB23-4768-AD73-B00428FC724C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{B36E64E5-C089-4263-AB6D-DAB6976B801C}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{0FAFA461-A459-461D-810B-898ADB584F02}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AFE6B274-AD97-471F-95F8-49BA1D8E51E0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{30EADC2B-C205-49B5-925E-94257BDD25A4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5E3C03C7-9F21-4D15-BDCD-523C68BA5A6D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BD1652A0-D0BD-48D4-ADC9-984A9CDB4ADD}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{5174722E-050D-456F-97DD-37455343588C}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe (EditShare EMEA (X-Edit Limited) -> Editshare EMEA)
FirewallRules: [{FD239A9A-54ED-4A5D-9DAC-31A565CAECA0}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{45673D2D-8E18-4275-B534-6289E44581DF}] => (Allow) C:\Program Files\Lightworks\lightworks.exe (EditShare EMEA (X-Edit Limited) -> )
FirewallRules: [{55A21344-1469-46F1-8814-BA67AC1215CB}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F79F7A2E-F529-4326-92A9-7EABCBB1C3CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2DBE9983-C178-4B19-8734-EBC2BD462E6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B39F05E1-61C5-456F-94F3-1A53B82DC334}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{38020E5C-6E37-4BB6-8E05-9ADD2E8A361E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{106F9279-EDFC-4788-8A77-9D39F1C8F3F3}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E8564B0A-6577-4E4F-9FF6-75AC4E3B2812}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\FaxApplications.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{873FE458-5D0B-4B5C-B091-54C4049F4CB5}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\DigitalWizards.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{C4796236-A33A-4EF2-B645-A14D5C72B5D8}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\SendAFax.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{3544F2D9-F988-4072-AFEF-0EFA2F3BF798}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\bin\FaxPrinterUtility.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{F84FAA13-C062-4CAA-9773-30BCDA0159E7}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{9F4E804F-7C81-4BD2-95A8-88234487C6D0}] => (Allow) LPort=5357
FirewallRules: [{DA0AA772-0791-4130-A202-4573F19B4AA4}] => (Allow) C:\Program Files\HP\HP OfficeJet Pro 7740 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{B8A859AE-5BCD-41D9-87A3-C2AFCB35D312}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{44863F51-75E1-4EC5-AB6E-A64106B6DE6D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{6DD69726-3157-4C06-BEAA-84791EE46C87}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{514CCB3F-A7F3-4146-A875-9A049A6A4B7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4BE5F5D4-24B9-4870-BF2C-1E4B83D07E39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{33BE7AE3-DB37-40DC-867D-89D44A0E03CD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{8C61CEAD-1D95-44AB-95DA-0B711F02E7C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6D3DE3B7-CC04-4277-BA4F-0C343AC504EC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{4B1F437D-E45F-4699-91B2-99ED5DF0870F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{325A8EA2-BE7E-4585-AC22-7919C2659D12}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AEE5C9AB-35F1-4BA6-9661-A66073149388}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FB1B08AC-0596-4133-8B7F-0F1A98D7F85C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{77AFE5C0-40CB-43EC-A2BF-47F82AFAB4A3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9A9F39E5-B4A6-4C64-AAE7-568CCFAE6D47}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{318470BE-ED42-4E92-B0BA-C0A906B49FA9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{392885AA-60BA-4B3D-B1F7-4ECFDCEF7A15}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7EF6147C-EDA8-46CA-B48F-4CBDF7530F27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BD38ECA0-778F-417F-87A3-6314B238B897}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D54EFD42-95EE-46BA-8ABF-3618885565AA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.118.611.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)

==================== Restore Points =========================

24-10-2019 16:00:39 Windows Update
30-10-2019 11:50:28 Installed Accubid Estimating 7
02-11-2019 22:23:00 Removed Accubid Estimating 7
02-11-2019 22:37:09 Restore Operation

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/04/2019 08:24:23 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (11344,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

Error: (11/04/2019 08:23:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.5.35.47, time stamp: 0x5d3fb530
Faulting module name: ntdll.dll, version: 10.0.18362.418, time stamp: 0x99ca0526
Exception code: 0xc0000005
Fault offset: 0x0000000000007197
Faulting process id: 0x2524
Faulting application start time: 0x01d59240bd3ca9fd
Faulting application path: C:\WINDOWS\System32\SynTPEnh.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: ba85e24a-a053-4ea0-b6dd-5b9778045d5f
Faulting package full name:
Faulting package-relative application ID:

Error: (11/04/2019 08:22:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3437

Error: (11/04/2019 08:22:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3437

Error: (11/04/2019 08:22:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/04/2019 08:22:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1719

Error: (11/04/2019 08:22:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1719

Error: (11/04/2019 08:22:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (11/04/2019 06:52:16 PM) (Source: DCOM) (EventID: 10001) (User: LAPTOP-TPQUSEMR)
Description: Unable to start a DCOM Server: AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6!AD2F1837.HPPrinterControl.AppXvfte7t3xdx0ch134sw5a5v16mgycvehx.mca as Unavailable/Unavailable. The error:
"2147942402"
Happened while starting this command:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:AD2F1837.HPPrinterControl.AppXg27tfcrjvepe7p6m0w5zs7c77x5b4hhe.mca

Error: (11/03/2019 12:29:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hardlock service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Error: (11/03/2019 12:28:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AdobeActiveFileMonitor4.0 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (11/03/2019 12:28:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the AdobeActiveFileMonitor4.0 service to connect.

Error: (11/03/2019 12:28:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The RasMan service depends on the SstpSvc service which failed to start because of the following error:
The operation completed successfully.

Error: (11/03/2019 12:28:26 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.

Module Path: C:\WINDOWS\system32\IntelWifiIhv04.dll
Error Code: 21

Error: (11/03/2019 12:28:05 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \SystemRoot\SysWow64\Drivers\Parclass.sys

Error: (11/02/2019 11:45:42 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {924DC564-16A6-42EB-929A-9A61FA7DA06F} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================

Date: 2019-11-04 19:17:41.636
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-04 19:16:45.317
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-04 19:16:22.152
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-04 19:16:11.164
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-04 19:16:06.481
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-11-04 18:49:57.514
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-11-04 18:49:57.508
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

Date: 2019-11-04 18:49:57.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 19.0.0\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.52 03/04/2019
Motherboard: HP 832A
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 60%
Total physical RAM: 8108.91 MB
Available physical RAM: 3194.53 MB
Total Virtual: 9388.91 MB
Available Virtual: 3065.14 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:915.77 GB) (Free:785.42 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.51 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{e3aeec8e-2ae2-4541-b9ae-2c55d0d28ce0}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.35 GB) NTFS
\\?\Volume{d3139d5b-f6f6-403a-9150-f9838784c7bc}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: B7C546DE)

Partition: GPT.

==================== End of Addition.txt =======================

Attached Files


Edited by RKinner, 11 November 2019 - 08:44 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

#3
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 90.86 60 K 8 K 0
svchost.exe 3.92 11,688 K 16,820 K 2532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
explorer.exe 1.81 105,204 K 137,504 K 8460 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
procexp64.exe 0.93 41,256 K 75,664 K 7552 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
SynTPEnh.exe 0.62 9,124 K 16,500 K 12368 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
avpui.exe 0.41 83,792 K 15,068 K 10116 Kaspersky Anti-Virus AO Kaspersky Lab (Verified) Kaspersky Lab
Interrupts 0.29 0 K 0 K n/a Hardware Interrupts and DPCs
express.exe 0.26 95,088 K 80,900 K 10572 Garmin Express Garmin Ltd. or its subsidiaries (Verified) Garmin International, Inc.
System 0.23 208 K 1,172 K 4
dwm.exe 0.14 58,128 K 49,652 K 1384
svchost.exe 0.14 11,064 K 14,868 K 1248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Dropbox.exe 0.12 279,860 K 83,084 K 13596 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
csrss.exe 0.08 2,620 K 4,120 K 932
ctfmon.exe 0.06 10,584 K 11,568 K 9056
MBAMService.exe 0.04 242,044 K 141,428 K 5380 Malwarebytes Service Malwarebytes (Verified) Malwarebytes Corporation
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 0.03 11,836 K 30,752 K 8496 WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe 0.01 3,864 K 3,320 K 4056 MobileDeviceService Apple Inc. (Verified) Apple Inc.
avp.exe 0.01 382,768 K 136,492 K 3484 Kaspersky Anti-Virus AO Kaspersky Lab (Verified) Kaspersky Lab
dptf_helper.exe < 0.01 1,444 K 1,568 K 3148 Intel® Dynamic Platform and Thermal Framework Utility Application Intel Corporation (Verified) Intel Corporation
CCleaner64.exe < 0.01 14,148 K 20,556 K 10628
iPodService.exe < 0.01 2,584 K 2,732 K 10732 iPod Service Apple Inc. (Verified) Apple Inc.
ScanToPCActivationApp.exe < 0.01 4,900 K 8,184 K 10704 ScanToPCActivationApp HP Inc. (Verified) Hewlett Packard
WildTangentHelperService.exe < 0.01 5,952 K 8,156 K 4408 (Verified) WildTangent Inc
HPNETW~1.EXE < 0.01 4,076 K 8,988 K 14328 HPNetworkCommunicatorCom HP Inc. (Verified) Hewlett Packard
QtWebEngineProcess.exe < 0.01 93,096 K 15,804 K 8480 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
QtWebEngineProcess.exe < 0.01 48,368 K 20,564 K 8484 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
svchost.exe < 0.01 17,060 K 12,780 K 1896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe < 0.01 40,236 K 74,748 K 9376 (Verified) Microsoft Windows
HPMSGSVC.exe < 0.01 2,276 K 3,568 K 13760 HP Message Service HP Inc. (Verified) HP Inc.
CefSharp.BrowserSubprocess.exe < 0.01 66,472 K 4,332 K 13956 CefSharp.BrowserSubprocess The CefSharp Authors (No signature was present in the subject) The CefSharp Authors
svchost.exe < 0.01 8,508 K 8,480 K 4336 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Dropbox.exe < 0.01 4,084 K 3,112 K 13688 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
WmiPrvSE.exe < 0.01 20,224 K 19,320 K 7892
svchost.exe < 0.01 11,908 K 15,352 K 6344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ksde.exe < 0.01 28,472 K 13,148 K 7000 Kaspersky Secure Connection AO Kaspersky Lab (Verified) Kaspersky Lab
OfficeClickToRun.exe < 0.01 49,056 K 38,372 K 14836 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
iTunesHelper.exe < 0.01 4,812 K 5,616 K 13220 iTunesHelper Apple Inc. (Verified) Apple Inc.
dasHost.exe < 0.01 10,120 K 14,288 K 2864
svchost.exe < 0.01 11,324 K 16,456 K 4236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,016 K 2,516 K 824
svchost.exe < 0.01 3,112 K 9,912 K 3696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ZeroConfigService.exe 4,644 K 4,416 K 4496 Intel® PROSet/Wireless Zero Configure Service Intel® Corporation (Verified) Intel Corporation
YourPhone.exe Suspended 11,804 K 2,088 K 17924 (No signature was present in the subject)
WUDFHost.exe 4,244 K 6,908 K 1080
WmiPrvSE.exe 2,508 K 8,448 K 18736
WmiPrvSE.exe 2,900 K 8,852 K 19812
WmiPrvSE.exe 4,436 K 7,608 K 18720
WmiPrvSE.exe 4,308 K 10,204 K 1048
WinStore.App.exe Suspended 42,956 K 648 K 20396 Store Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
winlogon.exe 2,752 K 2,640 K 1000
wininit.exe 1,544 K 1,308 K 920
Video.UI.exe Suspended 21,512 K 6,244 K 3376 (No signature was present in the subject)
unsecapp.exe 1,636 K 2,244 K 7812
unsecapp.exe 1,852 K 4,432 K 14212 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 9,220 K 14,536 K 8812 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe 8,356 K 19,428 K 12020
SystemSettings.exe Suspended 22,396 K 600 K 11136 Settings Microsoft Corporation (Verified) Microsoft Windows
SynTPEnhService.exe 3,544 K 3,172 K 2388 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe 105,616 K 99,120 K 2856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 22,784 K 34,260 K 2832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,896 K 6,032 K 2656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,836 K 15,084 K 9964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,776 K 4,356 K 3564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,836 K 3,732 K 3400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 17,100 K 23,788 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,116 K 2,476 K 3924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,572 K 9,068 K 1220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,488 K 3,960 K 8000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,728 K 3,560 K 1308 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,644 K 1,892 K 1468 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,960 K 29,376 K 8472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,552 K 7,772 K 3612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 7,080 K 10,140 K 1872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,672 K 17,744 K 10800 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,008 K 10,728 K 16024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,264 K 3,840 K 1328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,912 K 2,572 K 3312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,936 K 4,220 K 14704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,944 K 7,080 K 13260 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,100 K 6,364 K 2324 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,520 K 15,360 K 8652 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,952 K 5,164 K 9676 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,132 K 7,536 K 2312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,904 K 1,560 K 8932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,436 K 19,284 K 8376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,124 K 3,352 K 1988 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 24,436 K 21,660 K 3644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,948 K 6,152 K 8168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,712 K 3,716 K 2148 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,672 K 4,744 K 2496 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,792 K 5,260 K 1772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,056 K 4,428 K 3320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,460 K 10,052 K 2236 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,148 K 13,640 K 4480 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,972 K 5,252 K 964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,916 K 9,612 K 3808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,564 K 6,144 K 2712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,060 K 4,368 K 2084 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,628 K 5,244 K 19340 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,352 K 3,336 K 6400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,712 K 2,792 K 6332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,304 K 4,616 K 2792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,112 K 3,252 K 1576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,460 K 9,884 K 4616 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,852 K 3,792 K 5984 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,848 K 7,032 K 5388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,264 K 2,920 K 3636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,184 K 4,508 K 4696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,352 K 1,104 K 4400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,632 K 2,212 K 4708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,712 K 1,280 K 4064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,656 K 14,896 K 3432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,804 K 2,704 K 4128 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,328 K 4,904 K 2936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,972 K 2,324 K 2928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,320 K 1,424 K 2848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,624 K 1,180 K 2560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,992 K 4,328 K 1548 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,244 K 4,580 K 1788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,216 K 3,380 K 1944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,928 K 6,212 K 1972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 980 K 856 K 1040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,956 K 1,948 K 1532 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,852 K 3,900 K 16312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 69,812 K 30,676 K 14400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,748 K 14,968 K 3180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,528 K 11,192 K 3212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,964 K 14,952 K 11288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,524 K 2,764 K 15644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 2,288 K 5,180 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,736 K 5,832 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,600 K 9,840 K 17036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 18,680 K 24,284 K 3764 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 1,532 K 440 K 616
smartscreen.exe 19,616 K 27,812 K 6576 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
SkypeBackgroundHost.exe Suspended 1,840 K 332 K 12776 Microsoft Skype Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
SkypeApp.exe Suspended 124,024 K 29,424 K 14572 SkypeApp Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sihost.exe 9,868 K 25,308 K 8332 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
ShellExperienceHost.exe Suspended 20,436 K 50,664 K 1204 Windows Shell Experience Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe 3,708 K 4,096 K 1812 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SettingSyncHost.exe 53,256 K 13,612 K 11972 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe 6,924 K 6,860 K 740
SecurityHealthSystray.exe 2,024 K 3,304 K 12804 Windows Security notification icon Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe 4,872 K 10,056 K 1180 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 100,760 K 124,568 K 3360 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 38,660 K 35,040 K 17368 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 9,992 K 25,988 K 14940 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 41,532 K 36,860 K 10492 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 6,088 K 17,444 K 14316 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 5,688 K 18,820 K 11596 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,016 K 17,940 K 8976 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 7,176 K 22,840 K 15628 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 1,860 K 6,392 K 16608 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,564 K 11,568 K 17452 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 8,756 K 17,308 K 12560 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 3,980 K 13,656 K 8660 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 2,100 K 5,608 K 7124 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe 10,588 K 14,144 K 12068 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe 2,504 K 2,132 K 12380 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 4,580 K 4,612 K 13108 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkAudioService64.exe 2,036 K 3,416 K 3124 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RegSrvc.exe 2,240 K 2,268 K 4288 Intel® PROSet/Wireless Registry Service Intel® Corporation (Verified) Intel Corporation
Registry 12,180 K 61,640 K 120
QtWebEngineProcess.exe 50,804 K 10,264 K 13612 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
procexp.exe 3,780 K 11,360 K 10400 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 24,760 K 2,488 K 8464 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
OneDrive.exe 16,860 K 23,000 K 12508 Microsoft OneDrive Microsoft Corporation (Verified) Microsoft Corporation
NavService.exe 2,812 K 4,344 K 13428 (Verified) NAVIONICS S.P.A.
MicrosoftEdgeSH.exe Suspended 4,548 K 8,360 K 14792 Microsoft Edge Web Platform Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe Suspended 6,512 K 15,784 K 7480 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdge.exe Suspended 26,144 K 37,980 K 11076 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
Microsoft.Photos.exe Suspended 53,424 K 23,792 K 2248 (No signature was present in the subject)
Memory Compression 1,172 K 476,804 K 2948
mDNSResponder.exe 2,316 K 3,052 K 3300 Bonjour Service Apple Inc. (Verified) Apple Inc.
mbamtray.exe 22,100 K 12,788 K 5592 Malwarebytes Tray Application Malwarebytes (Verified) Malwarebytes Inc
lsass.exe 9,128 K 15,088 K 760 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
LMS.exe 4,256 K 3,148 K 1196 Intel® Local Management Service Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
ksdeui.exe 59,232 K 632 K 10124 Kaspersky Secure Connection AO Kaspersky Lab (Verified) Kaspersky Lab
jhi_service.exe 1,916 K 1,380 K 7404 Intel® Dynamic Application Loader Host Interface Intel Corporation (Verified) Intel® Embedded Subsystems and IP Blocks Group
IntuitUpdateService.exe 24,000 K 2,664 K 2000 Intuit Update Service Intuit Inc. (Verified) Intuit, Inc.
IntelCpHeciSvc.exe 1,568 K 1,848 K 4844 IntelCpHeciSvc Executable Intel Corporation (Verified) Intel® pGFX
IntelCpHDCPSvc.exe 1,624 K 1,848 K 4080 Intel HD Graphics Drivers for Windows® Intel Corporation (Verified) Intel® pGFX
igfxEM.exe 9,752 K 15,524 K 9312 igfxEM Module Intel Corporation (Verified) Intel® pGFX
igfxCUIService.exe 2,112 K 1,908 K 2176 igfxCUIService Module Intel Corporation (Verified) Intel® pGFX
ibtsiva.exe 1,248 K 2,104 K 4116 Intel® Wireless Bluetooth® iBtSiva Service Intel Corporation (Verified) Intel® Wireless Connectivity Solutions
HPWMISVC.exe 1,852 K 3,868 K 4168 HP WMI Service HP Inc. (Verified) HP Inc.
HPSupportSolutionsFrameworkService.exe 62,172 K 31,308 K 1120 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 2,872 K 7,384 K 10620 HP CASL Framework Service HP (Verified) Hewlett-Packard Company
HPJumpStartLaunch.exe 4,472 K 772 K 8752
HPJumpStartBridge.exe 22,236 K 5,172 K 8108 HP JumpStart Bridge HP Inc. (Verified) HP Inc.
HPCommRecovery.exe 17,780 K 7,000 K 5112 CommRecovery HP Inc. (Verified) HP Inc.
HPAudioSwitch.exe 39,652 K 8,940 K 4180 HPAudioSwitch HP Inc. (Verified) HP Inc.
GameBarFT.exe 2,888 K 12,636 K 18460 (No signature was present in the subject)
GameBar.exe 20,068 K 34,432 K 11492 (No signature was present in the subject)
fontdrvhost.exe 4,044 K 5,944 K 1064
fontdrvhost.exe 1,864 K 676 K 1072
Fitbit.exe Suspended 56,312 K 544 K 10036 Fitbit (No signature was present in the subject) 
EXCEL.EXE 141,532 K 72,876 K 4296 Microsoft Excel Microsoft Corporation (Verified) Microsoft Corporation
EvtEng.exe 5,372 K 4,008 K 3120 Intel® PROSet/Wireless Event Log Service Intel® Corporation (Verified) Intel Corporation
esif_uf.exe 1,788 K 1,612 K 3292 Intel® Dynamic Platform and Thermal Framework Intel Corporation (Verified) Intel Corporation
DropboxUpdate.exe 2,728 K 3,720 K 3428
Dropbox.exe 2,572 K 2,372 K 13648 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe 2,000 K 11,748 K 19980 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe 4,136 K 4,908 K 6200
dllhost.exe 3,924 K 12,004 K 16748 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe 2,552 K 1,312 K 3092 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
CompPkgSrv.exe 1,932 K 4,580 K 7652 Component Package Support Server Microsoft Corporation (Verified) Microsoft Windows
browser_broker.exe 1,788 K 6,044 K 11508 Browser_Broker Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 21,304 K 28,968 K 11200
armsvc.exe 1,492 K 1,732 K 4048 Adobe Acrobat Update Service Adobe Systems (Verified) Adobe Inc.
AppVShNotify.exe 1,840 K 2,048 K 14916
AppVShNotify.exe 2,056 K 2,496 K 9484 AppVShNotify Microsoft Corporation (Verified) Microsoft Corporation
ApplicationFrameHost.exe 26,992 K 27,576 K 9860 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
apdproxy.exe 2,288 K 2,020 K 13520 Adobe Photo Downloader component Adobe Systems Incorporated (No signature was present in the subject) Adobe Systems Incorporated

  • 0

#4
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
 
Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                       120 N/A                                         
smss.exe                       616 N/A                                         
csrss.exe                      824 N/A                                         
wininit.exe                    920 N/A                                         
csrss.exe                      932 N/A                                         
winlogon.exe                  1000 N/A                                         
services.exe                   740 N/A                                         
lsass.exe                      760 KeyIso, SamSs, VaultSvc                     
svchost.exe                   1040 PlugPlay                                    
fontdrvhost.exe               1064 N/A                                         
fontdrvhost.exe               1072 N/A                                         
WUDFHost.exe                  1080 N/A                                         
svchost.exe                   1164 BrokerInfrastructure, DcomLaunch, Power,    
                                   SystemEventsBroker                          
svchost.exe                   1248 RpcEptMapper, RpcSs                         
svchost.exe                   1308 LSM                                         
dwm.exe                       1384 N/A                                         
svchost.exe                   1468 CoreMessagingRegistrar                      
svchost.exe                   1532 BTAGService                                 
svchost.exe                   1548 BthAvctpSvc                                 
svchost.exe                   1576 bthserv                                     
svchost.exe                   1772 NcbService                                  
svchost.exe                   1788 TimeBrokerSvc                               
svchost.exe                   1872 Schedule                                    
svchost.exe                   1896 EventLog                                    
svchost.exe                   1944 DisplayEnhancementService                   
svchost.exe                   1972 ProfSvc                                     
svchost.exe                   1988 EventSystem                                 
svchost.exe                   1328 nsi                                         
svchost.exe                   2084 SENS                                        
svchost.exe                   2148 Dhcp                                        
igfxCUIService.exe            2176 igfxCUIService2.0.0.0                       
svchost.exe                   2236 lfsvc                                       
svchost.exe                   2312 NlaSvc                                      
svchost.exe                   2324 UserManager                                 
SynTPEnhService.exe           2388 SynTPEnhService                             
svchost.exe                   2496 Dnscache                                    
svchost.exe                   2560 DispBrokerDesktopSvc                        
svchost.exe                   2656 netprofm                                    
svchost.exe                   2712 camsvc                                      
svchost.exe                   2792 DeviceAssociationService                    
svchost.exe                   2848 Themes                                      
svchost.exe                   2856 SysMain                                     
dasHost.exe                   2864 N/A                                         
svchost.exe                   2928 AudioEndpointBuilder                        
svchost.exe                   2936 FontCache                                   
Memory Compression            2948 N/A                                         
svchost.exe                   2532 StateRepository                             
svchost.exe                   1220 Audiosrv                                    
RtkAudioService64.exe         3124 RtkAudioService                             
svchost.exe                   3312 DusmSvc                                     
svchost.exe                   3320 Wcmsvc                                      
svchost.exe                   3400 WinHttpAutoProxySvc                         
svchost.exe                   3564 SSDPSRV                                     
svchost.exe                   3612 WlanSvc                                     
svchost.exe                   3696 ShellHWDetection                            
spoolsv.exe                   3764 Spooler                                     
svchost.exe                   3808 BFE, mpssvc                                 
svchost.exe                   3924 LanmanWorkstation                           
armsvc.exe                    4048 AdobeARMservice                             
AppleMobileDeviceService.     4056 Apple Mobile Device Service                 
svchost.exe                   4064 fdPHost                                     
IntelCpHDCPSvc.exe            4080 cplspcon                                    
DbxSvc.exe                    3092 DbxSvc                                      
EvtEng.exe                    3120 EvtEng                                      
svchost.exe                   2832 DiagTrack                                   
esif_uf.exe                   3292 esifsvc                                     
mDNSResponder.exe             3300 Bonjour Service                             
svchost.exe                   3432 CryptSvc                                    
svchost.exe                   3644 DPS                                         
svchost.exe                   3636 AppHostSvc                                  
avp.exe                       3484 AVP19.0.0                                   
ibtsiva.exe                   4116 ibtsiva                                     
svchost.exe                   4128 IKEEXT                                      
HPWMISVC.exe                  4168 HPWMISVC                                    
svchost.exe                   4236 Winmgmt                                     
RegSrvc.exe                   4288 RegSrvc                                     
svchost.exe                   4336 stisvc                                      
svchost.exe                   4400 TrkWks                                      
WildTangentHelperService.     4408 WildTangentHelper                           
svchost.exe                   4480 WpnService                                  
ZeroConfigService.exe         4496 ZeroConfigService                           
svchost.exe                   4696 FDResPub                                    
svchost.exe                   4708 WdiServiceHost                              
IntelCpHeciSvc.exe            4844 cphs                                        
MBAMService.exe               5380 MBAMService                                 
svchost.exe                   5388 iphlpsvc                                    
svchost.exe                   5984 PolicyAgent                                 
dllhost.exe                   6200 N/A                                         
svchost.exe                   6332 NgcSvc                                      
svchost.exe                   6400 NgcCtnrSvc                                  
unsecapp.exe                  7812 N/A                                         
WmiPrvSE.exe                  7892 N/A                                         
svchost.exe                   8000 LanmanServer                                
svchost.exe                   4616 CDPSvc                                      
HPCommRecovery.exe            5112 HP Comm Recover                             
DropboxUpdate.exe             3428 N/A                                         
HPJumpStartBridge.exe         8108 HPJumpStartBridge                           
HPSupportSolutionsFramewo     1120 HPSupportSolutionsFrameworkService          
IntuitUpdateService.exe       2000 IntuitUpdateServiceV4                       
jhi_service.exe               7404 jhi_service                                 
ksde.exe                      7000 KSDE3.0.0                                   
LMS.exe                       1196 LMS                                         
SgrmBroker.exe                1812 SgrmBroker                                  
svchost.exe                   3212 UsoSvc                                      
svchost.exe                    964 wscsvc                                      
svchost.exe                   3180 InstallService                              
svchost.exe                   8168 StorSvc                                     
SecurityHealthService.exe     1180 SecurityHealthService                       
dptf_helper.exe               3148 N/A                                         
mbamtray.exe                  5592 N/A                                         
sihost.exe                    8332 N/A                                         
svchost.exe                   8376 CDPUserSvc_2e8dc1                           
PresentationFontCache.exe     8464 FontCache3.0.0.0                            
svchost.exe                   8472 WpnUserService_2e8dc1                       
svchost.exe                   8652 TokenBroker                                 
HPJumpStartLaunch.exe         8752 N/A                                         
taskhostw.exe                 8812 N/A                                         
svchost.exe                   8932 TabletInputService                          
ctfmon.exe                    9056 N/A                                         
explorer.exe                  8460 N/A                                         
igfxEM.exe                    9312 N/A                                         
svchost.exe                   9676 Appinfo                                     
svchost.exe                   9964 cbdhsvc_2e8dc1                              
avpui.exe                    10116 N/A                                         
ksdeui.exe                   10124 N/A                                         
StartMenuExperienceHost.e     9376 N/A                                         
RuntimeBroker.exe             8976 N/A                                         
RuntimeBroker.exe            10492 N/A                                         
svchost.exe                  10800 LicenseManager                              
ApplicationFrameHost.exe      9860 N/A                                         
Fitbit.exe                   10036 N/A                                         
RuntimeBroker.exe            12068 N/A                                         
SettingSyncHost.exe          11972 N/A                                         
RuntimeBroker.exe            12560 N/A                                         
SecurityHealthSystray.exe    12804 N/A                                         
RtkNGUI64.exe                13108 N/A                                         
iTunesHelper.exe             13220 N/A                                         
svchost.exe                  13260 PcaSvc                                      
OneDrive.exe                 12508 N/A                                         
SearchUI.exe                  3360 N/A                                         
express.exe                  10572 N/A                                         
CCleaner64.exe               10628 N/A                                         
ScanToPCActivationApp.exe    10704 N/A                                         
iPodService.exe              10732 iPod Service                                
NavService.exe               13428 N/A                                         
apdproxy.exe                 13520 N/A                                         
Dropbox.exe                  13596 N/A                                         
Dropbox.exe                  13648 N/A                                         
Dropbox.exe                  13688 N/A                                         
HPMSGSVC.exe                 13760 N/A                                         
CefSharp.BrowserSubproces    13956 N/A                                         
unsecapp.exe                 14212 N/A                                         
HPNETW~1.EXE                 14328 N/A                                         
HPAudioSwitch.exe             4180 N/A                                         
ShellExperienceHost.exe       1204 N/A                                         
RuntimeBroker.exe            14316 N/A                                         
QtWebEngineProcess.exe        8480 N/A                                         
QtWebEngineProcess.exe        8484 N/A                                         
QtWebEngineProcess.exe       13612 N/A                                         
svchost.exe                  11288 OneSyncSvc_2e8dc1,                          
                                   PimIndexMaintenanceSvc_2e8dc1,              
                                   UnistoreSvc_2e8dc1, UserDataSvc_2e8dc1      
svchost.exe                  16312 PrintWorkflowUserSvc_2e8dc1                 
svchost.exe                  14704 WbioSrvc                                    
Video.UI.exe                  3376 N/A                                         
RuntimeBroker.exe             7124 N/A                                         
svchost.exe                   6344 BITS                                        
CompPkgSrv.exe                7652 N/A                                         
RuntimeBroker.exe             8660 N/A                                         
rundll32.exe                 12380 N/A                                         
svchost.exe                  14400 wuauserv                                    
svchost.exe                  15644 DsSvc                                       
svchost.exe                  16024 DoSvc                                       
OfficeClickToRun.exe         14836 ClickToRunSvc                               
AppVShNotify.exe             14916 N/A                                         
AppVShNotify.exe              9484 N/A                                         
SearchIndexer.exe            17368 WSearch                                     
smartscreen.exe               6576 N/A                                         
MicrosoftEdge.exe            11076 N/A                                         
browser_broker.exe           11508 N/A                                         
MicrosoftEdgeSH.exe          14792 N/A                                         
MicrosoftEdgeCP.exe           7480 N/A                                         
WindowsInternal.Composabl     8496 N/A                                         
SystemSettings.exe           11136 N/A                                         
taskhostw.exe                12020 N/A                                         
SynTPEnh.exe                 12368 N/A                                         
GameBar.exe                  11492 N/A                                         
RuntimeBroker.exe            17452 N/A                                         
GameBarFT.exe                18460 N/A                                         
WmiPrvSE.exe                 18720 N/A                                         
hpqwmiex.exe                 10620 hpqcaslwmiex                                
svchost.exe                   1272 QWAVE                                       
EXCEL.EXE                     4296 N/A                                         
SkypeApp.exe                 14572 N/A                                         
RuntimeBroker.exe            11596 N/A                                         
SkypeBackgroundHost.exe      12776 N/A                                         
Microsoft.Photos.exe          2248 N/A                                         
RuntimeBroker.exe            14940 N/A                                         
svchost.exe                  19340 WdiSystemHost                               
svchost.exe                   1396 lmhosts                                     
YourPhone.exe                17924 N/A                                         
RuntimeBroker.exe            16608 N/A                                         
dllhost.exe                  19980 N/A                                         
WmiPrvSE.exe                  1048 N/A                                         
WinStore.App.exe             20396 N/A                                         
RuntimeBroker.exe            15628 N/A                                         
dllhost.exe                  16748 N/A                                         
audiodg.exe                  11200 N/A                                         
WmiPrvSE.exe                 18736 N/A                                         
chrome.exe                    5636 N/A                                         
chrome.exe                   17852 N/A                                         
chrome.exe                   20404 N/A                                         
chrome.exe                   17548 N/A                                         
chrome.exe                   20424 N/A                                         
chrome.exe                    3000 N/A                                         
chrome.exe                   18372 N/A                                         
chrome.exe                   20036 N/A                                         
chrome.exe                   10576 N/A                                         
chrome.exe                   19316 N/A                                         
chrome.exe                    1096 N/A                                         
chrome.exe                   14652 N/A                                         
chrome.exe                   18200 N/A                                         
chrome.exe                    6156 N/A                                         
chrome.exe                    6584 N/A                                         
chrome.exe                    8680 N/A                                         
chrome.exe                    9184 N/A                                         
chrome.exe                    2576 N/A                                         
chrome.exe                   16412 N/A                                         
chrome.exe                    4796 N/A                                         
chrome.exe                   15744 N/A                                         
chrome.exe                   18824 N/A                                         
chrome.exe                   16380 N/A                                         
chrome.exe                    7336 N/A                                         
chrome.exe                    2520 N/A                                         
chrome.exe                     928 N/A                                         
chrome.exe                    9440 N/A                                         
chrome.exe                   11876 N/A                                         
chrome.exe                   20292 N/A                                         
chrome.exe                    7848 N/A                                         
WmiPrvSE.exe                 10144 N/A                                         
Taskmgr.exe                   9192 N/A                                         
cmd.exe                       5408 N/A                                         
conhost.exe                  11504 N/A                                         
svchost.exe                   5564 wlidsvc                                     
powershell.exe               19768 N/A                                         
conhost.exe                  11004 N/A                                         
usocoreworker.exe            13156 N/A                                         
svchost.exe                  17812 WaaSMedicSvc                                
svchost.exe                  19512 wisvc                                       
svchost.exe                   2456 gpsvc                                       
svchost.exe                  19200 ClipSVC                                     
tasklist.exe                  7624 N/A    

  • 0

#5
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Here is the Speccy file log.

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Uninstall Bonjour.  It's not happy.

 

Open an elevated command prompt:

http://www.howtogeek...-in-windows-10/
http://www.eightforu...indows-8-a.html

(If you open an elevated Command Prompt properly it will say Administrator: Command Prompt in the margin at the top of the window)


Once you have an elevated command prompt:

 

Type:

mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer

hit Enter.  Type:

mkdir  C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database


Type:

 DISM  /Online  /Cleanup-Image  /RestoreHealth


 (I use two spaces so you can be sure to see where one space goes.)
Hit Enter.  This will take a while (10-20 minutes) to complete.  Once the prompt returns:

Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):

sfc  /scannow




This will also take a few minutes.  

When it finishes it will say one of the following:

Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)

If you get the last result then type:
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  %UserProfile%\desktop\junk.txt


Hit Enter.  Then type::
 

notepad  %UserProfile%\desktop\junk.txt


Hit Enter.

 Copy the text from notepad and paste it into a reply.


After you finish SFC, regardless of the result:



1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

 

Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.


  • 0

#7
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Here are the logs for VEW

Attached Files


  • 0

#8
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates. 
LatencyMon has been analyzing your system for  0:00:27  (h:mm:ss) on all processors.
 
 
_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LAPTOP-TPQUSEMR
OS version:                                           Windows 10 , 10.0, version 1903, build: 18362 (x64)
Hardware:                                             HP Laptop 15-bs1xx, HP, 832A
CPU:                                                  GenuineIntel Intel® Core™ i5-8250U CPU @ 1.60GHz
Logical processors:                                   8
Processor groups:                                     1
RAM:                                                  8108 MB total
 
 
_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   180 MHz
 
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
 
WARNING: the CPU speed that was measured is only a fraction of the CPU speed reported. Your CPUs may be throttled back due to variable speed settings and thermal issues. It is suggested that you run a utility which reports your actual CPU frequency and temperature. 
 
 
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
 
Highest measured interrupt to process latency (µs):   1828.10
Average measured interrupt to process latency (µs):   11.068988
 
Highest measured interrupt to DPC latency (µs):       1824.70
Average measured interrupt to DPC latency (µs):       2.727831
 
 
_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
 
Highest ISR routine execution time (µs):              158.156667
Driver with highest ISR routine execution time:       Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Highest reported total ISR routine time (%):          0.004478
Driver with highest ISR total time:                   Wdf01000.sys - Kernel Mode Driver Framework Runtime, Microsoft Corporation
 
Total time spent in ISRs (%)                          0.004803
 
ISR count (execution time <250 µs):                   375
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
 
Highest DPC routine execution time (µs):              302.5950
Driver with highest DPC routine execution time:       tcpip.sys - TCP/IP Driver, Microsoft Corporation
 
Highest reported total DPC routine time (%):          0.036341
Driver with highest DPC total execution time:         rspLLL64.sys - Resplendence Latency Monitoring and Auxiliary Kernel Library, Resplendence Software Projects Sp.
 
Total time spent in DPCs (%)                          0.059117
 
DPC count (execution time <250 µs):                   27559
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                4
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0
 
 
_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
 
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
 
Process with highest pagefault count:                 compattelrunner.exe
 
Total number of hard pagefaults                       168
Hard pagefault count of hardest hit process:          153
Number of processes hit:                              6
 
 
_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       0.693508
CPU 0 ISR highest execution time (µs):                158.156667
CPU 0 ISR total execution time (s):                   0.010386
CPU 0 ISR count:                                      375
CPU 0 DPC highest execution time (µs):                302.5950
CPU 0 DPC total execution time (s):                   0.109578
CPU 0 DPC count:                                      26150
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       1.185865
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                92.841111
CPU 1 DPC total execution time (s):                   0.001998
CPU 1 DPC count:                                      143
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.579874
CPU 2 ISR highest execution time (µs):                0.0
CPU 2 ISR total execution time (s):                   0.0
CPU 2 ISR count:                                      0
CPU 2 DPC highest execution time (µs):                300.019444
CPU 2 DPC total execution time (s):                   0.006470
CPU 2 DPC count:                                      397
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.564053
CPU 3 ISR highest execution time (µs):                0.0
CPU 3 ISR total execution time (s):                   0.0
CPU 3 ISR count:                                      0
CPU 3 DPC highest execution time (µs):                222.186111
CPU 3 DPC total execution time (s):                   0.000682
CPU 3 DPC count:                                      33
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       0.683954
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                165.850
CPU 4 DPC total execution time (s):                   0.008038
CPU 4 DPC count:                                      746
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       1.154285
CPU 5 ISR highest execution time (µs):                0.0
CPU 5 ISR total execution time (s):                   0.0
CPU 5 ISR count:                                      0
CPU 5 DPC highest execution time (µs):                54.235556
CPU 5 DPC total execution time (s):                   0.000653
CPU 5 DPC count:                                      57
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       1.035727
CPU 6 ISR highest execution time (µs):                0.0
CPU 6 ISR total execution time (s):                   0.0
CPU 6 ISR count:                                      0
CPU 6 DPC highest execution time (µs):                73.583333
CPU 6 DPC total execution time (s):                   0.000343
CPU 6 DPC count:                                      28
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       1.314012
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                22.5650
CPU 7 DPC total execution time (s):                   0.000076
CPU 7 DPC count:                                      9
_________________________________________________________________________________________________________

  • 0

#9
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

Please uninstall Bonjour.  It is not working.

 

Also you have something called Accubid Data which uses a Hardlock.sys service which is not working.  I do not see it in the Installed Programs list.  Do you know how to uninstall it?

I can remove it using a fixlist if you want.

 

When you ran DISM did it complete without errors?

 

Rerun Latency Monitor as before then click on the Processes tab.  Click on the Hard PageFault column header once or twice to get the processes with pagefaults at the top then either tell me what processes are causing pagefaults or use the snipping tool to make a screen shot:

 

https://support.micr...ure-screenshots

 

Save As a jpg or the Forum software won't let you attach it.


  • 0

#10
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

I have deleted Bonjour.

I tried to install Accubid, but when I tried to complete the install it would not complete.  I tried to uninstall. I don't see the files anywhere to uninstall.  (In all honesty, when I tried toe install Accubid and the security device (a hardware dongle) that is when I started having all of the issues with the computer)

 

When I ran the DSIM and the scan, it said that there were no issues....


  • 0

#11
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Pagefaults

Attached Files


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,906 posts
  • MVP

If you do not pay for Microsoft Office Click to Run, please uninstall it.

 

Adobe Photoshop Elements 4.0 is not working.  Either just uninstall it if you don't need it or reinstall if you do.

 

I would uninstall Garmin Express.  It's not something you use everyday so I don't see the point of loading the system down with it.  It's not a big deal to reinstall when you need to update.

 

Do you really need Navionics charts loaded at startup?

 

Let's get rid of Accubid and its friends:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   2.44KB   1 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.

 

Rerun Latency Monitor.  Make sure it only runs for 20-25 seconds before you hit the stop (red square).  Make a new screen shot and attach it.

 


 

 


  • 0

#13
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

If you do not pay for Microsoft Office Click to Run, please uninstall it. - I do not use this, but really don't know what it is, or where it is.

 

Adobe Photoshop Elements 4.0 is not working.  Either just uninstall it if you don't need it or reinstall if you do.  Uninstalled.

 

I would uninstall Garmin Express.  It's not something you use everyday so I don't see the point of loading the system down with it.  It's not a big deal to reinstall when you need to update. Uninstalled.

 

Do you really need Navionics charts loaded at startup?  I do not need this at startup, but don't know how to stop it from loading at startup. 

 

I will run the other programs as indicated.


  • 0

#14
sroney

sroney

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts

Here are the two latest logs.

Attached Files


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP