Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Really slow laptop


  • Please log in to reply

#1
BobScott49

BobScott49

    Member

  • Member
  • PipPip
  • 61 posts

Hi

 

My laptop is less than a year old has become very slow.  For instance it takes ages to boot up, also is very slow when I try to do something e.g. If I want to copy and paste something from, lets say a webpage, I highlight what I want to copy which in itself can take several seconds before the highlight appears and then when I right click it can take up to 20 to 30 seconds before anything happens and the copy box appears.  I have run the FRST as instructed and copied it plus the additional text below.

 

Many thanks

 

Bob

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-12-2019
Ran by Bob Scott (administrator) on RS-140429774-01 (HP HP Laptop 15-db0xxx) (23-12-2019 17:28:56)
Running from C:\Users\Bob Scott\Desktop
Loaded Profiles: Bob Scott (Available Profiles: Bob Scott)
Platform: Windows 10 Home Version 1903 18362.535 (X64) Language: English (United Kingdom)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334924.inf_amd64_05abf00239dfc53b\B334881\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\c0334924.inf_amd64_05abf00239dfc53b\B334881\atiesrxx.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Canon Inc. -> Canon INC.) C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe
(Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Digital Wave Ltd -> Digital Wave Ltd) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\87.4.138\QtWebEngineProcess.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Guardware Ltd. -> Guardware Ltd) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe
(Guardware Ltd. -> Guardware Ltd.) C:\Program Files (x86)\Guardware\Integrity Management\GWW.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_19_7\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.2.117.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20356.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CastSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed] C:\Windows\SysWOW64\nlssrv32.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Secunia -> Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg_Session] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1506168 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobePSE17AutoAnalyzer] => C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe [3058696 2018-08-30] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9277520 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-02-23] (Realtek Semiconductor Corp. -> Realtek)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709160 2018-05-22] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [6268224 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1814848 2019-07-25] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\Run: [Amazon Photos] => C:\Users\Bob Scott\AppData\Local\Amazon Drive\AmazonPhotos.exe [9232552 2019-11-12] (Amazon Services LLC -> Amazon.com Inc.)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30868464 2019-11-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [807936 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2019-09-13]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia -> Secunia)
Startup: C:\Users\Bob Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2019-07-06]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon Inc. -> Canon INC.)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {010DC41D-C102-4589-BCE9-BCA77E9AD217} - System32\Tasks\AdobeAAMUpdater-1.0-RS-140429774-01-Bob Scott => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {05BAE5FF-D17A-413B-BD0B-DF7D213516B8} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2872400 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {06D65E62-A42C-4411-84A5-CDC377FF258B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-11-21] (Garmin International, Inc. -> )
Task: {0C35CBA6-7395-4948-A3C5-E706BA44C669} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {109B7335-D075-4AC1-8A46-2066D6669DC8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe
Task: {1A9E6804-7F1F-405C-82FE-109BD4BA7274} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [69512 2018-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {28080112-D040-4B52-841F-39DC9C8AF521} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2019-12-12] (McAfee, Inc. -> McAfee, LLC.)
Task: {3CC3F966-A1B4-4F3F-AB04-2F3A3DE8527E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.)
Task: {43567BB9-7962-4337-B1A3-4594FBC2E777} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {46A584C7-4C3D-492A-812D-79DA703D0B23} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24671608 2019-12-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {4E62E2C4-38A0-4D3B-8C64-C0EB5A3CC306} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {52597AF1-A2FE-457E-9E66-0E62DBA03AEE} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5447552C-0DDA-4080-B35B-4B5E19FD6372} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [112984 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {56AB627C-12D8-4DF6-852E-715A99518EB6} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.111\DADUpdater.exe [4145800 2019-11-15] (McAfee, Inc. -> McAfee, Inc.)
Task: {60E532B8-32D5-436F-A58A-5296BEF96140} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {6556E102-F480-43CB-8451-9365905856C2} - System32\Tasks\{4883A0DE-9902-705E-B636-6DDF05F40033}\gorika => C:\Users\BOBSCO~1\AppData\Local\4883A0~1\gorika.exe
Task: {6961D7FD-8173-44F5-85BE-B51E592849A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {6974DC85-BE2C-43AC-9AD2-921FE95D0559} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040688 2019-09-10] (McAfee, LLC. -> McAfee, LLC.)
Task: {77A59A9F-B281-4917-B0DB-6EE2044F06CD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe
Task: {7E8D82AB-F0D4-4C8F-9C0C-B1DD0E35D60F} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [49544 2018-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8EED8701-E99C-441E-A881-C0C2BE24FE07} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {951EAE93-59D0-4DAC-8CF8-645D7C9CB48D} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1040688 2019-09-10] (McAfee, LLC. -> McAfee, LLC.)
Task: {A5259394-026A-4B26-B467-05CC1C5E4935} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {BA118E3F-6FEC-4F80-88B6-9BAB8514D5E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {BE0E3263-665C-4783-BFF9-009B5173E0CA} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {C00C013B-42E2-412A-A5E8-C07A07FB45E5} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe
Task: {CA1948FE-0409-4717-ADCB-7A5FAFBF0821} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
Task: {CC7F3CDA-D5F5-489A-83BC-FBCBAFD8B061} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-02-10] (Google Inc -> Google Inc.)
Task: {D49DFDA6-FBA9-4396-940D-3F3D0111E6EF} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-16] (Dropbox, Inc -> Dropbox, Inc.)
Task: {DD9C434A-82F6-43FA-9AF3-23BF8A858A78} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1373592 2019-12-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE728870-77A8-43D6-9879-EC57AC698720} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {E2EAB2ED-C683-4D46-AF4E-3C43225A4BF3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759752 2019-08-14] (McAfee, LLC. -> McAfee, LLC.)
Task: {E3A4DB10-71CF-48A2-B0C5-A8EEDB441A0A} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552376 2019-08-20] (McAfee, LLC -> McAfee, LLC.)
Task: {EE2E02FB-F49D-4FDD-AED9-BE2C9C01939E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe
Task: {F883D350-34EA-4D33-81A6-DDF60024A3DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5248fda6-fa9d-4fa4-98fc-567eb3eaf38d}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
SearchScopes: HKLM -> {C7A0D298-5785-42C3-9CE1-89D3E52CDDFD} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {C7A0D298-5785-42C3-9CE1-89D3E52CDDFD} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001 -> {C7A0D298-5785-42C3-9CE1-89D3E52CDDFD} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-12-12] (McAfee, LLC -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
Edge:
======
DownloadDir: C:\Users\Bob Scott\Downloads
Edge HomeButtonPage: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001 -> about:start
Edge Notifications: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001 -> hxxps://mail.google.com
FireFox:
========
FF DefaultProfile: uk60tjfu.default-1573382213419
FF ProfilePath: C:\Users\Bob Scott\AppData\Roaming\Mozilla\Firefox\Profiles\uk60tjfu.default-1573382213419 [2019-12-10]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\Bob Scott\AppData\Roaming\Mozilla\Firefox\Profiles\uk60tjfu.default-1573382213419\Extensions\[email protected] [2019-11-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-12-12]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-09-17] (McAfee, LLC. -> )
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-09-17] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-12-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.422\npGoogleUpdate3.dll [2019-12-14] (Google LLC -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-12-02] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\gwSetting.js [2019-09-13] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\MoSetting.cfg [2019-09-13] <==== ATTENTION
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3147344 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2914896 2019-10-08] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0334924.inf_amd64_05abf00239dfc53b\B334881\atiesrxx.exe [481768 2019-02-06] (Advanced Micro Devices, Inc. -> AMD)
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [679400 2018-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11345992 2019-11-28] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-16] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2019-06-16] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-12-17] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [441664 2019-07-25] (Digital Wave Ltd -> Digital Wave Ltd)
R2 e-Safe Compliance Client; C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe [953376 2018-11-08] (Guardware Ltd. -> Guardware Ltd)
S2 GuardWareProxy; C:\Program Files (x86)\Guardware\Integrity Management\GWProxy.exe [4331552 2018-11-08] (Guardware Ltd. -> Guardware Ltd.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [913208 2019-12-12] (McAfee, LLC -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_7\McApExe.exe [747896 2019-09-17] (McAfee, LLC. -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.2.117.0\\McCSPServiceHost.exe [2226608 2019-10-22] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [630160 2019-08-19] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1731480 2019-10-21] (McAfee, LLC -> McAfee, LLC.)
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2012-09-05] (Nalpeiron LTD -> Nalpeiron Ltd.) [File not signed]
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1367040 2019-09-19] (McAfee, LLC. -> McAfee, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [267552 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [717776 2019-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SynTPEnhService; C:\WINDOWS\System32\SynTPEnhService.exe [382008 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S2 HPJumpStartBridge; "c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe" [X]
S2 HPSupportSolutionsFrameworkService; "C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe" [X]
S2 WildTangentHelper; "C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AmdAS4; C:\WINDOWS\System32\drivers\AmdAS4.sys [26888 2019-02-06] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0334924.inf_amd64_05abf00239dfc53b\B334881\atikmdag.sys [44624360 2019-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0334924.inf_amd64_05abf00239dfc53b\B334881\atikmpag.sys [567784 2019-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\WINDOWS\System32\drivers\amdpsp.sys [137688 2019-02-06] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AmUStor; C:\WINDOWS\system32\drivers\AmUStor.SYS [108992 2018-04-27] (Alcorlink Corp. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [107496 2019-02-06] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75696 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R2 GWDogFile; C:\windows\system32\drivers\GWDogFile.sys [43376 2018-08-07] (Guardware Ltd. -> Guardware Ltd)
R2 GWPG; C:\windows\system32\drivers\GWPG.sys [39808 2017-02-16] (Guardware Ltd. -> Guardware Ltd)
R2 GWScanner; C:\windows\system32\drivers\GWScanner.sys [68576 2018-05-17] (Guardware Ltd. -> Guardware Ltd)
R2 gwwfp; C:\windows\system32\Drivers\gwwfp64.sys [56288 2018-03-08] (Guardware Ltd. -> Guardware Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [521648 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [379824 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2019-08-22] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [517040 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [993712 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\system32\DRIVERS\mfencbdc.sys [563640 2019-08-31] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\system32\DRIVERS\mfencrk.sys [107448 2019-08-31] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116656 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252336 2019-08-22] (McAfee, Inc. -> McAfee, LLC)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation -> Corel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1118648 2019-02-06] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [787736 2019-09-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [11708504 2019-07-03] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [48688 2019-08-15] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [46632 2018-04-20] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-08-06] (HP Inc. -> HP)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-23 17:28 - 2019-12-23 17:34 - 000036203 _____ C:\Users\Bob Scott\Desktop\FRST.txt
2019-12-23 17:27 - 2019-12-23 17:31 - 000000000 ____D C:\FRST
2019-12-23 17:22 - 2019-12-23 17:22 - 002260480 _____ (Farbar) C:\Users\Bob Scott\Desktop\FRST64.exe
2019-12-22 19:51 - 2019-12-23 17:40 - 000001296 _____ C:\ProgramData\ipconfig.txt
2019-12-22 17:11 - 2019-12-22 17:11 - 000001419 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2019-12-22 17:11 - 2019-12-22 17:11 - 000001419 _____ C:\ProgramData\Desktop\DVDVideoSoft Free Studio.lnk
2019-12-19 14:48 - 2019-12-19 14:48 - 000008354 _____ C:\Users\Bob Scott\Documents\Sandman Signature Newcastle Hotel, UK - Reservation Confirmation.eml
2019-12-18 20:51 - 2019-12-18 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-12-17 19:30 - 2019-12-17 19:30 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-12-17 19:30 - 2019-12-17 19:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-12-17 19:30 - 2019-12-17 19:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-12-17 19:30 - 2019-12-17 19:30 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-12-10 23:24 - 2019-12-10 23:24 - 025443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 018020352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 007754240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 005914112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 005764664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 002494432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001610752 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001399312 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-12-10 23:24 - 2019-12-10 23:24 - 001098928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 001072952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-12-10 23:24 - 2019-12-10 23:24 - 000774456 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-12-10 23:24 - 2019-12-10 23:24 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000646144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-12-10 23:24 - 2019-12-10 23:24 - 000210744 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-12-10 23:24 - 2019-12-10 23:24 - 000097080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-12-10 23:24 - 2019-12-10 23:24 - 000032056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2019-12-10 23:24 - 2019-12-10 23:24 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 009927992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 007905000 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 007600448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 007278592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 007263992 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 006516648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 006083832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 005943296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 003703296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 002762296 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 002698768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 002284544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 002147328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 002082208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001757304 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-12-10 23:23 - 2019-12-10 23:23 - 001748480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001743888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001697280 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001656600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001647072 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001512528 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 001451520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 001366128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-12-10 23:23 - 2019-12-10 23:23 - 001261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 001149712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001054864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 001006904 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000986936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000878080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Service.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000842552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000822416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000797112 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000674280 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000673456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000598016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000593128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000530944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000524264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000511000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000406480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-12-10 23:23 - 2019-12-10 23:23 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000127272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000089536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\CustomInstallExec.exe
2019-12-10 23:23 - 2019-12-10 23:23 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.EnrollmentStatusTracking.ConfigProvider.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000067112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsManagementServiceWinRt.ProxyStub.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelineprxy.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevQueryBroker.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilotdiag.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2019-12-10 23:23 - 2019-12-10 23:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2019-12-03 10:20 - 2019-12-03 10:20 - 000002066 _____ C:\Users\Public\Desktop\McAfee LiveSafe.lnk
2019-12-03 10:20 - 2019-12-03 10:20 - 000002066 _____ C:\ProgramData\Desktop\McAfee LiveSafe.lnk
2019-12-03 10:20 - 2019-12-03 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-12-03 10:15 - 2019-06-04 04:13 - 000217912 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2019-12-03 10:10 - 2019-12-06 15:45 - 000003186 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2019-12-03 10:05 - 2019-12-21 20:07 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2019-12-03 10:02 - 2019-12-07 18:11 - 000003564 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2019-12-03 10:02 - 2019-12-03 13:49 - 000000000 ____D C:\Program Files\McAfee
2019-12-03 10:02 - 2019-12-03 10:19 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-12-03 10:02 - 2019-12-03 10:07 - 000000000 ____D C:\Program Files\McAfee.com
2019-12-03 10:02 - 2019-12-03 10:02 - 000000000 ____D C:\Program Files\Common Files\AV
2019-12-03 09:57 - 2019-08-19 12:33 - 000549568 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe
2019-12-03 09:56 - 2019-12-03 10:18 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-12-03 09:55 - 2019-12-03 13:53 - 000000000 ____D C:\ProgramData\McAfee
2019-11-29 17:37 - 2019-11-29 17:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-11-29 17:37 - 2019-11-29 17:37 - 000001970 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2019-11-29 17:37 - 2019-11-29 17:37 - 000001970 _____ C:\ProgramData\Desktop\Garmin Express.lnk
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-12-23 16:51 - 2019-02-06 19:49 - 000000000 ____D C:\Users\Bob Scott\AppData\Local\Adobe
2019-12-23 16:49 - 2019-09-03 14:25 - 000004030 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{D624D13F-375D-459E-9CCE-AC7FB0752FD7}
2019-12-23 16:42 - 2019-09-03 13:52 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-12-22 19:54 - 2019-03-19 04:52 - 000000000 ___HD C:\Program Files\WindowsApps
2019-12-22 19:54 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-12-22 19:54 - 2019-03-19 04:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-12-22 18:34 - 2019-02-06 19:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-12-22 17:57 - 2019-02-04 13:15 - 000000000 ____D C:\ProgramData\Guardware
2019-12-22 17:56 - 2019-09-03 14:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-12-22 17:55 - 2019-03-19 04:37 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2019-12-22 17:54 - 2018-11-10 04:57 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2019-12-22 17:11 - 2019-02-11 15:05 - 000001482 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2019-12-22 17:11 - 2019-02-11 15:05 - 000001482 _____ C:\ProgramData\Desktop\Free YouTube To MP3 Converter.lnk
2019-12-22 17:11 - 2019-02-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2019-12-22 17:11 - 2019-02-11 15:05 - 000000000 ____D C:\Program Files (x86)\DVDVideoSoft
2019-12-18 20:53 - 2019-06-16 21:26 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-12-17 14:44 - 2019-10-03 21:13 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2019-12-17 14:44 - 2019-10-03 21:13 - 000000000 ___HD C:\ProgramData\Documents\AdobeGCData
2019-12-17 14:32 - 2019-02-27 10:09 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-12-17 12:59 - 2019-03-19 04:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-12-14 11:34 - 2019-02-04 14:21 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-12-14 11:28 - 2019-09-03 14:25 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-12-14 11:28 - 2019-09-03 14:25 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-12-12 13:02 - 2019-09-03 14:13 - 000934996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-12-12 13:02 - 2019-03-19 04:50 - 000000000 ____D C:\WINDOWS\INF
2019-12-12 13:00 - 2019-02-04 16:12 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-12-12 12:47 - 2019-02-04 16:12 - 129221664 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-12-11 00:11 - 2019-01-28 23:13 - 000000000 ___RD C:\Users\Bob Scott\3D Objects
2019-12-11 00:11 - 2018-04-28 06:07 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-12-11 00:08 - 2019-09-03 13:52 - 000381184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-12-11 00:07 - 2019-06-16 21:26 - 000000946 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-12-11 00:07 - 2019-06-16 21:26 - 000000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-12-11 00:04 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\SystemResources
2019-12-11 00:04 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-12-11 00:04 - 2019-03-19 04:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-12-10 23:37 - 2019-03-19 04:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-12-06 15:44 - 2019-09-03 14:25 - 000004860 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2019-12-06 15:36 - 2019-09-03 14:25 - 000003344 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2617516664-2097498628-2091352067-1001
2019-12-06 15:36 - 2019-09-03 14:25 - 000003262 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task v2
2019-12-06 15:33 - 2019-09-03 14:25 - 000003744 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2019-12-04 12:28 - 2019-04-03 13:50 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-12-03 14:39 - 2019-08-09 14:40 - 000000923 _____ C:\Users\Public\Desktop\VLC media player.lnk
2019-12-03 14:39 - 2019-08-09 14:40 - 000000923 _____ C:\ProgramData\Desktop\VLC media player.lnk
2019-12-03 09:58 - 2019-03-19 04:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-12-03 09:52 - 2019-08-17 14:02 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-12-03 09:52 - 2019-04-03 13:50 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-12-03 09:49 - 2019-04-03 13:51 - 000000000 ____D C:\Users\Bob Scott\AppData\LocalLow\Mozilla
2019-11-29 23:37 - 2019-01-28 23:13 - 000000000 ____D C:\Users\Bob Scott\AppData\Local\Packages
2019-11-29 17:41 - 2019-10-10 14:35 - 000000000 ____D C:\ProgramData\Garmin
2019-11-29 17:38 - 2019-10-10 14:34 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-11-29 17:38 - 2018-06-01 07:06 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-29 17:37 - 2019-10-10 14:34 - 000003648 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2019-11-28 11:51 - 2019-02-04 13:32 - 000000000 ____D C:\Users\Bob Scott\AppData\Local\PlaceholderTileLogoFolder
2019-11-25 21:31 - 2019-09-03 07:23 - 000002386 _____ C:\Users\Bob Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-11-25 21:31 - 2019-01-28 23:20 - 000000000 ___RD C:\Users\Bob Scott\OneDrive
2019-11-25 10:53 - 2019-02-04 17:29 - 000000000 ____D C:\Users\Bob Scott\AppData\Local\D3DSCache
==================== Files in the root of some directories ========
2019-03-18 14:17 - 2019-03-18 14:17 - 000000264 _____ () C:\ProgramData\fontcacheev1.dat
2019-07-21 13:11 - 2019-07-21 13:11 - 000000000 _____ () C:\Users\Bob Scott\AppData\Local\oobelibMkey.log
2019-08-31 18:57 - 2019-08-31 18:58 - 000020229 _____ () C:\Users\Bob Scott\AppData\Local\TempRuntimeBroker.exe.0195.wxtu.dmp
2019-04-06 08:07 - 2019-04-06 08:07 - 000033301 _____ () C:\Users\Bob Scott\AppData\Local\Tempsvchost.exe.1c0e.wxtu.dmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-12-2019
Ran by Bob Scott (23-12-2019 17:41:55)
Running from C:\Users\Bob Scott\Desktop
Windows 10 Home Version 1903 18362.535 (X64) (2019-09-03 14:27:29)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2617516664-2097498628-2091352067-500 - Administrator - Disabled)
Bob Scott (S-1-5-21-2617516664-2097498628-2091352067-1001 - Administrator - Enabled) => C:\Users\Bob Scott
DefaultAccount (S-1-5-21-2617516664-2097498628-2091352067-503 - Limited - Disabled)
Guest (S-1-5-21-2617516664-2097498628-2091352067-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2617516664-2097498628-2091352067-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3D Shadow 2.0 (HKLM\...\3D Shadow_is1) (Version: 2.0 - Lokas Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20061 - Adobe Systems Incorporated)
Adobe Photoshop Elements 2019 (HKLM-x32\...\PSE_17_0) (Version: 17.0 - Adobe Systems Incorporated)
Album Art Downloader XUI 1.03 (HKLM-x32\...\Album Art Downloader XUI) (Version: 1.03 - hxxp://sourceforge.net/projects/album-art)
Amazon Photos (HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\Amazon Photos) (Version: 6.2.3 - Amazon.com, Inc.)
AMD Radeon Settings (HKLM\...\WUCCCApp) (Version: 2018.1016.918.14930 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 17.12 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{96973E1F-5AA8-4D30-9E9C-00E580F8D1C5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
ASUS E-Green Uninstall (HKLM-x32\...\EGREEN) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon MG3600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3600_series) (Version: 1.00 - Canon Inc.)
Canon MG3600 series On-screen Manual (HKLM-x32\...\Canon MG3600 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MG3600 series User Registration (HKLM-x32\...\Canon MG3600 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.7.21.0 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.7.10.0 - Canon Inc.)
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.2.0 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Utility 3 (HKLM-x32\...\EOS Utility 3) (Version: 3.7.0.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.6.30.1 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.19.10.0 - Canon Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 87.4.138 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{1EF3F348-0065-4ED7-884F-BBB8B1FA8CA1}) (Version: 6.19.3.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
e-Safe Compliance Enterprise Client (HKLM-x32\...\{B6FB9F0A-6D60-46A9-960B-DCA5A978350B}) (Version: 4.4.0.77 - Guardware Ltd) Hidden
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.3.6.1209 - Digital Wave Ltd)
Garmin Express (HKLM-x32\...\{8526ab9f-b231-461d-964e-45bbed08f381}) (Version: 6.19.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9939845A-42CA-41A1-9A7E-848C95F02FD5}) (Version: 6.19.3.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden
GTarcade (HKU-x32\S-1-5-21-2617516664-2097498628-2091352067-1001\...\gtarcade) (Version: 2.0.0 - YOOZOO Games)
HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{3EC04ABB-D60E-44B6-9403-0D9DE44F56D9}) (Version: 1.6.0.0 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{9DD60999-A4F0-4333-9D00-E45C718EA6C1}) (Version: 1.4.30 - HP Inc.)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R22 - McAfee, LLC.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.57 - McAfee, LLC.)
Microsoft Office Home and Student 2019 - en-us (HKLM\...\HomeStudent2019Retail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 en-GB) (HKLM\...\Mozilla Firefox 70.0.1 (x64 en-GB)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
Music Center for PC (HKLM-x32\...\{D5344456-90D0-409F-AF67-CCE2BD4C4592}) (Version: 2.1.0.01472 - Sony Home Entertainment & Sound Products Inc.)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 2.1.2 - MusicBrainz)
OEM Application Profile (HKLM-x32\...\{12C2AEB0-ED60-4CCF-DD83-C65BC7CCFB50}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden
ON1 Effects 2019 (HKLM\...\ON1 Effects 2019 PE) (Version: 13.6.0.7353 - ON1)
Picturenaut 3.2 (HKLM\...\{7BDD99A3-CCDD-41DE-8B86-F636B95ADBBF}) (Version: 3.2.0.1698 - Marc M.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.88 - REALTEK Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8734.1 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.113 - REALTEK Semiconductor Corp.)
RescuePRO Deluxe 6.0.3.0 (HKLM-x32\...\{38D9AAB8-116B-40BB-A801-50B71DF82D24}_is1) (Version: 6.0.3.0 - LC Technology International, Inc.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
Sky Go 1.5.16.0 (HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\com.bskyb.skygoplayer_is1) (Version: 1.5.16.0 - Sky)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Packages:
=========
AdBlocker Ultimate -> C:\Program Files\WindowsApps\SecureDownloadLtd.AdBlockerUltimate_2.29.0.0_neutral__2k66023rjqqqe [2019-09-04] (Secure Download Ltd)
Duplicates Cleaner -> C:\Program Files\WindowsApps\6655kaeros.DuplicatesCleaner_3.48.0.0_x64__wbzechdf9an1w [2019-09-05] (kaeros)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2018-11-10] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-12] (Apple Inc.) [Startup Task]
McAfee® Personal Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_2.1.16.0_x64__wafk5atnkzcwy [2019-10-09] (McAfee Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-04] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-12] (Microsoft Studios) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad]
Perfect flicker - best client for Flickr -> C:\Program Files\WindowsApps\10301PerfectThumb.PerfectFlickr_1.1.5.0_x64__n9t97vrmwej7m [2019-09-05] (Perfect Thumb)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-06-27] (Random Salad Games LLC) [MS Ad]
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-05-31] (Synaptics Incorporated)
True Key -> C:\Program Files\WindowsApps\5A894077.TrueKey_4.0.9245.0_neutral__wafk5atnkzcwy [2019-10-01] (McAfee Inc.)
Wikipedia -> C:\Program Files\WindowsApps\WikimediaFoundation.Wikipedia_1.1.0.37_neutral__54ggd3ev8bvz6 [2019-02-23] (Wikimedia Foundation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001_Classes\CLSID\{0047ADBE-9F73-CAFE-3A65-ACE857BAD45F}\localserver32 -> C:\Program Files\Adobe\Elements 2019 Organizer\Elements Auto Creations 2019.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
CustomCLSID: HKU\S-1-5-21-2617516664-2097498628-2091352067-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\Bob Scott\Dropbox [2019-06-16 21:38]
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-10-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-09-17] (McAfee, LLC. -> McAfee, LLC.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Bob Scott\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Picturenaut\Picturenaut Home.lnk -> hxxp://www.picturenaut.com
==================== Loaded Modules (Whitelisted) =============
2019-09-09 07:13 - 2019-09-09 07:13 - 001364992 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-11-21 12:01 - 2019-11-21 12:01 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 002085888 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\cv210.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 002201088 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\cxcore210.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 000781312 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\highgui210.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 000407040 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\ml210.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 001715712 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\opencv_core231.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 000436736 _____ () [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\opencv_ml231.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000015360 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2018-04-24 21:22 - 2018-04-24 21:22 - 002519040 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2019-11-21 12:01 - 2019-11-21 12:01 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2019-02-27 10:30 - 2015-03-17 08:51 - 000375296 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-11-21 12:03 - 2019-11-21 12:03 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2019-11-21 12:01 - 2019-11-21 12:01 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-11-21 12:01 - 2019-11-21 12:01 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2017-04-19 14:23 - 2017-04-19 14:23 - 003772416 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Guardware\Integrity Management\Microsoft.VC90.MFC\mfc90u.dll
2019-11-21 12:02 - 2019-11-21 12:02 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 08:57 - 2019-07-27 08:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000032256 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000039936 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000034304 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000237056 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000025600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000024064 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000481792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 001336320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2018-10-16 08:16 - 2018-10-16 08:16 - 005766144 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2018-04-24 21:21 - 2018-04-24 21:21 - 006045184 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2018-04-24 21:21 - 2018-04-24 21:21 - 000964096 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2018-04-24 21:21 - 2018-04-24 21:21 - 000279552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Positioning.dll
2018-04-24 21:21 - 2018-04-24 21:21 - 003233792 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 003406848 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000328704 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000109568 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebChannel.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000325632 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngine.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 069968896 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WebEngineCore.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 005523456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000282624 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000194560 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 003281408 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5XmlPatterns.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000049152 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\private\qtgraphicaleffectsprivate.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtGraphicalEffects\qtgraphicaleffectsplugin.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000311296 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000089600 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2018-04-24 21:22 - 2018-04-24 21:22 - 000018432 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [0]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 23:38 - 2018-04-11 23:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-2617516664-2097498628-2091352067-1001\...\StartupApproved\Run: => "Amazon Photos"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0728530E-7888-43E6-8397-EFAE49F1F2DD}] => (Allow) C:\Program Files\ON1\ON1 Effects 2019\on1sandbox.exe (ON1, Inc -> )
FirewallRules: [{CDBE8AFF-85B9-4DD9-8A26-1FC30C31DA55}] => (Allow) C:\Program Files\ON1\ON1 Effects 2019\on1sandbox.exe (ON1, Inc -> )
FirewallRules: [{07C9DD9E-E35F-4403-8A5D-855F60A1E8CD}] => (Allow) C:\Program Files\ON1\ON1 Effects 2019\ON1 Effects 2019.exe (ON1, Inc -> ON1, Inc.)
FirewallRules: [{81A12862-8BAA-4142-9993-819765EB9D3D}] => (Allow) C:\Program Files\ON1\ON1 Effects 2019\ON1 Effects 2019.exe (ON1, Inc -> ON1, Inc.)
FirewallRules: [{DC6DA0AD-F60B-4295-B23E-43F11FF5FE1B}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{B177C50A-F78A-4954-AE16-EFDD78455FF2}] => (Allow) C:\Program Files (x86)\Canon\EOS Utility\EOSUPNPSV.exe (Canon Inc. -> CANON INC.)
FirewallRules: [{5280C64C-029E-4EC9-BCF3-CBBE4D281724}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2A23393-44F1-429F-A8D0-044216D459D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3292F0CC-AA7C-435A-9887-31EDF335F43F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe No File
FirewallRules: [{2BD409AB-D68F-4A4B-8893-EE0C771A4E98}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe No File
FirewallRules: [{0E0A5CF8-FCB1-4762-8D18-4244CA7E7548}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe No File
FirewallRules: [{5C2412C1-F569-4C14-B60F-92AF6C87DC7F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe No File
FirewallRules: [{505A00A5-E095-41CB-97AA-3BD3C79DCC83}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe No File
FirewallRules: [{F44CC958-BC3B-4890-BF60-A7CB206B08FB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe No File
FirewallRules: [{67953562-922C-4E55-859C-3012BCFF5132}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe No File
FirewallRules: [{6D0BAD0B-9927-48BE-944B-7725889795EA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12094.102.41046.0_x64__nzyj5cx40ttqa\iTunes.exe No File
FirewallRules: [{DACDF505-FA08-482D-8D2A-F83C4DF7FD3D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe No File
FirewallRules: [{B30A24B4-36A8-44A9-AC2B-53E790CF539C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{06124C85-CE47-4AF1-91A1-4EE9439EA2A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BFE3F414-D97D-43E1-A591-2AD74E041A4D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9B1A867F-BCD1-4A27-A953-58E6688B7ACD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{75AF006E-1262-4459-86AC-6DCA895A4A54}] => (Allow) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe (Guardware Ltd. -> Guardware Ltd)
FirewallRules: [{CBE4CA56-7EA4-480A-B7AD-C8D8D25C1C46}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{3A85FDF0-76F9-4875-B83E-79AEB8625A9B}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{BC21EE94-D33A-4041-88C3-F0F2FF020162}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{7AFD8705-38DB-466C-81CC-A2F1FE2DE1B4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0DD9ECBF-809A-445A-B80F-D7C4A431B5BE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1C6D7CCB-F412-47CE-8B0A-4855EDE7D175}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7D1FFD12-B8A8-4D25-B441-5EDF13F19EF4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{0B6F91A3-7316-4607-AC34-ADFBA2139B4B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39B7E190-64A0-46CB-9EB8-30F6165DB60A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{19AA9FAD-C05B-426D-A35A-165D68EE8DD2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A1AB11A4-1705-487F-8690-AF48C5E7C1E9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2E5980D-B122-4433-AADD-E6996AA750A7}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{658A9098-39DD-461E-BCEF-FDE0BB47A916}] => (Allow) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe (Guardware Ltd. -> Guardware Ltd)
FirewallRules: [{4A279C7F-3EB0-40A1-8434-AD937F55A911}] => (Allow) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe (Guardware Ltd. -> Guardware Ltd)
FirewallRules: [{DAB837FE-E001-4349-B2FA-1A3243D10F17}] => (Allow) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe (Guardware Ltd. -> Guardware Ltd)
FirewallRules: [{58BAB2BE-5187-4BF7-A912-9DE859BF3503}] => (Allow) C:\Program Files (x86)\Guardware\Integrity Management\GWClient.exe (Guardware Ltd. -> Guardware Ltd)
==================== Restore Points =========================
03-12-2019 14:27:59 McAfee Vulnerability Scanner
10-12-2019 22:19:30 Windows Update
==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================
Application errors:
==================
Error: (12/23/2019 05:31:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (6836,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/23/2019 05:06:59 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2292,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/23/2019 04:57:36 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (16892,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/23/2019 04:52:22 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14888,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/22/2019 10:04:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9436,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/22/2019 09:34:27 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13212,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/22/2019 09:04:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (932,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (12/22/2019 08:58:17 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (14096,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.

System errors:
=============
Error: (12/23/2019 05:50:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GuardWareProxy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/23/2019 05:50:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (300000 milliseconds) while waiting for the GuardWareProxy service to connect.
Error: (12/23/2019 05:50:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GuardWareProxy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/23/2019 05:50:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (300000 milliseconds) while waiting for the GuardWareProxy service to connect.
Error: (12/23/2019 05:49:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GuardWareProxy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/23/2019 05:49:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (300000 milliseconds) while waiting for the GuardWareProxy service to connect.
Error: (12/23/2019 05:49:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GuardWareProxy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (12/23/2019 05:49:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (300000 milliseconds) while waiting for the GuardWareProxy service to connect.

Windows Defender:
===================================
Date: 2019-12-03 10:15:59.312
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.1173.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-12-03 10:15:59.264
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.1173.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-12-03 10:15:59.256
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.1173.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x800705b4
Error description: This operation returned because the timeout period expired.
Date: 2019-12-03 09:44:09.535
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.1173.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
Date: 2019-12-03 09:44:09.534
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.291.1173.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15800.1
Error code: 0x80240022
Error description: The program can't check for definition updates.
CodeIntegrity:
===================================
Date: 2019-12-23 16:43:33.904
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-23 16:43:31.575
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-23 16:43:30.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-23 16:43:29.071
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-23 16:43:26.891
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-22 19:16:14.310
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-22 19:16:13.345
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2019-12-22 19:16:11.645
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.11 08/20/2018
Motherboard: HP 84AC
Processor: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 82%
Total physical RAM: 3981.68 MB
Available physical RAM: 698.97 MB
Total Virtual: 10381.68 MB
Available Virtual: 4360.53 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:914.59 GB) (Free:690.52 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:15.69 GB) (Free:1.87 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{a8b4e400-241a-4576-9c58-422d137d1804}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.34 GB) NTFS
\\?\Volume{aca34e70-1cf0-4216-976f-cb879e3a4865}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AEFD05AD)
Partition: GPT.
==================== End of Addition.txt =======================

 

 

 


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

We can run some tests but just looking at your logs I expect the problem is caused by your:

e-Safe Compliance Client.  This is apparently some sort of censor  program which attempts to keep you from going to "naughty" sites either intentionally or unintentionally.  in order to work it sends all of your network traffic to the big censor in the sky via a GuardWareProxy and asks "mother, may I?"  The proxy program however is broken.  Look in the Addition.txt under System Errors and you will see lots of errors like this:

 

Error: (12/23/2019 05:50:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The GuardWareProxy service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

 

My understanding is that you or your church is paying through the nose for this program which by the way has an awful rep on the web.  It also does not have an uninstall option so you can't uninstall/reinstall to attempt to fix it.  I can remove it as if it were malware if you want.

 

If you want to see if there is anything else slowing you down:

 

Get Process Explorer

https://live.sysinte...com/procexp.exe

Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.


Copy the next 2 lines:

TASKLIST /SVC  > \junk.txt
notepad \junk.txt

Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
Win 8: http://www.eightforu...indows-8-a.html
win 10: http://www.howtogeek...-in-windows-10/

Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply.


Get the free version of Speccy:

http://www.filehippo...ownload_speccy/ 

(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.



 


  • 0

#3
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Hi

 

Many thanks for replying.  I'll let you know what I want to do about the e-Safe client but first it would be great if you would check if there's anything else slowing me down.  I'm attaching the files you have asked for.

 

Image Name                     PID Services                                   
========================= ======== ============================================
System Idle Process              0 N/A                                        
System                           4 N/A                                        
Registry                        88 N/A                                        
smss.exe                       404 N/A                                        
csrss.exe                      708 N/A                                        
wininit.exe                    808 N/A                                        
csrss.exe                      816 N/A                                        
services.exe                   880 N/A                                        
winlogon.exe                   908 N/A                                        
lsass.exe                      948 KeyIso, SamSs, VaultSvc                    
svchost.exe                    300 PlugPlay                                   
fontdrvhost.exe                500 N/A                                        
fontdrvhost.exe                520 N/A                                        
svchost.exe                    632 BrokerInfrastructure, DcomLaunch, Power,   
                                   SystemEventsBroker                         
svchost.exe                    676 RpcEptMapper, RpcSs                        
svchost.exe                    868 LSM                                        
dwm.exe                       1084 N/A                                        
svchost.exe                   1240 NcbService                                 
svchost.exe                   1272 BTAGService                                
svchost.exe                   1280 bthserv                                    
svchost.exe                   1288 BthAvctpSvc                                
svchost.exe                   1300 Schedule                                   
svchost.exe                   1320 CoreMessagingRegistrar                     
svchost.exe                   1392 TimeBrokerSvc                              
svchost.exe                   1568 DisplayEnhancementService                  
svchost.exe                   1608 ProfSvc                                    
svchost.exe                   1696 EventLog                                   
svchost.exe                   1704 PhoneSvc                                   
svchost.exe                   1780 DispBrokerDesktopSvc                       
svchost.exe                   1832 UserManager                                
svchost.exe                   1904 nsi                                        
svchost.exe                   1936 StateRepository                            
svchost.exe                   2000 camsvc                                     
svchost.exe                   2016 Dhcp                                       
svchost.exe                   2044 DeviceAssociationService                   
svchost.exe                   2108 lfsvc                                      
svchost.exe                   2164 NlaSvc                                     
svchost.exe                   2216 Dnscache                                   
svchost.exe                   2312 netprofm                                   
SynTPEnhService.exe           2340 SynTPEnhService                            
svchost.exe                   2384 FontCache                                  
atiesrxx.exe                  2460 AMD External Events Utility                
svchost.exe                   2560 EventSystem                                
svchost.exe                   2568 SysMain                                    
atieclxx.exe                  2576 N/A                                        
svchost.exe                   2584 Themes                                     
Memory Compression            2660 N/A                                        
svchost.exe                   2680 SENS                                       
svchost.exe                   2700 AudioEndpointBuilder                       
svchost.exe                   2828 Audiosrv                                   
RtkAudioService64.exe         2920 RtkAudioService                            
audiodg.exe                   2932 N/A                                        
svchost.exe                   3048 DusmSvc                                    
svchost.exe                   3056 Wcmsvc                                     
svchost.exe                   2852 WinHttpAutoProxySvc                        
svchost.exe                   3096 WlanSvc                                    
svchost.exe                   3144 ShellHWDetection                           
wlanext.exe                   3224 N/A                                        
conhost.exe                   3256 N/A                                        
spoolsv.exe                   3284 Spooler                                    
svchost.exe                   3348 BFE, mpssvc                                
svchost.exe                   3432 LanmanWorkstation                          
svchost.exe                   3572 IKEEXT                                     
armsvc.exe                    3580 AdobeARMservice                            
AGMService.exe                3588 AGMService                                 
AGSService.exe                3596 AGSService                                 
mDNSResponder.exe             3612 Bonjour Service                            
BTDevMgr.exe                  3628 BTDevManager                               
svchost.exe                   3636 PolicyAgent                                
svchost.exe                   3664 CertPropSvc                                
OfficeClickToRun.exe          3716 ClickToRunSvc                              
svchost.exe                   3732 CryptSvc                                   
svchost.exe                   3780 DiagTrack                                  
DbxSvc.exe                    3804 DbxSvc                                     
app_updater.exe               3832 DigitalWave.Update.Service                 
svchost.exe                   3856 DPS                                        
GWClient.exe                  3888 e-Safe Compliance Client                   
ijplmsvc.exe                  3952 IJPLMSVC                                   
svchost.exe                   3976 Winmgmt                                    
mfemms.exe                    4016 mfemms, mfevtp                             
svchost.exe                   4032 LanmanServer                               
ModuleCoreService.exe         4044 ModuleCoreService                          
servicehost.exe               4084 McAfee WebAdvisor                          
nlssrv32.exe                  4092 nlsX86cc                                   
PEFService.exe                2876 PEFService                                 
svchost.exe                   1996 TapiSrv                                    
RtkBtManServ.exe              3392 RtkBtManServ                               
svchost.exe                   4188 stisvc                                     
svchost.exe                   4280 W32Time                                    
svchost.exe                   4288 TrkWks                                     
svchost.exe                   4380 WpnService                                 
svchost.exe                   4504 WdiServiceHost                             
svchost.exe                   4544 SstpSvc                                    
svchost.exe                   4588 iphlpsvc                                   
svchost.exe                   5108 RasMan                                     
MMSSHOST.exe                  5832 N/A                                        
sihost.exe                    5300 N/A                                        
svchost.exe                   5452 CDPUserSvc_67edb                           
svchost.exe                    680 BluetoothUserService_67edb                 
svchost.exe                   6052 WpnUserService_67edb                       
svchost.exe                   6152 TokenBroker                                
taskhostw.exe                 6324 N/A                                        
svchost.exe                   6476 TabletInputService                         
ctfmon.exe                    6504 N/A                                        
mfevtps.exe                   6696 N/A                                        
explorer.exe                  6708 N/A                                        
svchost.exe                   6824 CDPSvc                                     
SynTPEnh.exe                  6844 N/A                                        
ProtectedModuleHost.exe       6904 N/A                                        
unsecapp.exe                  7156 N/A                                        
WmiPrvSE.exe                  7164 N/A                                        
RadeonSettings.exe            7236 N/A                                        
svchost.exe                   7292 Appinfo                                    
uihost.exe                    7416 N/A                                        
SynTPHelper.exe               7440 N/A                                        
MfeAVSvc.exe                  7492 N/A                                        
mfefire.exe                   7528 N/A                                        
mcapexe.exe                   7708 McAPExe                                    
McCSPServiceHost.exe          7828 mccspsvc                                   
dllhost.exe                   8288 N/A                                        
svchost.exe                   8736 WbioSrvc                                   
svchost.exe                   8752 cbdhsvc_67edb                              
ModuleCoreService.exe         9016 N/A                                        
conhost.exe                   9032 N/A                                        
mcshield.exe                  9072 N/A                                        
GWW.exe                       9160 N/A                                        
StartMenuExperienceHost.e      568 N/A                                        
RuntimeBroker.exe             8864 N/A                                        
CastSrv.exe                   7352 N/A                                        
dllhost.exe                   3984 N/A                                        
RuntimeBroker.exe             7568 N/A                                        
SpeechRuntime.exe             1748 N/A                                        
RemindersServer.exe           6780 N/A                                        
ApplicationFrameHost.exe      7716 N/A                                        
dllhost.exe                   9868 N/A                                        
RuntimeBroker.exe            10448 N/A                                        
svchost.exe                  11036 InstallService                             
SettingSyncHost.exe          11064 N/A                                        
amddvr.exe                   11180 N/A                                        
svchost.exe                  11188 PcaSvc                                     
svchost.exe                   1136 OneSyncSvc_67edb,                          
                                   PimIndexMaintenanceSvc_67edb,              
                                   UnistoreSvc_67edb, UserDataSvc_67edb       
smartscreen.exe               2480 N/A                                        
RAVBg64.exe                   6216 N/A                                        
SearchUI.exe                 11084 N/A                                        
RtkNGUI64.exe                10436 N/A                                        
vidnotifier.exe               4204 N/A                                        
express.exe                   9896 N/A                                        
svchost.exe                   9612 SSDPSRV                                    
psi_tray.exe                  1792 N/A                                        
EOS Utility.exe              10144 N/A                                        
RtlS5Wake.exe                 9264 N/A                                        
HPMSGSVC.exe                 11124 N/A                                        
Dropbox.exe                   9352 N/A                                        
WmiPrvSE.exe                 10476 N/A                                        
unsecapp.exe                  9836 N/A                                        
Dropbox.exe                   2128 N/A                                        
Dropbox.exe                   9736 N/A                                        
DropboxUpdate.exe            11844 N/A                                        
dllhost.exe                  12268 N/A                                        
EOSUPNPSV.exe                10968 N/A                                        
conhost.exe                   8092 N/A                                        
amdow.exe                     7868 N/A                                        
svchost.exe                  13168 Netman                                     
SgrmBroker.exe                4404 SgrmBroker                                 
svchost.exe                  12944 UsoSvc                                     
svchost.exe                  12228 StorSvc                                    
QtWebEngineProcess.exe       14860 N/A                                        
QtWebEngineProcess.exe       14928 N/A                                        
QtWebEngineProcess.exe       15296 N/A                                        
WindowsInternal.Composabl    15332 N/A                                        
svchost.exe                  15164 wscsvc                                     
SecurityHealthService.exe    12784 SecurityHealthService                      
RuntimeBroker.exe            15680 N/A                                        
SearchIndexer.exe             9036 WSearch                                    
svchost.exe                   9232 LicenseManager                             
svchost.exe                  12948 DoSvc                                      
McSmtFwk.exe                  2952 N/A                                        
mcdatrep.exe                  8724 N/A                                        
conhost.exe                   6588 N/A                                        
RuntimeBroker.exe             4604 N/A                                        
YourPhone.exe                 5752 N/A                                        
RuntimeBroker.exe            12092 N/A                                        
taskhostw.exe                15344 N/A                                        
McUICnt.exe                  13476 N/A                                        
svchost.exe                  12116 lmhosts                                    
HxOutlook.exe                 7184 N/A                                        
HPWMISVC.exe                  7720 HPWMISVC                                   
HxTsr.exe                    12920 N/A                                        
MicrosoftEdge.exe            12260 N/A                                        
browser_broker.exe           12896 N/A                                        
MicrosoftEdgeSH.exe           2420 N/A                                        
backgroundTaskHost.exe        6048 N/A                                        
MicrosoftEdgeCP.exe          11136 N/A                                        
MicrosoftEdgeCP.exe           7096 N/A                                        
MicrosoftEdgeCP.exe          10052 N/A                                        
MicrosoftEdgeCP.exe          16276 N/A                                        
MicrosoftEdgeCP.exe          14192 N/A                                        
procexp.exe                  10488 N/A                                        
procexp64.exe                10520 N/A                                        
SearchProtocolHost.exe       13056 N/A                                        
MicrosoftEdgeCP.exe           9796 N/A                                        
powershell.exe               12388 N/A                                        
conhost.exe                  10016 N/A                                        
backgroundTaskHost.exe       14264 N/A                                        
SearchFilterHost.exe         14636 N/A                                        
tasklist.exe                  3104 N/A                                        
 

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
WmiPrvSE.exe 53.58 9,232 K 18,000 K 7164   
GWProxy.exe 8.57 1,736 K 7,880 K 17056   
procexp64.exe 10.46 33,064 K 65,780 K 10520 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
GWW.exe 3.95 57,092 K 26,100 K 9160 e-Safe Compliance Client Application Guardware Ltd. (Verified) Guardware Ltd.
dwm.exe 2.70 92,380 K 63,656 K 1084   
explorer.exe 6.57 70,240 K 89,748 K 6708 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 3.10 113,968 K 20,920 K 2932   
System 2.12 204 K 1,284 K 4   
Interrupts 1.46 0 K 0 K n/a Hardware Interrupts and DPCs  
GWClient.exe < 0.01 7,084 K 17,560 K 3888 e-Safe Compliance Client Service Guardware Ltd (Verified) Guardware Ltd.
csrss.exe 0.46 4,168 K 5,988 K 816   
SpeechRuntime.exe 1.11 18,624 K 13,348 K 1748 Speech Runtime Executable Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe 2.01 169,292 K 210,832 K 7096 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
atieclxx.exe 0.05 2,424 K 3,900 K 2576   
HPMSGSVC.exe 0.02 1,644 K 5,248 K 11124 HP Message Service HP Inc. (Verified) HP Inc.
Dropbox.exe 0.45 194,360 K 87,036 K 9352 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
QtWebEngineProcess.exe 0.01 37,040 K 20,628 K 14928 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
svchost.exe 0.61 11,268 K 20,044 K 3976 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.28 10,604 K 14,972 K 676 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
amddvr.exe 0.17 171,932 K 9,324 K 11180   
dllhost.exe 0.11 1,572 K 6,452 K 3984 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.08 36,532 K 35,996 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.10 2,064 K 2,720 K 3432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.99 9,212 K 13,432 K 1936 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
express.exe 0.10 46,296 K 18,968 K 9896 Garmin Express Garmin Ltd. or its subsidiaries (Verified) Garmin International, Inc.
MicrosoftEdge.exe 0.04 57,768 K 122,596 K 12260 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
AGMService.exe 0.06 2,324 K 5,928 K 3588 Adobe Genuine Software Service Adobe Systems, Incorporated (Verified) Adobe Inc.
MicrosoftEdgeCP.exe 0.04 64,044 K 104,812 K 10052 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
services.exe  5,676 K 8,096 K 880   
SearchIndexer.exe 0.02 36,612 K 29,516 K 9036 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
EOS Utility.exe 0.03 25,764 K 5,084 K 10144 EOS Utility Canon INC. (Verified) Canon Inc.
servicehost.exe 0.03 11,780 K 18,672 K 4084 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
QtWebEngineProcess.exe 0.02 37,036 K 8,884 K 14860 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
ijplmsvc.exe 0.01 5,976 K 8,092 K 3952 Inkjet Printer/Scanner/Fax Extended Survey Program Service  (Verified) Canon Inc.
psi_tray.exe 0.02 1,484 K 3,756 K 1792 Secunia PSI Tray Secunia (Verified) Secunia
svchost.exe  15,756 K 28,128 K 3780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ModuleCoreService.exe 0.02 34,520 K 32,796 K 4044 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
svchost.exe  14,720 K 11,044 K 1696 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
mcapexe.exe 0.01 3,476 K 2,680 K 7708 McAfee Access Protection McAfee, LLC (Verified) McAfee, LLC.
svchost.exe 0.01 15,752 K 26,160 K 632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
uihost.exe < 0.01 5,180 K 7,240 K 7416 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
EOSUPNPSV.exe 0.01 3,644 K 9,712 K 10968 Canon EOS UPNP Detector CANON INC. (Verified) Canon Inc.
System Idle Process < 0.01 60 K 8 K 0   
SynTPEnh.exe < 0.01 7,884 K 14,136 K 6844 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
conhost.exe 0.01 6,676 K 452 K 6588   
MfeAVSvc.exe < 0.01 45,328 K 35,800 K 7492   
svchost.exe 0.01 4,620 K 10,312 K 12948 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,440 K 3,524 K 2016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,636 K 7,380 K 9612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
HxTsr.exe 0.02 15,116 K 50,472 K 12920 Microsoft Outlook Communications Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
MMSSHOST.exe < 0.01 31,288 K 43,000 K 5832   
RAVBg64.exe < 0.01 7,300 K 15,356 K 6216 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
svchost.exe < 0.01 3,604 K 10,644 K 5108 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
SynTPEnhService.exe  3,412 K 2,448 K 2340 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
mfefire.exe  4,284 K 10,516 K 7528   
RadeonSettings.exe < 0.01 163,124 K 7,168 K 7236 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
QtWebEngineProcess.exe  33,832 K 3,948 K 15296 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
YourPhone.exe Suspended 16,228 K 10,644 K 5752   (No signature was present in the subject)
WmiPrvSE.exe  3,560 K 7,836 K 10476   
wlanext.exe  2,008 K 3,084 K 3224   
winlogon.exe  2,660 K 6,264 K 908   
wininit.exe  1,356 K 2,888 K 808   
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe 0.03 15,368 K 7,092 K 15332 WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe Microsoft Corporation (Verified) Microsoft Windows
vidnotifier.exe  5,404 K 5,900 K 4204 Video Notifier Digital Wave Ltd (Verified) Digital Wave Ltd
unsecapp.exe  1,344 K 6,372 K 7156   
unsecapp.exe  1,528 K 4,344 K 9836 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe  20,848 K 30,612 K 6324 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe  5,244 K 2,724 K 15344   
SynTPHelper.exe  2,168 K 4,544 K 7440   
svchost.exe < 0.01 11,400 K 29,156 K 5452 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,316 K 17,284 K 6824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,616 K 5,992 K 2312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  7,132 K 28,976 K 6052 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  9,364 K 11,152 K 3348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  8,016 K 10,972 K 1136 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 2,748 K 3,948 K 3144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,960 K 7,296 K 2828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,720 K 5,728 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,720 K 2,536 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,004 K 9,540 K 15164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,844 K 12,176 K 8752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,008 K 5,816 K 1996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,868 K 20,900 K 4380 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,060 K 6,024 K 1392 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,184 K 10,660 K 8736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 0.22 4,904 K 8,528 K 2164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,748 K 5,060 K 2852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,800 K 4,664 K 2216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,000 K 3,772 K 2560 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,220 K 9,612 K 3096 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  18,364 K 19,184 K 3856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,964 K 11,080 K 12228 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,932 K 8,740 K 7292 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,392 K 10,264 K 2108 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,924 K 4,860 K 3056 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,616 K 7,452 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,992 K 2,956 K 3048 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,996 K 16,284 K 6152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,940 K 13,532 K 3732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,344 K 1,212 K 2584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  7,224 K 7,396 K 1904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,048 K 6,364 K 1832 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,636 K 9,968 K 1300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,884 K 14,480 K 12944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,816 K 6,744 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,196 K 12,268 K 9232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,812 K 3,792 K 2384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,532 K 10,464 K 11036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,572 K 5,104 K 2000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,540 K 11,092 K 13168 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,004 K 13,256 K 4588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  972 K 1,884 K 300 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,920 K 4,328 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,992 K 4,276 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,400 K 3,080 K 1568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,676 K 4,648 K 1608 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,060 K 1,728 K 1704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,472 K 1,516 K 1780 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,452 K 1,968 K 2044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,268 K 4,564 K 2680 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,964 K 2,828 K 2700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,736 K 2,752 K 3572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,744 K 6,488 K 3636 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,188 K 8,820 K 3664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,340 K 7,700 K 4032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,956 K 7,464 K 4188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,788 K 6,776 K 4280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,300 K 5,076 K 4288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,332 K 4,864 K 4504 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,648 K 5,460 K 4544 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,744 K 7,584 K 680 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,808 K 7,196 K 6476 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,936 K 9,040 K 11188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,384 K 5,344 K 12116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,496 K 5,768 K 17280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe  28,632 K 35,804 K 568   (Verified) Microsoft Windows
spoolsv.exe  6,284 K 5,856 K 3284 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe  1,152 K 616 K 404   
smartscreen.exe < 0.01 20,676 K 34,084 K 2480 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe  8,696 K 29,584 K 5300 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe  3,372 K 6,016 K 4404 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SettingSyncHost.exe  8,472 K 2,596 K 11064 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
SecurityHealthService.exe  3,920 K 8,016 K 12784 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 79,568 K 11,900 K 11084 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  3,008 K 19,720 K 5440 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  3,664 K 6,804 K 12092 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  3,976 K 17,984 K 15680 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  8,084 K 16,520 K 7568 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  22,280 K 36,320 K 10448 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  6,684 K 26,072 K 4604 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  5,828 K 14,160 K 8864 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtlS5Wake.exe  4,272 K 6,636 K 9264 Realtek WOWL Utility Realtek (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe  4,708 K 13,920 K 10436 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe  1,736 K 7,008 K 3392 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe  1,888 K 3,376 K 2920 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RemindersServer.exe Suspended 7,364 K 9,188 K 6780 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows
Registry  10,236 K 31,224 K 88   
ProtectedModuleHost.exe  4,316 K 13,560 K 6904   
procexp.exe  5,292 K 11,020 K 10488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PEFService.exe  1,652 K 1,228 K 2876 McAfee PEF Service McAfee, Inc. (Verified) McAfee, LLC.
OfficeClickToRun.exe 0.01 30,332 K 29,892 K 3716 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
nlssrv32.exe  2,092 K 6,792 K 4092 This service enables products that use the Nalpeiron Licensing System  Nalpeiron Ltd. (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe  11,728 K 19,964 K 9016 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
MicrosoftEdgeSH.exe  5,820 K 17,016 K 2420 Microsoft Edge Web Platform Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe < 0.01 270,860 K 303,988 K 11136 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,768 K 26,212 K 14192 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,772 K 26,392 K 16276 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
mfevtps.exe  8,116 K 12,504 K 6696   
mfemms.exe  3,492 K 8,568 K 4016 McAfee Management Service McAfee, LLC (Verified) McAfee, Inc.
Memory Compression  1,296 K 64,508 K 2660   
mDNSResponder.exe  1,980 K 6,260 K 3612 Bonjour Service Apple Inc. (Verified) Apple Inc.
McUICnt.exe  13,832 K 36,528 K 13476 McAfee McAfee, LLC. (Verified) McAfee, LLC.
McSmtFwk.exe  2,732 K 10,080 K 2952   
mcshield.exe  44,480 K 29,196 K 9072   
mcdatrep.exe  3,068 K 60 K 8724   
McCSPServiceHost.exe  8,308 K 18,228 K 7828 McAfee CSP Service Host McAfee, LLC. (Verified) McAfee, LLC.
lsass.exe 0.02 9,092 K 15,696 K 948 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
HxOutlook.exe < 0.01 98,580 K 147,016 K 7184 Microsoft Outlook Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe  1,636 K 8,320 K 7720 HP WMI Service HP Inc. (Verified) HP Inc.
fontdrvhost.exe < 0.01 6,108 K 5,972 K 520   
fontdrvhost.exe  1,808 K 1,328 K 500   
DropboxUpdate.exe  2,080 K 3,724 K 11844   
Dropbox.exe < 0.01 2,628 K 6,244 K 9736 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe  1,992 K 4,088 K 2128 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe  3,600 K 9,856 K 8288   
dllhost.exe  1,572 K 6,664 K 12268 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  5,692 K 13,432 K 9868 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe  2,552 K 4,912 K 3804 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
ctfmon.exe 0.25 24,300 K 20,932 K 6504   
csrss.exe < 0.01 1,928 K 3,452 K 708   
conhost.exe  6,524 K 5,884 K 8092 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,504 K 5,916 K 9032 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,444 K 716 K 3256   
CastSrv.exe  3,176 K 9,376 K 7352 Casting protocol connection listener Microsoft Corporation (Verified) Microsoft Windows
BTDevMgr.exe  2,088 K 6,900 K 3628 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
browser_broker.exe  7,488 K 33,084 K 12896 Browser_Broker Microsoft Corporation (Verified) Microsoft Windows
backgroundTaskHost.exe  6,864 K 23,976 K 6048 Background Task Host Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe  1,428 K 1,060 K 2460 AMD External Events Service Module AMD (Verified) Advanced Micro Devices, Inc.
armsvc.exe  3,224 K 7,016 K 3580 Adobe Acrobat Update Service Adobe Systems (Verified) Adobe Inc.
ApplicationFrameHost.exe  37,780 K 37,892 K 7716 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
app_updater.exe  7,012 K 8,328 K 3832 Digital Wave Update Service Digital Wave Ltd (Verified) Digital Wave Ltd
amdow.exe  2,124 K 6,688 K 7868   
AGSService.exe  1,984 K 9,744 K 3596 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Inc.

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

I had to edit your speccy log to remove the serial number. 

 

Process Explorer shows that System Idle Process is ~0.01 %.  That's why everything is so slow.  Normally it should be 90% or better.

 

Rerun Process Explorer (remember to start it by right click and Run As Admin) 

Hit SPACE BAR to stop things jumping around.  Right click on

 

GWProxy.exe

 

and SUSPEND

Repeat for:

 

GWW.exe 

and
GWClient.exe 

 

Hit the SPACE BAR to start things moving again.

Wait a full minute and then create a log as before and post it.  If you have trouble getting on line you can do the next steps before posting the log:

 

Go back into Process Explorer (hit SPACE BAR)  and right click on each of the processes you suspended and RESUME.

Right click on WmiPrvSE.exe and SUSPEND. 

 

Hit the SPACE BAR to start things moving again.

 

If you leave WmiPrvSE.exe suspended it should free up the CPU enough to make the PC usable. 

 

I am not seeing any malware but if you want you can run MBAR to rule it out.  As long as WmiPrvSE.exe is suspended it shouldn't take more than a few hours to run/

https://www.malwareb...om/antirootkit/

and follow the instructions.  Will run faster if you pause your anti-virus.


  • 0

#5
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Hi

 

I tried to suspend the three processes as you instructed but, for GWProxy.exe and GWClient.exe, I get a message from Process Explorer saying "Unable to suspend the process"


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

OK.

 

Get autoruns from
http://live.sysinter...om/autoruns.exe

Download Save and Run the program by right clicking and Run As Admin.  

 

Find all processes associated with Guardware and UNCHECK.  Then Reboot.

 

Now try a new process explorer log.


  • 0

#7
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Okay done that and process explorer log attached.   Should I recheck the Autorun processes?

 

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 39.40 60 K 8 K 0   
procexp64.exe 14.81 34,668 K 67,448 K 5712 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 8.51 38,748 K 47,328 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 8.14 7,748 K 14,056 K 936 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe 7.58 211,072 K 253,748 K 13756 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
System 4.85 200 K 852 K 4   
dwm.exe 3.43 67,864 K 63,104 K 1076 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
audiodg.exe 3.05 113,940 K 26,196 K 3008 Windows Audio Device Graph Isolation  Microsoft Corporation (Verified) Microsoft Windows
Interrupts 2.38 0 K 0 K n/a Hardware Interrupts and DPCs  
Memory Compression 2.19 448 K 138,924 K 2652   
csrss.exe 1.72 4,412 K 7,356 K 804 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
SpeechRuntime.exe 0.86 18,092 K 26,348 K 9288 Speech Runtime Executable Microsoft Corporation (Verified) Microsoft Windows
atieclxx.exe 0.66 2,400 K 9,552 K 2548 AMD External Events Client Module AMD (Verified) Advanced Micro Devices, Inc.
svchost.exe 0.65 11,668 K 20,508 K 3876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
Dropbox.exe 0.57 185,820 K 105,100 K 6692 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
express.exe 0.41 44,180 K 73,884 K 9976 Garmin Express Garmin Ltd. or its subsidiaries (Verified) Garmin International, Inc.
servicehost.exe 0.19 9,688 K 6,196 K 8536 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
explorer.exe 0.19 47,340 K 103,376 K 7296 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
EOS Utility.exe 0.09 25,376 K 26,460 K 4004 EOS Utility Canon INC. (Verified) Canon Inc.
uihost.exe 0.06 4,616 K 1,940 K 8948 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
QtWebEngineProcess.exe 0.03 30,752 K 40,504 K 9616 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
AGMService.exe 0.03 2,368 K 8,908 K 3604 Adobe Genuine Software Service Adobe Systems, Incorporated (Verified) Adobe Inc.
EOSUPNPSV.exe 0.03 3,544 K 9,468 K 11484 Canon EOS UPNP Detector CANON INC. (Verified) Canon Inc.
psi_tray.exe 0.03 1,360 K 6,428 K 2128 Secunia PSI Tray Secunia (Verified) Secunia
amddvr.exe 0.03 171,264 K 14,924 K 9624 AMD ReLive: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
mcapexe.exe 0.03 4,380 K 2,824 K 8736 McAfee Access Protection McAfee, LLC (Verified) McAfee, LLC.
QtWebEngineProcess.exe 0.02 41,024 K 37,888 K 11676 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
MfeAVSvc.exe 0.02 26,676 K 28,024 K 9204 McAfee Cloud AV McAfee, LLC. (Verified) McAfee, LLC.
svchost.exe 0.01 8,556 K 15,340 K 656 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ModuleCoreService.exe 0.01 28,368 K 14,720 K 3976 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
SynTPEnh.exe 0.01 7,800 K 13,624 K 6196 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
lsass.exe 0.01 7,336 K 15,056 K 940 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe 0.01 41,404 K 36,520 K 12376 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
svchost.exe < 0.01 3,660 K 15,340 K 7060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,212 K 10,424 K 7612 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 3,520 K 10,232 K 4864 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
RAVBg64.exe < 0.01 6,304 K 15,068 K 11056 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
YourPhone.exe Suspended 13,856 K 30,004 K 9564   (No signature was present in the subject)
WmiPrvSE.exe  2,568 K 9,068 K 11316 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe  1,996 K 6,592 K 3240 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  2,884 K 9,240 K 888 Windows Log-on Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,416 K 6,168 K 796 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
vidnotifier.exe  5,424 K 18,180 K 3992 Video Notifier Digital Wave Ltd (Verified) Digital Wave Ltd
unsecapp.exe  1,344 K 6,396 K 1184 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  1,424 K 6,612 K 11520 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe  13,792 K 23,732 K 7076 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe  2,196 K 5,684 K 7632 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPEnhService.exe  3,400 K 8,576 K 2160 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe  9,176 K 25,056 K 6712 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  13,012 K 22,256 K 3756 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  13,008 K 28,316 K 624 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  15,548 K 20,680 K 3828 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,408 K 16,560 K 7372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,724 K 13,852 K 3144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,900 K 11,668 K 2144 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,620 K 7,460 K 1000 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,508 K 5,668 K 1272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,964 K 13,388 K 2884 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,888 K 8,324 K 2428 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,224 K 6,908 K 12192 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,024 K 6,168 K 4432 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,260 K 6,640 K 2040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,752 K 27,416 K 6836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  16,312 K 13,376 K 1668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,632 K 19,864 K 4328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,528 K 6,948 K 1896 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,096 K 11,428 K 1332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,916 K 14,576 K 3092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,188 K 7,532 K 2900 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,748 K 6,048 K 2180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  7,820 K 25,360 K 4196 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,156 K 13,724 K 2008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,080 K 7,116 K 3360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,344 K 7,668 K 4088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,936 K 6,972 K 2556 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,900 K 9,172 K 1684 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,768 K 6,616 K 2372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,060 K 15,820 K 7804 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,484 K 9,808 K 1232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,908 K 8,568 K 2216 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,288 K 13,512 K 2172 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,040 K 9,588 K 12640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  9,448 K 14,844 K 3332 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,824 K 10,860 K 13572 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,040 K 8,432 K 2016 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,064 K 7,492 K 2304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,808 K 8,564 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,920 K 8,844 K 7176 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,964 K 15,324 K 11044 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,536 K 11,040 K 12792 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,316 K 5,596 K 2588 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,264 K 12,264 K 3724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,756 K 12,480 K 4568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,132 K 7,976 K 13188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,596 K 14,388 K 1240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,808 K 11,160 K 1348 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,080 K 11,536 K 1296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,748 K 8,304 K 4964 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,792 K 7,256 K 6232 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,720 K 7,184 K 6720 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,364 K 4,992 K 5400 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,660 K 5,504 K 4848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,340 K 5,184 K 4224 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,320 K 4,984 K 4280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,660 K 5,792 K 4180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,944 K 7,180 K 4212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,656 K 6,312 K 4240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,904 K 7,552 K 3708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,628 K 6,944 K 3520 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,756 K 6,600 K 3512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,948 K 7,252 K 2692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,864 K 7,700 K 2668 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,428 K 6,020 K 1992 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,104 K 7,972 K 1736 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,136 K 7,588 K 1584 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,004 K 7,284 K 1280 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,516 K 6,464 K 1692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  968 K 3,612 K 268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe  29,712 K 55,940 K 6800   (Verified) Microsoft Windows
spoolsv.exe  6,160 K 14,452 K 3248 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe  1,148 K 984 K 408 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
smartscreen.exe  15,764 K 28,668 K 9268 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe  6,592 K 24,108 K 6660 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
SgrmBroker.exe  3,440 K 6,112 K 13028 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SettingSyncHost.exe  5,520 K 4,856 K 11128 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe  5,528 K 8,240 K 908 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
SecurityHealthService.exe  2,920 K 11,464 K 9608 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 78,236 K 74,648 K 8684 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
SearchProtocolHost.exe  1,968 K 7,644 K 9928 Microsoft Windows Search Protocol Host Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe  29,336 K 34,364 K 8060 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
SearchFilterHost.exe  1,548 K 6,220 K 12768 Microsoft Windows Search Filter Host Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  3,768 K 17,180 K 13048 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  7,680 K 23,380 K 7816 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  7,032 K 28,036 K 10644 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  1,436 K 6,512 K 12124 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  5,848 K 22,448 K 7036 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
rundll32.exe  1,984 K 9,744 K 4816 Windows host process (Rundll32) Microsoft Corporation (Verified) Microsoft Windows
RtlS5Wake.exe  4,360 K 12,496 K 10908 Realtek WOWL Utility Realtek (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe  4,620 K 13,916 K 9072 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe  1,696 K 6,620 K 3108 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe  1,776 K 7,596 K 2996 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RemindersServer.exe Suspended 7,944 K 18,380 K 7852 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows
Registry  7,436 K 26,036 K 88   
RadeonSettings.exe  160,268 K 42,576 K 6160 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
ProtectedModuleHost.exe  5,128 K 13,908 K 5980 McAfee Protected Module Host McAfee, LLC. (Verified) McAfee, LLC.
procexp.exe  5,280 K 11,044 K 7072 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PEFService.exe  1,648 K 1,136 K 4988 McAfee PEF Service McAfee, Inc. (Verified) McAfee, LLC.
OfficeClickToRun.exe  27,372 K 40,876 K 3716 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
nlssrv32.exe  2,092 K 7,324 K 4076 This service enables products that use the Nalpeiron Licensing System  Nalpeiron Ltd. (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe  10,272 K 7,328 K 8528 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
MMSSHOST.exe  26,752 K 30,756 K 5940 McAfee Management Service Host McAfee, LLC. (Verified) McAfee, LLC.
MicrosoftEdgeSH.exe  5,600 K 16,632 K 10820 Microsoft Edge Web Platform Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  250,820 K 282,708 K 13976 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,676 K 25,700 K 10720 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,716 K 25,676 K 11156 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdge.exe  36,028 K 89,092 K 9480 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
mfevtps.exe  7,228 K 10,920 K 5956 McAfee Process Validation Service McAfee, LLC (Verified) McAfee, Inc.
mfemms.exe  3,676 K 8,008 K 3968 McAfee Management Service McAfee, LLC (Verified) McAfee, Inc.
mfefire.exe  4,608 K 10,252 K 6368 McAfee Core Firewall Service McAfee, LLC (Verified) McAfee, Inc.
mDNSResponder.exe  1,816 K 6,032 K 3636 Bonjour Service Apple Inc. (Verified) Apple Inc.
McUICnt.exe  10,252 K 6,744 K 10384 McAfee McAfee, LLC. (Verified) McAfee, LLC.
mcshield.exe  36,280 K 17,796 K 8500 McAfee Scanner service McAfee LLC. (Verified) McAfee, Inc.
McCSPServiceHost.exe  7,532 K 13,972 K 7028 McAfee CSP Service Host McAfee, LLC. (Verified) McAfee, LLC.
ijplmsvc.exe  1,712 K 7,484 K 3884 Inkjet Printer/Scanner/Fax Extended Survey Program Service  (Verified) Canon Inc.
HPWMISVC.exe  1,676 K 7,956 K 3868 HP WMI Service HP Inc. (Verified) HP Inc.
HPMSGSVC.exe  1,600 K 8,044 K 3676 HP Message Service HP Inc. (Verified) HP Inc.
GWW.exe Suspended 45,684 K 22,016 K 8300 e-Safe Compliance Client Application Guardware Ltd. (Verified) Guardware Ltd.
GWClient.exe Suspended 5,764 K 16,708 K 3852 e-Safe Compliance Client Service Guardware Ltd (Verified) Guardware Ltd.
fontdrvhost.exe  5,348 K 10,564 K 276 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe  1,576 K 2,520 K 8 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
DropboxUpdate.exe  2,132 K 3,776 K 11868 Dropbox Update Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe  2,416 K 10,144 K 11400 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe  2,016 K 7,640 K 11364 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe  5,424 K 12,188 K 10080 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  1,460 K 6,404 K 1380 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  3,188 K 9,876 K 5184 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  1,460 K 6,740 K 13824 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe  2,548 K 5,388 K 3740 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
ctfmon.exe  4,132 K 12,704 K 5420 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
csrss.exe  1,732 K 4,792 K 696 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
conhost.exe  6,516 K 5,528 K 11440 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,488 K 5,704 K 8544 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,420 K 5,388 K 3256 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
CastSrv.exe  3,732 K 8,092 K 8372 Casting protocol connection listener Microsoft Corporation (Verified) Microsoft Windows
BTDevMgr.exe  2,068 K 6,860 K 3664 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
browser_broker.exe  3,568 K 15,716 K 10192 Browser_Broker Microsoft Corporation (Verified) Microsoft Windows
autoruns.exe  21,384 K 36,248 K 14068 Autostart program viewer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
atiesrxx.exe  1,424 K 5,644 K 2280 AMD External Events Service Module AMD (Verified) Advanced Micro Devices, Inc.
armsvc.exe  1,412 K 6,368 K 3596 Adobe Acrobat Update Service Adobe Systems (Verified) Adobe Inc.
ApplicationFrameHost.exe  10,636 K 29,884 K 9500 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
app_updater.exe  6,176 K 7,860 K 3784 Digital Wave Update Service Digital Wave Ltd (Verified) Digital Wave Ltd
amdow.exe  2,144 K 7,076 K 12228 AMD ReLive: Desktop Overlay Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
AGSService.exe  2,020 K 9,152 K 3620 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Inc.

  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

Please leave the Guardian stuff unchecked.  If you look at Process Explorer log you will  note that System Idle has improved considerably going from .01 to 39+ proving that the Guardian stuff is at fault with your problem.  39+ is better than .01 but still much lower than what we expect.  Some of the remaining problems are the

svchost.exe 8.51 38,748 K 47,328 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 8.14 7,748 K 14,056 K 936 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe 7.58 211,072 K 253,748 K 13756 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows

 

the svchost.exe is probably Windows Update but I can't tell without a junk file made during the same boot as the process explorer log.  If you go to Settings, Update & Security and Check for Updates you will probably see that there are several in progress.

 

WmiPrvSE.exe may have Guardian entries that are causing problems.  If you open an Elevated Command prompt. 

win 10: http://www.howtogeek...-in-windows-10/

then type:

 

 

winmgmt /resetrepository

then hit Enter.  (You may need to tell it Y if it asks if you are sure)

 

that should clean it up. 

 

I don't have much visibility into Edge but go into Edge and disable any extensions you find.

 

https://www.intowind...-in-windows-10/

 

Also
 

Interrupts 2.38 0 K 0 K n/a Hardware Interrupts and DPCs

 

 

Interrupts should be under 1.4% and the lower the better.  High Interrupts usually mean a bad driver.  It's possible that there are still a few Guardian drivers  involved. 

 

 

Rerun Process Explorer and make a new log.  Remember to wait a full minute before making the log.

 

Are you sure we can't just remove the Guardian stuff like the malware it is?


  • 0

#9
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Hi

 

Have run the elevated command prompt okay and have disabled the Edge extensions. 

 

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
procexp64.exe 23.26 33,960 K 66,792 K 14776 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 21.90 60 K 8 K 0   
GWW.exe 14.35 47,712 K 23,320 K 7960 e-Safe Compliance Client Application Guardware Ltd. (Verified) Guardware Ltd.
MicrosoftEdgeCP.exe 13.94 422,608 K 415,056 K 5668 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
dwm.exe 5.26 120,568 K 107,736 K 1084 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
GWClient.exe 4.03 6,720 K 17,168 K 3844 e-Safe Compliance Client Service Guardware Ltd (Verified) Guardware Ltd.
Interrupts 3.28 0 K 0 K n/a Hardware Interrupts and DPCs  
audiodg.exe 3.10 117,188 K 25,888 K 2960 Windows Audio Device Graph Isolation  Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 2.68 4,260 K 5,172 K 816 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
System 2.22 200 K 1,080 K 4   
atieclxx.exe 1.28 2,440 K 9,720 K 2544 AMD External Events Client Module AMD (Verified) Advanced Micro Devices, Inc.
SpeechRuntime.exe 1.06 18,124 K 26,648 K 9112 Speech Runtime Executable Microsoft Corporation (Verified) Microsoft Windows
Dropbox.exe 0.59 189,428 K 112,032 K 10296 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
express.exe 0.56 43,940 K 57,532 K 7824 Garmin Express Garmin Ltd. or its subsidiaries (Verified) Garmin International, Inc.
SgrmBroker.exe 0.32 4,040 K 6,492 K 8288 System Guard Runtime Monitor Broker Service Microsoft Corporation (Verified) Microsoft Windows Publisher
MfeAVSvc.exe 0.29 35,604 K 41,024 K 7900 McAfee Cloud AV McAfee, LLC. (Verified) McAfee, LLC.
MicrosoftEdgeCP.exe 0.28 199,824 K 263,448 K 2680 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
mcapexe.exe 0.23 3,436 K 2,740 K 9152 McAfee Access Protection McAfee, LLC (Verified) McAfee, LLC.
explorer.exe 0.21 50,012 K 110,420 K 7428 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
servicehost.exe 0.19 10,556 K 17,480 K 8932 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
SearchIndexer.exe 0.17 33,892 K 44,380 K 8072 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.16 2,096 K 7,296 K 3396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
MicrosoftEdgeCP.exe 0.15 95,536 K 149,916 K 12824 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.09 14,412 K 14,968 K 1360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AGMService.exe 0.08 2,388 K 9,480 K 3916 Adobe Genuine Software Service Adobe Systems, Incorporated (Verified) Adobe Inc.
EOS Utility.exe 0.06 25,376 K 27,252 K 2224 EOS Utility Canon INC. (Verified) Canon Inc.
amddvr.exe 0.04 171,460 K 9,608 K 10392 AMD ReLive: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
MMSSHOST.exe 0.03 27,716 K 36,256 K 5224 McAfee Management Service Host McAfee, LLC. (Verified) McAfee, LLC.
EOSUPNPSV.exe 0.03 3,712 K 9,824 K 6388 Canon EOS UPNP Detector CANON INC. (Verified) Canon Inc.
uihost.exe 0.03 4,824 K 5,200 K 10032 McAfee WebAdvisor McAfee, Inc. (Verified) McAfee, LLC
QtWebEngineProcess.exe 0.02 35,744 K 50,732 K 9456 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
ijplmsvc.exe 0.02 5,844 K 8,208 K 3820 Inkjet Printer/Scanner/Fax Extended Survey Program Service  (Verified) Canon Inc.
ModuleCoreService.exe 0.02 36,380 K 36,468 K 3796 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
psi_tray.exe 0.02 1,360 K 6,456 K 9960 Secunia PSI Tray Secunia (Verified) Secunia
QtWebEngineProcess.exe 0.02 37,636 K 54,268 K 1468 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
SynTPEnh.exe 0.01 7,748 K 13,876 K 6988 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
spoolsv.exe 0.01 6,228 K 13,320 K 3244 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
Memory Compression 0.01 568 K 41,096 K 2628   
svchost.exe 0.01 13,636 K 30,344 K 536 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
MicrosoftEdge.exe 0.01 48,396 K 114,052 K 8612 Microsoft Edge Microsoft Corporation (Verified) Microsoft Corporation
RAVBg64.exe < 0.01 6,312 K 15,068 K 1344 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
svchost.exe < 0.01 9,820 K 25,532 K 6924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 47,128 K 50,176 K 2564 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
RadeonSettings.exe < 0.01 159,992 K 19,812 K 6604 Radeon Settings: Host Application Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
svchost.exe < 0.01 3,564 K 10,672 K 4924 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
YourPhone.exe Suspended 16,192 K 29,840 K 9184   (No signature was present in the subject)
WmiPrvSE.exe  6,392 K 12,720 K 11676 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
wlanext.exe  1,996 K 6,720 K 3208 Windows Wireless LAN 802.11 Extensibility Framework Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe  2,952 K 9,532 K 952 Windows Log-on Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe  1,360 K 5,976 K 800 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows Publisher
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe  12,212 K 42,220 K 6004 WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe Microsoft Corporation (Verified) Microsoft Windows
vidnotifier.exe  5,604 K 19,056 K 10356 Video Notifier Digital Wave Ltd (Verified) Digital Wave Ltd
usocoreworker.exe  19,264 K 35,424 K 380 USO Core Worker Process Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  1,388 K 6,668 K 5184 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe  1,440 K 6,912 K 8144 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
taskhostw.exe  10,656 K 20,852 K 7080 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe  2,196 K 5,712 K 7836 Synaptics Pointing Device Helper Synaptics Incorporated (Verified) Synaptics Incorporated
SynTPEnhService.exe  3,388 K 8,528 K 2240 64-bit Synaptics Pointing Enhance Service Synaptics Incorporated (Verified) Synaptics Incorporated
svchost.exe  2,256 K 6,952 K 7968 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,240 K 6,732 K 1856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  15,128 K 26,520 K 3852 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  8,796 K 15,828 K 700 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,856 K 21,528 K 7928 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,616 K 13,368 K 3876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,284 K 7,800 K 2248 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,876 K 13,436 K 2856 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,660 K 5,744 K 1296 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,052 K 16,388 K 7580 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,752 K 13,320 K 3140 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,928 K 15,080 K 3084 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,456 K 14,948 K 1304 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,664 K 7,880 K 996 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,768 K 11,992 K 2064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,672 K 14,912 K 7152 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  17,020 K 30,124 K 14592 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  5,248 K 9,960 K 7540 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  37,392 K 45,132 K 3836 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,988 K 5,984 K 4628 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,060 K 7,320 K 2552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  7,128 K 15,012 K 2024 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,332 K 7,912 K 4004 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,328 K 7,640 K 3040 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,932 K 24,400 K 1376 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  9,316 K 16,788 K 644 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,740 K 14,904 K 2208 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,668 K 20,048 K 3724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,040 K 11,660 K 1568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,884 K 9,848 K 1824 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,872 K 8,920 K 7372 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,800 K 9,168 K 1328 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,812 K 7,012 K 6576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,716 K 7,184 K 6932 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,592 K 27,444 K 6960 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  6,532 K 8,416 K 1632 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,188 K 8,704 K 2436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  9,140 K 14,640 K 3368 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,884 K 8,972 K 2344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,544 K 10,092 K 1288 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,844 K 6,268 K 2156 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  4,300 K 20,124 K 8808 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  3,716 K 8,352 K 5344 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,344 K 5,632 K 2576 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,388 K 4,856 K 3704 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,328 K 5,032 K 4768 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,924 K 7,532 K 3892 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,732 K 6,756 K 3732 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,324 K 5,256 K 3740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,948 K 6,768 K 3772 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,648 K 5,644 K 3748 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,688 K 6,728 K 3500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,800 K 6,552 K 3512 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,964 K 7,032 K 2716 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,920 K 8,048 K 2664 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,832 K 7,768 K 2268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,092 K 8,596 K 1880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,028 K 8,072 K 1972 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,440 K 6,004 K 1952 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,868 K 10,380 K 1320 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,492 K 6,480 K 1752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,140 K 6,940 K 1688 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,900 K 7,048 K 1312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,780 K 11,184 K 1396 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  968 K 3,644 K 276 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,532 K 5,844 K 9848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,984 K 9,636 K 12064 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  7,784 K 25,024 K 3484 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,760 K 10,996 K 6500 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,512 K 10,604 K 12640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  2,540 K 9,020 K 12760 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe  1,804 K 7,144 K 1180 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe  29,856 K 47,260 K 1212   (Verified) Microsoft Windows
smss.exe  1,144 K 876 K 408 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows Publisher
smartscreen.exe  18,064 K 29,328 K 14212 Windows Defender SmartScreen Microsoft Corporation (Verified) Microsoft Windows
sihost.exe  7,328 K 27,128 K 6864 Shell Infrastructure Host Microsoft Corporation (Verified) Microsoft Windows
SettingSyncHost.exe  7,144 K 4,876 K 4544 Host Process for Setting Synchronization Microsoft Corporation (Verified) Microsoft Windows
services.exe  5,584 K 8,260 K 868 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows Publisher
SecurityHealthService.exe  3,692 K 14,600 K 308 Windows Security Health Service Microsoft Corporation (Verified) Microsoft Windows Publisher
SearchUI.exe Suspended 78,148 K 76,184 K 8152 Search and Cortana application Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  9,132 K 29,636 K 8480 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  5,968 K 23,724 K 7740 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  14,436 K 42,536 K 2452 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  1,712 K 7,840 K 11788 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  3,840 K 17,844 K 13596 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RuntimeBroker.exe  4,864 K 27,780 K 13692 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtlS5Wake.exe  4,092 K 10,640 K 9608 Realtek WOWL Utility Realtek (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe  4,560 K 13,724 K 9972 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe  1,688 K 6,888 K 3756 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe  1,740 K 7,584 K 2980 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp.
RemindersServer.exe Suspended 7,812 K 19,660 K 8660 Reminders WinRT OOP Server Microsoft Corporation (Verified) Microsoft Windows
Registry  8,704 K 30,040 K 88   
QtWebEngineProcess.exe  41,324 K 37,076 K 7956 Qt Qtwebengineprocess The Qt Company Ltd. (Verified) Dropbox, Inc
ProtectedModuleHost.exe  4,104 K 13,100 K 5392 McAfee Protected Module Host McAfee, LLC. (Verified) McAfee, LLC.
procexp.exe  5,324 K 11,024 K 14840 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PEFService.exe  1,652 K 1,380 K 3780 McAfee PEF Service McAfee, Inc. (Verified) McAfee, LLC.
OfficeClickToRun.exe  29,412 K 37,196 K 3884 Microsoft Office Click-to-Run (SxS) Microsoft Corporation (Verified) Microsoft Corporation
nlssrv32.exe  2,092 K 7,204 K 3764 This service enables products that use the Nalpeiron Licensing System  Nalpeiron Ltd. (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe  9,820 K 13,432 K 8924 McAfee Module Core Service McAfee, LLC. (Verified) McAfee, LLC
MicrosoftEdgeSH.exe  6,556 K 16,316 K 3092 Microsoft Edge Web Platform Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  35,448 K 36,224 K 5144 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,736 K 25,580 K 4420 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
MicrosoftEdgeCP.exe  5,792 K 26,584 K 14664 Microsoft Edge Content Process Microsoft Corporation (Verified) Microsoft Windows
mfevtps.exe  6,988 K 12,096 K 5324 McAfee Process Validation Service McAfee, LLC (Verified) McAfee, Inc.
mfemms.exe  3,088 K 7,776 K 3804 McAfee Management Service McAfee, LLC (Verified) McAfee, Inc.
mfefire.exe  3,872 K 10,364 K 5984 McAfee Core Firewall Service McAfee, LLC (Verified) McAfee, Inc.
mDNSResponder.exe  1,824 K 5,944 K 3900 Bonjour Service Apple Inc. (Verified) Apple Inc.
McUICnt.exe  13,820 K 42,644 K 13548 McAfee McAfee, LLC. (Verified) McAfee, LLC.
McSmtFwk.exe  2,732 K 10,764 K 3380 McAfee Trusted Advisor Framework Exe McAfee, LLC. (Verified) McAfee, LLC.
mcshield.exe  38,796 K 35,232 K 1280 McAfee Scanner service McAfee LLC. (Verified) McAfee, Inc.
McCSPServiceHost.exe  7,524 K 16,660 K 8260 McAfee CSP Service Host McAfee, LLC. (Verified) McAfee, LLC.
lsass.exe  8,576 K 17,208 K 876 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
HxTsr.exe Suspended 14,908 K 37,816 K 13940 Microsoft Outlook Communications Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
HxOutlook.exe Suspended 89,300 K 96,272 K 14180 Microsoft Outlook Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe  1,560 K 7,976 K 7092 HP WMI Service HP Inc. (Verified) HP Inc.
HPMSGSVC.exe  1,672 K 8,216 K 9752 HP Message Service HP Inc. (Verified) HP Inc.
fontdrvhost.exe  4,444 K 9,288 K 508 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
fontdrvhost.exe  1,576 K 2,900 K 8 Usermode Font Driver Host Microsoft Corporation (Verified) Microsoft Windows
DropboxUpdate.exe  2,092 K 3,856 K 10468 Dropbox Update Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe  2,436 K 10,040 K 5352 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
Dropbox.exe  1,956 K 7,476 K 2976 Dropbox Dropbox, Inc. (Verified) Dropbox, Inc
dllhost.exe  4,152 K 11,808 K 10216 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  1,476 K 6,460 K 7100 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  3,056 K 9,660 K 6492 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  1,776 K 8,300 K 15020 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
dllhost.exe  1,476 K 6,616 K 7492 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows
DbxSvc.exe  2,544 K 5,416 K 3868 Dropbox Service Dropbox, Inc. (Verified) Dropbox, Inc
ctfmon.exe  4,764 K 14,300 K 6880 CTF Loader Microsoft Corporation (Verified) Microsoft Windows
csrss.exe  1,732 K 4,752 K 696 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows Publisher
conhost.exe  6,500 K 5,948 K 10228 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,496 K 5,940 K 8944 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
conhost.exe  6,420 K 5,652 K 3236 Console Window Host Microsoft Corporation (Verified) Microsoft Windows
CastSrv.exe  3,080 K 4,716 K 8952 Casting protocol connection listener Microsoft Corporation (Verified) Microsoft Windows
BTDevMgr.exe  2,108 K 7,084 K 3908 Realtek Bluetooth BTDevManager Service Application Realtek Semiconductor Corp. (Verified) Microsoft Windows Hardware Compatibility Publisher
browser_broker.exe  7,708 K 30,524 K 10092 Browser_Broker Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe  1,428 K 5,620 K 2356 AMD External Events Service Module AMD (Verified) Advanced Micro Devices, Inc.
armsvc.exe  1,404 K 6,220 K 3936 Adobe Acrobat Update Service Adobe Systems (Verified) Adobe Inc.
ApplicationFrameHost.exe  18,244 K 36,616 K 8620 Application Frame Host Microsoft Corporation (Verified) Microsoft Windows
app_updater.exe  6,180 K 8,328 K 3860 Digital Wave Update Service Digital Wave Ltd (Verified) Digital Wave Ltd
amdow.exe  2,112 K 6,936 K 11396 AMD ReLive: Desktop Overlay Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
AGSService.exe  3,336 K 14,952 K 3924 Adobe Genuine Software Integrity Service Adobe Systems, Incorporated (Verified) Adobe Inc.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

Looks like you have rechecked the Guardware stuff but at least WMI is no longer part of the problem.

 

Can you go back to whoever is in charge of this Guardware stuff and ask them to reload it or something? 

 

Let's try Latency Monitor:

Go to

http://www.resplendence.com/downloads

Scroll down to

System Monitoring Tools

and then find

LatencyMon 6.70 (or it may be a higher number if they update)

Click on Download free home edition

Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it.

Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.

 

then go to the Processes tab, click on the Hard Pagefault column header once or twice to sort processes with the most pagefaults at the top

and make a screenshot of the page?  Save it as a .jpg or the forum won't let you attach it.

 

Now go to the Drivers page and click on DPC Count column header once or twice to bring the drivers with the most DPC Counts to the top then make a screenshot.

 

Easiest way to make a screenshot in Win 10 is to click on the dialog icon to the right of the clock.  Click on Screen Snip.  Hold down the mouse button and Draw a box around what you want to copy.  When you let go

of the mouse you will see a notification that it has been copied to the clipboard.  Click on the notification and then look at the top right and you will see a little icon of a floppy disc.  That's the save button.  Click on it and save the file to your desktop and make sure it saves it as a .jpg.  Name doesn't matter as long as you know what it is.

 

First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.

 


  • 0

Advertisements


#11
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts
Hi
I'll ask about reinstalling the Guardware stuff in the new year if you think that will make a difference Annotation 2019-12-27 171257.jpg  Annotation 2019-12-27 171257_2.jpg
 
_______________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:36  (h:mm:ss) on all processors.

_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        RS-140429774-01
OS version:                                           Windows 10 , 10.0, version 1903, build: 18362 (x64)
Hardware:                                             HP Laptop 15-db0xxx, HP, 84AC
CPU:                                                  AuthenticAMD AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G
Logical processors:                                   2
Processor groups:                                     1
RAM:                                                  3981 MB total

_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed:                                   2595 MHz
Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.
WARNING: the CPU speed that was measured is only a fraction of the CPU speed reported. Your CPUs may be throttled back due to variable speed settings and thermal issues. It is suggested that you run a utility which reports your actual CPU frequency and temperature.
 
_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.
Highest measured interrupt to process latency (µs):   35275.50
Average measured interrupt to process latency (µs):   21.001585
Highest measured interrupt to DPC latency (µs):       641.0
Average measured interrupt to DPC latency (µs):       3.386094

_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.
Highest ISR routine execution time (µs):              100.038150
Driver with highest ISR routine execution time:       HDAudBus.sys - High Definition Audio Bus Driver, Microsoft Corporation
Highest reported total ISR routine time (%):          0.045009
Driver with highest ISR total time:                   HDAudBus.sys - High Definition Audio Bus Driver, Microsoft Corporation
Total time spent in ISRs (%)                          0.064117
ISR count (execution time <250 µs):                   4403
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-999 µs):                0
ISR count (execution time 1000-1999 µs):              0
ISR count (execution time 2000-3999 µs):              0
ISR count (execution time >=4000 µs):                 0

_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.
Highest DPC routine execution time (µs):              648.359923
Driver with highest DPC routine execution time:       ntoskrnl.exe - NT Kernel & System, Microsoft Corporation
Highest reported total DPC routine time (%):          0.154872
Driver with highest DPC total execution time:         dxgkrnl.sys - DirectX Graphics Kernel, Microsoft Corporation
Total time spent in DPCs (%)                          0.590337
DPC count (execution time <250 µs):                   37208
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-999 µs):                68
DPC count (execution time 1000-1999 µs):              0
DPC count (execution time 2000-3999 µs):              0
DPC count (execution time >=4000 µs):                 0

_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.
NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.
Process with highest pagefault count:                 gwclient.exe
Total number of hard pagefaults                       82
Hard pagefault count of hardest hit process:          19
Number of processes hit:                              15

_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       1.159925
CPU 0 ISR highest execution time (µs):                100.038150
CPU 0 ISR total execution time (s):                   0.043209
CPU 0 ISR count:                                      4095
CPU 0 DPC highest execution time (µs):                648.359923
CPU 0 DPC total execution time (s):                   0.363289
CPU 0 DPC count:                                      34657
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.249144
CPU 1 ISR highest execution time (µs):                39.427746
CPU 1 ISR total execution time (s):                   0.003056
CPU 1 ISR count:                                      308
CPU 1 DPC highest execution time (µs):                393.353757
CPU 1 DPC total execution time (s):                   0.062674
CPU 1 DPC count:                                      2619
_________________________________________________________________________________________________________

  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

Definitely try to get Guardware reinstalled.  Hopefully with the latest version.

 

Do you have anything connected to the PC via USB?  (Other than keyboard or mouse)  Disconnect it and rerun Latency Monitor.

 

What is the make and model of your PC?  Serial number if HP.


  • 0

#13
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Hi

I only have my wireless mouse plugged into a USB socket.

 

I have an HP laptop.  System model 15- db0xxx. Serial number I assume is what is shown in sys info as System SKU, 4BA42EA#ABU

If that's not right let me know

 

I'll speak to the people about reinstalling Guardware in the New Year


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 22,272 posts
  • MVP

There is a new BIOS out for your PC.  Probably would not hurt to get it:

 

https://support.hp.c.../model/22757794

 

I would also get the latest driver for your Realtek RTL8723DE 802.11b/g/n PCIe Adapter wireless.  Realtek had a lot of problems with Win 10 but the latest driver should be pretty decent.

 

 

Sometimes it helps to shut up win 10:

Download OOSU10.exe:

https://www.oo-softw...com/en/shutup10

Download and Save it (You will get a popup while it's downloading.  You can X out of it)
then Right click and Run As Admin.
Allow it to make a System Restore Point.
Click on Actions then on Apply Recommended Settings.

Close the program and reboot.

After each major update it's wise to rerun the program and Revert the changes.

 

 

I'd like for you to try a different browser.  Let's try Firefox which is what I use:

 

https://www.mozilla....US/firefox/new/

 

then get the ublock origin add-on

 

https://addons.mozil.../ublock-origin/

 

Close EDGE, open Firefox (you do not have to setup an account.  That's just so you can use Firefox on multiple PCs)  and go to this post in Geekstogo.

 

Then run process explorer and make a new log and post it.  Remember to wait one minute before making the log.


  • 0

#15
BobScott49

BobScott49

    Member

  • Topic Starter
  • Member
  • PipPip
  • 61 posts

Hi

 

I have installed the new BIOS

 

This is the Realtek driver I installed:

Is this the correct one?

 

I have run Shutup10

 

I used to use Firefox and so have it installed.  I stopped using it because I kept getting Google popups telling me to use Google Chrome everytime I used Google search.  However I have now made it my default browser.

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    22.93    60 K    8 K    0            
WmiPrvSE.exe    14.84    8,424 K    16,472 K    4032    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
procexp64.exe    9.90    34,008 K    68,180 K    7416    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
CompatTelRunner.exe    9.73    56,872 K    13,440 K    7476    Microsoft Compatibility Telemetry    Microsoft Corporation    (Verified) Microsoft Windows
GWClient.exe    4.65    5,696 K    16,836 K    3824    e-Safe Compliance Client Service    Guardware Ltd    (Verified) Guardware Ltd.
audiodg.exe    3.19    113,212 K    24,088 K    2984    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
dwm.exe    2.72    88,612 K    87,808 K    1088    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
MfeAVSvc.exe    2.25    29,444 K    56,284 K    13632    McAfee Cloud AV    McAfee, LLC.    (Verified) McAfee, LLC.
Interrupts    1.56    0 K    0 K    n/a    Hardware Interrupts and DPCs        
System    1.16    200 K    800 K    4            
firefox.exe    1.17    186,304 K    271,968 K    11452    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
SpeechRuntime.exe    0.89    18,256 K    19,188 K    8004    Speech Runtime Executable    Microsoft Corporation    (Verified) Microsoft Windows
mfevtps.exe    0.76    5,976 K    11,836 K    7240    McAfee Process Validation Service    McAfee, LLC    (Verified) McAfee, Inc.
firefox.exe    0.75    181,824 K    234,384 K    10944    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    0.57    12,072 K    21,116 K    3928    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
Dropbox.exe    0.56    186,384 K    180,964 K    5336    Dropbox    Dropbox, Inc.    (Verified) Dropbox, Inc
express.exe    0.41    44,292 K    74,560 K    6512    Garmin Express    Garmin Ltd. or its subsidiaries    (Verified) Garmin International, Inc.
csrss.exe    0.32    2,556 K    5,072 K    820    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
services.exe    0.32    5,512 K    9,324 K    940    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ijplmsvc.exe    0.19    5,784 K    8,112 K    3872    Inkjet Printer/Scanner/Fax Extended Survey Program Service        (Verified) Canon Inc.
lsass.exe    0.19    7,160 K    14,956 K    952    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    0.18    47,032 K    81,732 K    6476    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
amddvr.exe    0.17    171,668 K    16,220 K    3672    AMD ReLive: Host Application    Advanced Micro Devices, Inc.    (Verified) Advanced Micro Devices, Inc.
svchost.exe    0.16    39,440 K    48,304 K    2568    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
servicehost.exe    0.14    9,288 K    18,792 K    9936    McAfee WebAdvisor    McAfee, Inc.    (Verified) McAfee, LLC
mcapexe.exe    0.10    4,348 K    12,312 K    2380    McAfee Access Protection    McAfee, LLC    (Verified) McAfee, LLC.
EOS Utility.exe    0.06    25,900 K    23,956 K    2404    EOS Utility    Canon INC.    (Verified) Canon Inc.
GWW.exe    0.05    49,064 K    46,912 K    9648    e-Safe Compliance Client Application    Guardware Ltd.    (Verified) Guardware Ltd.
app_updater.exe    0.05    6,160 K    8,084 K    3800    Digital Wave Update Service    Digital Wave Ltd    (Verified) Digital Wave Ltd
csrss.exe    0.05    1,768 K    4,916 K    708    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe    0.04    6,276 K    14,736 K    3276    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.03    11,788 K    18,552 K    3744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
uihost.exe    0.03    5,188 K    10,872 K    9232    McAfee WebAdvisor    McAfee, Inc.    (Verified) McAfee, LLC
conhost.exe    0.03    6,664 K    1,144 K    5408    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
EOSUPNPSV.exe    0.03    3,640 K    9,628 K    524    Canon EOS UPNP Detector    CANON INC.    (Verified) Canon Inc.
QtWebEngineProcess.exe    0.02    42,912 K    37,952 K    11832    Qt Qtwebengineprocess    The Qt Company Ltd.    (Verified) Dropbox, Inc
MMSSHOST.exe    0.02    27,072 K    59,176 K    6384    McAfee Management Service Host    McAfee, LLC.    (Verified) McAfee, LLC.
psi_tray.exe    0.02    1,360 K    6,472 K    5412    Secunia PSI Tray    Secunia    (Verified) Secunia
svchost.exe    0.02    3,212 K    7,588 K    2344    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
AGMService.exe    0.02    2,372 K    9,052 K    3620    Adobe Genuine Software Service    Adobe Systems, Incorporated    (Verified) Adobe Inc.
QtWebEngineProcess.exe    0.02    29,272 K    48,152 K    11896    Qt Qtwebengineprocess    The Qt Company Ltd.    (Verified) Dropbox, Inc
svchost.exe    0.01    2,328 K    6,504 K    1896    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    7,708 K    15,084 K    808    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.01    12,624 K    28,556 K    576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
firefox.exe    0.01    76,816 K    102,328 K    11128    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
ModuleCoreService.exe    0.01    32,304 K    54,692 K    4016    McAfee Module Core Service    McAfee, LLC.    (Verified) McAfee, LLC
firefox.exe    0.01    82,752 K    121,756 K    5064    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
mfefire.exe    0.01    4,540 K    11,516 K    9188    McAfee Core Firewall Service    McAfee, LLC    (Verified) McAfee, Inc.
RuntimeBroker.exe    0.01    4,328 K    24,840 K    12352    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe    0.01    28,968 K    34,020 K    2012    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SynTPEnh.exe    < 0.01    7,780 K    14,124 K    6848    Synaptics TouchPad 64-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
Memory Compression    < 0.01    520 K    64,208 K    2648            
svchost.exe    < 0.01    2,016 K    6,140 K    4348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RAVBg64.exe    < 0.01    6,324 K    15,188 K    5264    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
svchost.exe    < 0.01    3,604 K    10,540 K    4848    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
YourPhone.exe    Suspended    13,868 K    25,244 K    6240            (No signature was present in the subject)
WmiPrvSE.exe        3,404 K    9,240 K    8480    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
wlanext.exe        2,016 K    6,776 K    3240    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        2,892 K    9,348 K    904    Windows Log-on Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,508 K    6,200 K    812    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe        15,628 K    43,980 K    14316    WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe    Microsoft Corporation    (Verified) Microsoft Windows
vidnotifier.exe        5,180 K    12,536 K    8052    Video Notifier    Digital Wave Ltd    (Verified) Digital Wave Ltd
unsecapp.exe        1,396 K    6,624 K    9100    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
unsecapp.exe        1,360 K    6,460 K    6244    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        5,956 K    14,336 K    5128    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SynTPHelper.exe        2,228 K    5,820 K    8940    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPEnhService.exe        3,448 K    8,980 K    2204    64-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        2,044 K    7,064 K    3384    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,224 K    7,052 K    4536    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,512 K    20,788 K    3816    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,832 K    12,756 K    2148    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,160 K    16,464 K    6632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,748 K    13,912 K    3188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,880 K    14,920 K    3104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        17,588 K    14,884 K    1604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,600 K    11,172 K    2068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    7,308 K    3064    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,120 K    14,132 K    2004    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,332 K    7,756 K    4008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,040 K    13,404 K    2876    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,616 K    7,960 K    544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,468 K    5,632 K    1256    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,468 K    14,224 K    1484    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,500 K    21,548 K    6732    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,268 K    10,428 K    6208    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,408 K    18,688 K    12068    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,216 K    8,132 K    10364    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,388 K    13,888 K    6404    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,096 K    8,248 K    1248    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,332 K    5,616 K    2592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,116 K    10,492 K    8684    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,936 K    7,008 K    1772    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,180 K    22,168 K    1180    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,764 K    11,640 K    11988    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,864 K    8,320 K    2476    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,848 K    9,364 K    1272    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,468 K    23,852 K    6112    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,764 K    9,292 K    1836    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,656 K    19,200 K    4340    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,984 K    11,548 K    1452    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,476 K    9,848 K    1340    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,528 K    8,144 K    2264    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,908 K    8,972 K    7060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,840 K    6,012 K    2196    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,088 K    7,276 K    2560    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,592 K    13,544 K    6072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,064 K    12,116 K    5544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,028 K    11,756 K    5548    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,964 K    11,136 K    1280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,992 K    7,440 K    2304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,828 K    8,560 K    5228    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        9,316 K    17,076 K    3348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,844 K    12,748 K    4428    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,024 K    8,180 K    2700    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,812 K    11,132 K    1580    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,784 K    11,372 K    13884    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,736 K    5,544 K    5008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,248 K    15,592 K    1300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,844 K    7,636 K    6080    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,780 K    7,268 K    6152    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,384 K    5,012 K    5236    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,632 K    5,856 K    4112    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,960 K    7,200 K    4240    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,288 K    5,364 K    4292    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,332 K    5,020 K    4564    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,656 K    6,224 K    4300    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,632 K    6,944 K    3540    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,780 K    6,608 K    3552    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,004 K    7,984 K    3704    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,828 K    6,932 K    9624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,924 K    7,296 K    2720    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,420 K    6,024 K    1952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,020 K    8,000 K    1616    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,892 K    7,176 K    1264    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    7,596 K    1648    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,504 K    6,520 K    1704    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        948 K    3,704 K    272    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe        26,740 K    34,224 K    7340            (Verified) Microsoft Windows
smss.exe        1,152 K    980 K    400    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smartscreen.exe        7,944 K    22,236 K    12848    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
sihost.exe        6,068 K    24,184 K    6016    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        3,016 K    5,812 K    7044    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthService.exe        3,252 K    13,396 K    10472    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    77,352 K    36,404 K    636    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,900 K    25,212 K    7960    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        6,020 K    23,612 K    7504    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        5,024 K    19,772 K    12108    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,560 K    6,572 K    6972    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RtlS5Wake.exe        4,180 K    11,076 K    7948    Realtek WOWL Utility    Realtek    (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe        4,628 K    14,136 K    6604    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe        1,688 K    7,132 K    4220    Realtek Bluetooth BTDevManager Service Application    Realtek Semiconductor Corp.    (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe        1,768 K    7,784 K    2956    Realtek Audio Service    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
RemindersServer.exe    Suspended    7,204 K    18,812 K    7248    Reminders WinRT OOP Server    Microsoft Corporation    (Verified) Microsoft Windows
Registry        10,884 K    28,288 K    88            
RadeonSettings.exe        161,956 K    66,056 K    628    Radeon Settings: Host Application    Advanced Micro Devices, Inc.    (Verified) Advanced Micro Devices, Inc.
QtWebEngineProcess.exe        41,076 K    50,684 K    3120    Qt Qtwebengineprocess    The Qt Company Ltd.    (Verified) Dropbox, Inc
ProtectedModuleHost.exe        5,236 K    16,448 K    9248    McAfee Protected Module Host    McAfee, LLC.    (Verified) McAfee, LLC.
procexp.exe        5,240 K    11,012 K    12844    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
PEFService.exe        1,672 K    7,244 K    3476    McAfee PEF Service    McAfee, Inc.    (Verified) McAfee, LLC.
OfficeClickToRun.exe        27,220 K    41,460 K    3728    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
nlssrv32.exe        2,088 K    7,400 K    4088    This service enables products that use the Nalpeiron Licensing System     Nalpeiron Ltd.    (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe        13,480 K    32,356 K    10064    McAfee Module Core Service    McAfee, LLC.    (Verified) McAfee, LLC
mfemms.exe        4,208 K    10,616 K    9884    McAfee Management Service    McAfee, LLC    (Verified) McAfee, Inc.
mDNSResponder.exe        1,868 K    6,208 K    3660    Bonjour Service    Apple Inc.    (Verified) Apple Inc.
McUICnt.exe        13,568 K    41,640 K    14168    McAfee    McAfee, LLC.    (Verified) McAfee, LLC.
McSmtFwk.exe        3,676 K    11,784 K    14124    McAfee Trusted Advisor Framework Exe    McAfee, LLC.    (Verified) McAfee, LLC.
mcshield.exe        48,832 K    17,960 K    6668    McAfee Scanner service    McAfee LLC.    (Verified) McAfee, Inc.
McCSPServiceHost.exe        7,512 K    21,924 K    9272    McAfee CSP Service Host    McAfee, LLC.    (Verified) McAfee, LLC.
HxTsr.exe    Suspended    10,028 K    34,468 K    11048    Microsoft Outlook Communications    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
HxOutlook.exe    Suspended    80,612 K    84,464 K    11368    Microsoft Outlook    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe        1,776 K    8,404 K    12668    HP WMI Service    HP Inc.    (Verified) HP Inc.
HPMSGSVC.exe        1,672 K    8,228 K    7920    HP Message Service    HP Inc.    (Verified) HP Inc.
GoogleUpdate.exe        2,348 K    816 K    6372    Google Installer    Google Inc.    (Verified) Google Inc
fontdrvhost.exe        1,564 K    2,808 K    496    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        4,808 K    11,720 K    512    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
firefox.exe        58,892 K    99,592 K    12644    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        64,280 K    107,408 K    13284    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        39,380 K    47,504 K    8964    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
firefox.exe        37,620 K    78,460 K    11240    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
DropboxUpdate.exe        2,216 K    3,716 K    3376    Dropbox Update    Dropbox, Inc.    (Verified) Dropbox, Inc
Dropbox.exe        2,908 K    10,360 K    6688    Dropbox    Dropbox, Inc.    (Verified) Dropbox, Inc
Dropbox.exe        2,028 K    7,720 K    8572    Dropbox    Dropbox, Inc.    (Verified) Dropbox, Inc
dllhost.exe        1,452 K    6,724 K    5540    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        1,504 K    6,444 K    9088    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        3,080 K    9,784 K    6504    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
DbxSvc.exe        2,540 K    5,552 K    3776    Dropbox Service    Dropbox, Inc.    (Verified) Dropbox, Inc
ctfmon.exe        4,076 K    13,160 K    6292    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,484 K    5,948 K    3124    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,408 K    5,836 K    3268    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        6,484 K    5,964 K    1796    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
CompPkgSrv.exe        1,668 K    8,444 K    11332    Component Package Support Server    Microsoft Corporation    (Verified) Microsoft Windows
CompatTelRunner.exe        1,084 K    540 K    5372    Microsoft Compatibility Telemetry    Microsoft Corporation    (Verified) Microsoft Windows
CastSrv.exe        3,788 K    9,108 K    7220    Casting protocol connection listener    Microsoft Corporation    (Verified) Microsoft Windows
BTDevMgr.exe        2,064 K    7,296 K    3688    Realtek Bluetooth BTDevManager Service Application    Realtek Semiconductor Corp.    (Verified) Microsoft Windows Hardware Compatibility Publisher
backgroundTaskHost.exe    Suspended    4,860 K    17,928 K    5744    Background Task Host    Microsoft Corporation    (Verified) Microsoft Windows
atiesrxx.exe        1,392 K    5,748 K    2284    AMD External Events Service Module    AMD    (Verified) Advanced Micro Devices, Inc.
atieclxx.exe        2,560 K    10,132 K    2552    AMD External Events Client Module    AMD    (Verified) Advanced Micro Devices, Inc.
armsvc.exe        1,392 K    6,428 K    3628    Adobe Acrobat Update Service    Adobe Systems    (Verified) Adobe Inc.
ApplicationFrameHost.exe        8,256 K    28,956 K    6340    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows
amdow.exe        2,160 K    7,280 K    9208    AMD ReLive: Desktop Overlay    Advanced Micro Devices, Inc.    (Verified) Advanced Micro Devices, Inc.
AGSService.exe        2,036 K    9,408 K    3640    Adobe Genuine Software Integrity Service    Adobe Systems, Incorporated    (Verified) Adobe Inc.


 


  • 0






Similar Topics

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP