Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Problems uninstalling program

Started by peter plus , Aug 27 2020 04:02 AM

  • Please log in to reply

#1
peter plus
Posted 27 August 2020 - 04:02 AM

peter plus

    Member

  • Member
  • PipPipPip
  • 278 posts

I have an HP Pavilion laptop which has a firmware fault which means it will not charge whilst switched on.

It will charge the battery when switched off so will run on battery only.

 

I can't really use this as my main computer anymore. I have been using it to download torrents however.

Today uTorrent would not open I looked online for suggestions. Suggested uninstall and reinstall which I tried to do.

 

Clivked uninstall in apps. Got a not responding in the header. The uTorrent icon is still on the desktop but no sign of the program.

However when I tried to reinstall it said a previous version still on computer.

 

Any suggestions? Thanks

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-08-2020
Ran by HP (administrator) on LAPTOP-FCQT1SKQ (HP HP Pavilion Notebook) (27-08-2020 10:49:50)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP
Platform: Windows 10 Home Version 1909 18363.959 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Google LLC -> Google LLC) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe <17>
(Google LLC -> Google LLC) C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee Security Scan\3.11.1882\SSScheduler.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\McAfee Security Scan\3.11.1882\McUICnt.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2016-01-29] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [Google Update] => C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8022104 2020-04-20] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [btweb] => "C:\Users\HP\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
HKLM\...\Windows x64\Print Processors\hpzpp5k2: C:\Windows\System32\spool\prtprocs\x64\hpzpp5k2.dll [224768 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3l5k2: C:\WINDOWS\system32\hpz3l5k2.dll [130048 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2020-07-28]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1882\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {16F3E5CA-074F-4D1E-8109-D9B4EA0E268B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3242380816-148138334-2338840981-1001UA => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)
Task: {1C9E7433-014B-4348-B316-05F183255E5D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {272A407D-F120-4FA9-A110-C6DC7C099E0F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2BDE04DC-CD07-4D38-9F74-42BE6E6F6EC9} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {3F12E0BC-0355-4B10-87C0-7450BA0CC409} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {43254BF7-9CFC-4899-928E-F8F77FCC3E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {482A6F5E-2777-40C0-BCC2-D3833FF5F084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {4A3C25E8-6AE0-4B2C-BD3C-3CC6D84B232B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {5789398B-BBFA-4FA2-90F0-D22A604957A9} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe
Task: {5A1A4FDD-8252-4DF5-9195-CF481B5776D3} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {5BC48988-FA58-4275-82B0-4B7B1B4F53A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A402668-CA22-4081-9A73-8B996DD05C60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C25B47A-3545-4446-855B-03BA8505894F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0A3992F-F88D-47CC-80AF-D73BCE4DC8CE} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
Task: {A0F23110-0EA5-43D0-9027-D0BEB03F1F7F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1312664 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4C280F1-CB6F-4F38-9020-BEBDC2E93089} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3242380816-148138334-2338840981-1001Core => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)
Task: {A517403B-0070-45B2-856B-24191F416960} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {A8433D85-73BF-4ADA-942A-8533A89E6CBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {AA26E1EE-7AC2-49EE-A0CB-5BA4936E33B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {ADCCE64E-81BC-4E1E-B8D1-8B883F42265A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {B3D78A7A-1679-4A5E-A0FD-D23DFE91EFCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B489D725-AD5A-4F13-B2D1-02FF245942FC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB270CD1-B681-4A04-8A42-0FEA3021BA01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {C96E1A05-2C8E-47D9-AF2B-8DBA7A12A120} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {CA1EA942-1F19-4345-BED1-32CEB9DCFAFF} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568 2016-01-14] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {DA47B706-2D31-4BB5-8277-5FE30F2D0ACA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB347944-6313-465A-9481-E7726556BF0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {E3B148D2-892E-471F-B258-090441AEB29A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {FB5C8FFB-1D56-4CA7-ADD7-3AF1F13F953B} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {FC88F052-0F21-433C-9DC9-8F6C584A2970} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {FD02DE29-E83E-4EC7-A3DD-CE0D2DB6F8B7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FF236CCA-FD6D-4B57-8FA8-42305D63D644} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{c036807e-c83f-4dac-8b80-f3a73ea3935a}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f0367b84-4165-4b7c-aca7-bf572017e741}: [DhcpNameServer] 40.23.1.12
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9E5F076F-E0BD-4C09-9B8C-885B7FF92BBE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3242380816-148138334-2338840981-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3242380816-148138334-2338840981-1001 -> {9E5F076F-E0BD-4C09-9B8C-885B7FF92BBE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
 
Edge: 
======
DownloadDir: C:\Users\HP\Downloads
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13]
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-27]
 
FireFox:
========
FF DefaultProfile: qn2is5s3.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qn2is5s3.default [2020-08-27]
FF Homepage: Mozilla\Firefox\Profiles\qn2is5s3.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 04:16:17&bName=&bitmask=0600
FF NewTab: Mozilla\Firefox\Profiles\qn2is5s3.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 04:16:17&bName=&bitmask=0600
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-26] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2020-08-27]
CHR HomePage: Default -> hxxps://www.google.co.uk/
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"
CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?fr=mcafee&type=E211GB1274G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://uk.search.yahoo.com/sugg/gossip/gossip-uk-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-08]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-08]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-08]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-08]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-08]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-06]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-08-27]
CHR DownloadDir: C:\Users\HP\Desktop
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-06]
CHR Extension: (Safe Torrent Scanner) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-08-15]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-06]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-06]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-08]
CHR Extension: (Download image) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcbjajkiiojcgdinllnmcgnihjemcibg [2020-04-07]
CHR Extension: (High Contrast) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2020-05-05]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-06]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-06]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-20]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-07]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2016-01-20] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
R2 HP Comm Recover; c:\Program Files\HPCommRecovery\HPCommRecovery.exe [48128 2016-04-18] (HP Inc.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1882\McCHSvc.exe [408192 2020-07-20] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-04-20] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\NisSrv.exe [2343128 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MsMpEng.exe [128376 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-08-27] (Malwarebytes Inc -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8673040 2020-02-06] (Intel Wireless Driver -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-27 10:49 - 2020-08-27 10:51 - 000030847 _____ C:\Users\HP\Desktop\FRST.txt
2020-08-27 10:49 - 2020-08-27 10:50 - 000000000 ____D C:\FRST
2020-08-27 10:30 - 2020-08-27 10:30 - 002298368 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2020-08-27 09:25 - 2020-08-27 09:25 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-08-27 09:20 - 2020-08-27 09:20 - 002117080 _____ (BitTorrent Inc.) C:\Users\HP\Downloads\uTorrent.exe
2020-08-26 16:45 - 2020-08-26 16:45 - 000000000 ____D C:\ProgramData\Mozilla
2020-08-26 16:20 - 2020-08-26 19:12 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S03.WEBRip.x264-ION10
2020-08-25 16:35 - 2020-08-25 16:44 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S07.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-24 21:09 - 2020-08-27 08:46 - 000000000 ____D C:\Users\HP\AppData\LocalLow\uTorrent
2020-08-20 17:59 - 2020-08-21 09:46 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S06.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:58 - 2020-08-21 09:52 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S05.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:57 - 2020-08-21 09:41 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S04.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:56 - 2020-08-20 22:13 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S03.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-19 19:23 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Intel
2020-08-19 19:21 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2020-08-19 19:20 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP
2020-07-29 08:40 - 2020-08-05 12:04 - 000000000 ____D C:\ProgramData\McAfee
2020-07-28 19:45 - 2020-07-28 19:45 - 003480040 _____ (McAfee, Inc.) C:\Users\HP\Downloads\MCPR.exe
2020-07-28 19:31 - 2020-07-28 19:31 - 002510856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2020-07-28 19:21 - 2020-07-28 19:23 - 000000000 ____D C:\ProgramData\McAfee Security Scan
2020-07-28 19:21 - 2020-07-28 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-27 10:22 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-27 09:38 - 2020-06-14 14:59 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-27 09:38 - 2020-06-14 14:59 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-27 09:38 - 2020-06-14 14:59 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-08-27 09:37 - 2019-04-19 10:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-27 09:36 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-27 09:28 - 2016-10-31 11:12 - 000000000 ___RD C:\Users\HP\OneDrive
2020-08-27 09:25 - 2016-10-31 11:09 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2020-08-27 09:24 - 2019-11-04 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-27 09:24 - 2016-11-06 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-08-27 09:23 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-08-27 09:19 - 2020-04-20 17:24 - 000000900 _____ C:\Users\HP\Desktop\µTorrent.lnk
2020-08-27 09:01 - 2020-04-20 17:24 - 000000000 ____D C:\Users\HP\AppData\Roaming\uTorrent
2020-08-27 08:46 - 2019-11-04 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-26 20:29 - 2020-04-20 17:18 - 000000000 ____D C:\Users\HP\AppData\Local\BitTorrentHelper
2020-08-26 16:45 - 2016-12-26 23:47 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2020-08-25 21:11 - 2019-11-04 23:13 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3242380816-148138334-2338840981-1001
2020-08-25 21:10 - 2019-11-04 22:54 - 000002361 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-25 11:04 - 2020-01-06 14:58 - 000002581 _____ C:\Users\HP\Desktop\Peter (Nigel Worton) - Chrome.lnk
2020-08-20 20:26 - 2018-04-03 09:22 - 000000000 ____D C:\Users\HP\AppData\Roaming\vlc
2020-08-20 12:53 - 2016-04-01 10:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-19 20:45 - 2019-11-04 22:54 - 000000000 ____D C:\Users\HP
2020-08-19 19:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-19 19:39 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-19 19:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-08-19 19:21 - 2016-11-23 00:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-19 11:14 - 2018-09-08 10:10 - 000002490 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-16 14:17 - 2019-11-04 23:05 - 000936852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-16 14:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-07 10:00 - 2016-08-14 00:44 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-30 16:17 - 2016-04-01 10:58 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-30 16:17 - 2016-04-01 10:58 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-29 08:40 - 2019-11-04 23:13 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-29 08:40 - 2019-11-04 23:13 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-07-28 19:21 - 2016-12-26 18:27 - 000000000 ____D C:\Program Files\McAfee Security Scan
2020-07-28 19:21 - 2016-12-26 18:24 - 000002025 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2020-07-28 19:21 - 2016-12-26 18:24 - 000002025 _____ C:\ProgramData\Desktop\McAfee Security Scan Plus.lnk
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by HP (27-08-2020 10:53:15)
Running from C:\Users\HP\Desktop
Windows 10 Home Version 1909 18363.959 (X64) (2019-11-04 22:14:15)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3242380816-148138334-2338840981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3242380816-148138334-2338840981-503 - Limited - Disabled)
Guest (S-1-5-21-3242380816-148138334-2338840981-501 - Limited - Disabled)
HP (S-1-5-21-3242380816-148138334-2338840981-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-3242380816-148138334-2338840981-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Bejeweled 3 (HKLM-x32\...\WTA-c57375fe-7c4e-42fe-933d-8b7cb7ba6162) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-2ef5d62f-3135-477e-89cd-6164f99a589b) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-9e42fc3c-37a6-4064-9cee-b0c58c7fd7b7) (Version: 3.0.2.48 - WildTangent) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-04fae52d-5b85-45e7-97a2-e3eee4beccc4) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6129 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-2c6c49fa-0409-4d00-9e40-6d7f96b35a71) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Google Chrome) (Version: 84.0.4147.135 - Google LLC)
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.26.13 - HP)
HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.16.22.11 - HP)
HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® WiDi (HKLM\...\{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{EB14CEF0-8F59-47A3-B965-D0C0D6AC0DA3}) (Version: 18.1.1605.3087 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-e54f8f30-ded5-4713-b255-3f1c0a6a244e) (Version: 2.2.0.97 - WildTangent) Hidden
Little Boy: Walter's Scooter (HKLM-x32\...\WTA-e1a91bd4-66dd-4922-a5b2-c1c6d9efca3b) (Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1882.1 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.133.5 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.3.6691 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-23827b4e-108f-4284-87b0-51bfd8873d17) (Version: 3.0.2.59 - WildTangent) Hidden
PuppetShow: Return to Joyville (HKLM-x32\...\WTA-06e278ba-c41e-4757-96de-130a857e3058) (Version: 3.0.2.126 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-a64258ed-e30d-4290-ad12-8669665b8415) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Regency Solitaire (HKLM-x32\...\WTA-93d69599-2a50-42a2-8d5b-44db68268a02) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-bac43998-d8ae-40b4-b589-518dccc9e574) (Version: 3.0.2.126 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Tasty Blue (HKLM-x32\...\WTA-4f663862-6154-412b-8b02-055692f51785) (Version: 3.0.2.59 - WildTangent) Hidden
Telegram Desktop version 1.9.21 (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.21 - Telegram FZ-LLC)
Trinklit Supreme (HKLM-x32\...\WTA-5dd697cc-e579-4843-b7db-72ee6bd50de2) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{802e10a9-a06e-4d71-a1fc-fb91afd27f22}) (Version: 4.10.2225.4082 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.2 - WildTangent) Hidden
Youda Jewel Shop (HKLM-x32\...\WTA-8d6b64bc-52ce-421b-942c-dbb80f64e66d) (Version: 3.0.2.51 - WildTangent) Hidden
Zoom (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
 
Packages:
=========
Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13] (eyeo GmbH)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-20] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.174.500.0_x86__kgqvnymyfvs32 [2020-08-12] (king.com)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-02] (Universal Music Mobile)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa [2020-08-06] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-15] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.19.82.0_x64__kx24dqmazqk8j [2020-06-04] (Random Salad Games LLC)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-09-08] (Snapfish)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-12-27] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\HP\AppData\Local\Google\Chrome\Application\84.0.4147.135\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.301\psuser_64.dll => No File
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxDTCM.dll [2017-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\HP\Desktop\Peter (Nigel Worton) - Chrome.lnk -> C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\HP\Desktop\Sara - Chrome.lnk -> C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 08:24 - 2020-07-28 19:21 - 000000903 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\Control Panel\Desktop\\Wallpaper -> F:\Pics\Wallpaper\northern lights.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{DAB3F114-0D9A-4AB6-9558-A610262F6F89}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{2E0AC2A7-1919-4F38-BC81-51D00FF3B1B5}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{433F2BEC-D3C9-4440-B97B-204E3B1D4990}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{64DDD6A4-1263-4EAA-9D0A-E9A5872932EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7077F34A-558A-409A-88E0-BF10EE7D8BE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B8E03A9A-DA1B-4B30-9511-FFA4ABECB540}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{64BAD77B-A8C2-4AA5-A950-37CF9237B682}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{553273FB-7F62-4328-98A8-F825E243A705}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{91B02295-7C5C-44ED-A503-DB959AE8D12B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{D49A6AB7-F3D6-47C9-B03A-429A88CEF853}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{DC0433B4-AEA0-4E71-8B60-9027FA72CD69}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{39EE962F-B901-4152-93E6-D83216F5D639}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9736A5F1-8CFC-47DD-9380-DF92620D5E63}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1C30EA58-BE04-4209-8CEE-D999F8DB9BCC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{5C434431-7B13-4BEA-B43A-33CD22297B1B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{45879592-B753-4659-8313-70D754415F44}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{E8078ED3-A0AF-4937-92E6-1D4BB6A309E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4809BC0F-A572-4E77-9184-BA6EA2B700AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD04F22A-E296-4031-93A0-F09A4EDEDDBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21F14182-7EF6-4DA7-A3A3-92D23FEC325C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1D142E13-6AC7-4C4B-827A-C97DB718D336}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{9AEFE381-24AE-45DD-8D0F-CBF78C43C6AB}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [TCP Query User{DEFC4C9B-366E-4018-A306-BFC9346B7144}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C813EF60-E5A0-430E-A17E-C065227D6B92}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A89AF886-5E28-4E67-8037-267885AFB8F6}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3D6ECBE7-57B6-498E-A1FB-50FDB9A2CA2D}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B140F270-46E4-4520-ADA8-A20C8EB0F6E0}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3A133507-FEC6-49F0-B9F3-3A8C3A71FC5B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{66F1EAA8-00FF-43D9-B1C6-6335903FA821}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1A63DD85-93AE-4755-B940-3D9F9F1E2546}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{799598AB-1BEF-408D-B728-730F05127F5B}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3AB040F-A2EA-4E04-873C-27EB20BB06DB}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{5EDD6C11-0132-4321-9575-08217621739D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{023B8DC0-21BC-4303-849B-62D8964D9BEE}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{9C0D0817-AFFA-43AE-9CE7-276120F286CE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{424792ED-9709-4171-BE3F-D89915274EB1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67C3587D-575C-463D-BF07-6604FBBAF1DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7AFFB92B-BFE2-4CE0-9588-246F7B9C10BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B67F14C5-F677-4DFA-B098-FDC324E24D59}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C203531B-67B7-489F-BEA7-6CFD7BC50CC8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2534634C-D5A1-4C18-9660-F30E43ED19BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4229A4A8-4792-44B6-B3C1-5F9E4C62ECB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B970527E-22E3-4FCA-B0E3-DAE3482227C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1008338-E26A-48BB-8C80-02DA86085AC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF6CBE1C-5CEE-42B6-99FA-22DB9D7DEEF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7361720F-3268-4025-A18C-238D15A50F75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C4B92EB-627F-4F5E-8AFE-2ECA08E3674F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/27/2020 10:35:24 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (5816,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (08/27/2020 09:50:01 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3160,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (08/27/2020 09:37:08 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
Error: (08/27/2020 09:28:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1f58
 
Start Time: 01d67c4bf4ccae11
 
Termination Time: 4294967295
 
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
 
Report Id: 4b4538e1-8954-4952-b8d3-db37719d63b2
 
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
 
Hang type: Quiesce
 
Error: (08/27/2020 09:18:39 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mshta.exe version 11.0.18362.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 1520
 
Start Time: 01d67c494fa2096d
 
Termination Time: 29
 
Application Path: C:\Windows\SysWOW64\mshta.exe
 
Report Id: abb9a99d-0769-40e8-9311-d9b400655c41
 
Faulting package full name: 
 
Faulting package-relative application ID: 
 
Hang type: Cross-process
 
Error: (08/27/2020 09:14:40 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (13072,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (08/27/2020 08:52:06 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4620,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
Error: (08/26/2020 09:14:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10608,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
 
 
System errors:
=============
Error: (08/27/2020 09:24:27 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (08/27/2020 09:24:27 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (08/27/2020 09:24:27 AM) (Source: Microsoft-Windows-Directory-Services-SAM) (EventID: 16953) (User: NT AUTHORITY)
Description: The password notification DLL C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter failed to load with error 126. Please verify that the notification DLL path defined in the registry, HKLM\System\CurrentControlSet\Control\Lsa\Notification Packages, refers to a correct and absolute path (<drive>:\<path>\<filename>.<ext>) and not a relative or invalid path. If the DLL path is correct, please validate that any supporting files are located in the same directory, and that the system account has read access to both the DLL path and any supporting files.  Contact the provider of the notification DLL for additional support. Further details can be found on the web at http://go.microsoft..../?LinkId=245898.
 
Error: (08/27/2020 09:23:14 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Security Service service did not shut down properly after receiving a pre-shutdown control.
 
Error: (08/26/2020 02:58:13 PM) (Source: Service Control Manager) (EventID: 7046) (User: )
Description: The following service has repeatedly stopped responding to service control requests: Base Filtering Engine
 
Contact the service vendor or the system administrator about whether to disable this service until the problem is identified.
 
You may have to restart the computer in safe mode before you can disable the service.
 
Error: (08/26/2020 02:54:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
Error: (08/26/2020 12:25:24 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
Error: (08/26/2020 12:24:54 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
 
 
Windows Defender:
===================================
Date: 2020-04-28 11:48:33.373
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {169EEE5F-B73B-478B-B0EB-6EAC122D8A34}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-28 11:43:01.649
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {036DD3A7-AE80-4518-AC53-0F6F956FA410}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-28 11:37:24.004
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B8921C8C-A985-4456-97B0-A246A4D12AD9}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-28 11:28:22.813
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B7A179F1-C261-42EE-9F37-15AF84ED5B8A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-04-22 17:13:46.375
Description: 
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {6F962B79-F3BC-4C66-9737-2B4C27199CF4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
 
Date: 2020-08-11 09:50:50.504
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.1155.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2020-08-11 09:50:50.504
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.1155.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2020-08-11 09:50:50.503
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.1155.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
Date: 2020-08-11 09:50:23.802
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.935.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 
 
Date: 2020-08-05 12:13:16.667
Description: 
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version: 
Previous security intelligence Version: 1.321.673.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.17300.4
Error code: 0x8050a003
Error description: This package does not contain up-to-date definition files for this program. For more information, see Help and Support. 
 
CodeIntegrity:
===================================
 
Date: 2020-07-05 12:55:13.489
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-06-30 17:17:40.543
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-06-15 08:55:38.597
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-06-07 13:14:23.939
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-05-21 10:31:03.446
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-05-19 18:33:18.203
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-05-18 10:06:52.761
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
Date: 2020-05-09 11:40:50.571
Description: 
Windows blocked file \Device\HarddiskVolume3\Windows\System32\scrobj.dll which has been disallowed for protected processes.
 
==================== Memory info =========================== 
 
BIOS: Insyde F.52 05/02/2019
Motherboard: HP 820B
Processor: Intel® Core™ i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 47%
Total physical RAM: 8081.91 MB
Available physical RAM: 4253.74 MB
Total Virtual: 9425.91 MB
Available Virtual: 5327.6 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:915.6 GB) (Free:665.69 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.87 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{203edf85-fe81-47c4-835d-106479c6ad08}\ () (Fixed) (Total:1.76 GB) (Free:1.12 GB) NTFS
\\?\Volume{1edf090f-6b48-404f-a6f3-ef3d030710fc}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AA025105)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements

#2
RKinner
Posted 28 August 2020 - 04:08 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

In the FRST search box put

utorrent

click on Search Registry.

You will get one report.  Please post.


  • 0

#3
peter plus
Posted 28 August 2020 - 05:23 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by HP (28-08-2020 12:24:18)
Running from C:\Users\HP\Desktop
Boot Mode: Normal
 
================== Search Registry: "utorrent" ===========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\utorrentie.exe]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"="0xA2948A404B7CD60100000000000000000000000002000000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\helper\helper.exe"="0x6869C63C467CD60100000000000000000000000002000000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe"="0x618AFC714A7CD60100000000000000000000000002000000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe"="0x6FF64CAE4A7CD60100000000000000000000000002000000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\Downloads\uTorrent.exe"="0x485983FF4A7CD60100000000000000000000000002000000"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{799598AB-1BEF-408D-B728-730F05127F5B}"="v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=6|App=C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (TCP-In)|Desc=Allow μTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D3AB040F-A2EA-4E04-873C-27EB20BB06DB}"="v2.30|Action=Allow|Active=TRUE|Dir=In|Protocol=17|App=C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe|Name=μTorrent (UDP-In)|Desc=Allow μTorrent network traffic with Edge Traversal|Edge=TRUE|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"TCP Query User{5EDD6C11-0132-4321-9575-08217621739D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Public|App=C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe|Name=3.5.5_45724.exe|Desc=3.5.5_45724.exe|Edge=TRUE|Defer=App|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"UDP Query User{023B8DC0-21BC-4303-849B-62D8964D9BEE}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe|Name=3.5.5_45724.exe|Desc=3.5.5_45724.exe|Edge=TRUE|Defer=App|"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native]
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native]
""="C:\Users\HP\AppData\Roaming\uTorrent\chrome_native.json"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"uTorrent_.torrent"="0"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts]
"Applications\uTorrent.exe_.torrent"="0"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"="722"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched]
"C:\Users\HP\AppData\Roaming\uTorrent\updates\3.5.5_45724.exe"="1"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"="3"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithList]
"a"="uTorrent.exe"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent\OpenWithProgids]
"uTorrent"=""
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU]
"c"="%appdata%\uTorrent\\1"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"="0x5341435001000000000000000700000028000000D83E20003C86200001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000545211000000000004000000020000000000000000000000000000000000000000000000000000003C1B1300000000000A00000000000000"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.FriendlyAppName"="µTorrent"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.ApplicationCompany"="BitTorrent Inc."
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.FriendlyAppName"="µTorrent"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.ApplicationCompany"="BitTorrent Inc."
 
====== End of Search ======

  • 0

#4
RKinner
Posted 28 August 2020 - 08:55 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   17.09KB   223 downloads

Run FRST and press Fix.  Will take about 25 minutes as we also need to check your system files.  Be patient.
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan not Fix.  Post both logs.

 

Also redo the Search Registry as before.  Just to see if I missed anything.


 


  • 0

#5
peter plus
Posted 28 August 2020 - 10:05 AM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts
Fix result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by HP (28-08-2020 16:10:17) Run:1
Running from C:\Users\HP\Desktop
Loaded Profiles: HP
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [btweb] => "C:\Users\HP\AppData\Roaming\BitTorrent Web\btweb.exe" /MINIMIZED
C:\Users\HP\AppData\Roaming\uTorrent
C:\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe
C:\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe
C:\Users\HP\AppData\Local\BitTorrentHelper
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk 
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.301\psuser_64.dll => No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
reg: reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\utorrentie.exe
reg: reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"
reg: reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\helper\helper.exe"
reg: reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe"
reg: reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe"
reg: reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\Downloads\uTorrent.exe"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts /v "uTorrent_.torrent"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts /v "Applications\uTorrent.exe_.torrent"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched /v "C:\Users\HP\AppData\Roaming\uTorrent\updates\3.5.5_45724.exe"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /v "c"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.FriendlyAppName"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.ApplicationCompany"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.FriendlyAppName"
reg: reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.ApplicationCompany"
FirewallRules: [{799598AB-1BEF-408D-B728-730F05127F5B}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{D3AB040F-A2EA-4E04-873C-27EB20BB06DB}] => (Allow) C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{5EDD6C11-0132-4321-9575-08217621739D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [UDP Query User{023B8DC0-21BC-4303-849B-62D8964D9BEE}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe] => (Allow) C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B8E03A9A-DA1B-4B30-9511-FFA4ABECB540}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{64BAD77B-A8C2-4AA5-A950-37CF9237B682}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe => No File
FirewallRules: [{553273FB-7F62-4328-98A8-F825E243A705}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe => No File
FirewallRules: [{91B02295-7C5C-44ED-A503-DB959AE8D12B}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe => No File
FirewallRules: [{D49A6AB7-F3D6-47C9-B03A-429A88CEF853}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe => No File
FirewallRules: [{45879592-B753-4659-8313-70D754415F44}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE => No File
FirewallRules: [{1D142E13-6AC7-4C4B-827A-C97DB718D336}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File
FirewallRules: [{9AEFE381-24AE-45DD-8D0F-CBF78C43C6AB}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File
C:\Users\HP\AppData\LocalLow\uTorrent
C:\Users\HP\Desktop\µTorrent.lnk
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer
CMD: mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database
File: C:\Windows\SysWOW64\mshta.exe
File: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
File: C:\Windows\system32\bfe.dll
CMD: sc start bfe
CMD: DISM /Online /Cleanup-Image /RestoreHealth
CMD: SFC /scannow 
CMD: findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
HKLM\System\CurrentControlSet\Control\Lsa\\"Notification Packages"="scecli" => value restored successfully
"HKU\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Run\\btweb" => removed successfully
C:\Users\HP\AppData\Roaming\uTorrent => moved successfully
C:\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe => moved successfully
C:\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe => moved successfully
C:\Users\HP\AppData\Local\BitTorrentHelper => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4} => removed successfully
HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F} => removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
 
========= reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\utorrentie.exe =========
 
Permanently delete the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\utorrentie.exe (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" =========
 
Delete the registry value \Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (Yes/No)? ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\helper\helper.exe" =========
 
Delete the registry value \Device\HarddiskVolume3\Users\HP\AppData\Roaming\uTorrent\helper\helper.exe (Yes/No)? ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe" =========
 
Delete the registry value \Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD7954.tmp.1598515718_permissionsCopy\uTorrent.exe (Yes/No)? ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe" =========
 
Delete the registry value \Device\HarddiskVolume3\Users\HP\AppData\Local\Temp\HYD372A.tmp.1598515701_permissionsCopy\uTorrent.exe (Yes/No)? ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001 /v "\Device\HarddiskVolume3\Users\HP\Downloads\uTorrent.exe" =========
 
Delete the registry value \Device\HarddiskVolume3\Users\HP\Downloads\uTorrent.exe (Yes/No)? ERROR: Access is denied.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native =========
 
Permanently delete the registry key HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Google\Chrome\NativeMessagingHosts\com.utorrent.native (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts /v "uTorrent_.torrent" =========
 
Delete the registry value uTorrent_.torrent (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts /v "Applications\uTorrent.exe_.torrent" =========
 
Delete the registry value Applications\uTorrent.exe_.torrent (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" =========
 
Delete the registry value C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\AppSwitched /v "C:\Users\HP\AppData\Roaming\uTorrent\updates\3.5.5_45724.exe" =========
 
Delete the registry value C:\Users\HP\AppData\Roaming\uTorrent\updates\3.5.5_45724.exe (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage\ShowJumpView /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" =========
 
Delete the registry value C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent =========
 
Permanently delete the registry key HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.torrent (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /v "c" =========
 
Delete the registry value c (Yes/No)? The operation completed successfully.
 
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe" =========
 
ERROR: Invalid syntax.
Type "REG DELETE /?" for usage.
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.FriendlyAppName" =========
 
ERROR: Invalid syntax.
Type "REG DELETE /?" for usage.
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.ApplicationCompany" =========
 
ERROR: Invalid syntax.
Type "REG DELETE /?" for usage.
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.FriendlyAppName" =========
 
ERROR: Invalid syntax.
Type "REG DELETE /?" for usage.
 
 
========= End of Reg: =========
 
 
========= reg delete HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache /v "C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.ApplicationCompany" =========
 
ERROR: Invalid syntax.
Type "REG DELETE /?" for usage.
 
 
========= End of Reg: =========
 
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{799598AB-1BEF-408D-B728-730F05127F5B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D3AB040F-A2EA-4E04-873C-27EB20BB06DB}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5EDD6C11-0132-4321-9575-08217621739D}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{023B8DC0-21BC-4303-849B-62D8964D9BEE}C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8E03A9A-DA1B-4B30-9511-FFA4ABECB540}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{64BAD77B-A8C2-4AA5-A950-37CF9237B682}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{553273FB-7F62-4328-98A8-F825E243A705}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{91B02295-7C5C-44ED-A503-DB959AE8D12B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D49A6AB7-F3D6-47C9-B03A-429A88CEF853}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45879592-B753-4659-8313-70D754415F44}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1D142E13-6AC7-4C4B-827A-C97DB718D336}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9AEFE381-24AE-45DD-8D0F-CBF78C43C6AB}" => removed successfully
C:\Users\HP\AppData\LocalLow\uTorrent => moved successfully
C:\Users\HP\Desktop\µTorrent.lnk => moved successfully
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer =========
 
 
========= End of CMD: =========
 
 
========= mkdir C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database =========
 
 
========= End of CMD: =========
 
 
========================= File: C:\Windows\SysWOW64\mshta.exe ========================
 
C:\Windows\SysWOW64\mshta.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0010~31bf3856ad364e35~amd64~~10.0.18362.900.cat
File is digitally signed
MD5: 665D512BB2727713783B73F1B7FEB808
Creation and modification date: 2019-03-19 05:46 - 2019-03-19 05:46
Size: 000013312
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: MSHTA.EXE
Original Name: MSHTA.EXE
Product: Internet Explorer
Description: Microsoft ® HTML Application host
File Version: 11.00.18362.1 (WinBuild.160101.0800)
Product Version: 11.00.18362.1
Copyright: © Microsoft Corporation. All rights reserved.
 
====== End of File: ======
 
 
========================= File: C:\Windows\ImmersiveControlPanel\SystemSettings.exe ========================
 
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0413~31bf3856ad364e35~amd64~~10.0.18362.900.cat
File is digitally signed
MD5: 4A857F1273178C1CA1008F6A4ABB5726
Creation and modification date: 2020-02-13 09:52 - 2020-02-13 09:52
Size: 000096032
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: Settings
Original Name: SystemSettings.exe
Product: Microsoft® Windows® Operating System
Description: Settings
File Version: 10.0.18362.628 (WinBuild.160101.0800)
Product Version: 10.0.18362.628
Copyright: © Microsoft Corporation. All rights reserved.
 
====== End of File: ======
 
 
========================= File: C:\Windows\system32\bfe.dll ========================
 
C:\Windows\system32\bfe.dll
Catalog: C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.18362.900.cat
File is digitally signed
MD5: D7654CCF919B8BD04B6D4972459F01B2
Creation and modification date: 2019-11-04 22:13 - 2019-11-04 22:13
Size: 000878080
Attributes: ----A
Company Name: Microsoft Windows -> Microsoft Corporation
Internal Name: BFE.DLL
Original Name: BFE.DLL
Product: Microsoft® Windows® Operating System
Description: Base Filtering Engine
File Version: 10.0.18362.207 (WinBuild.160101.0800)
Product Version: 10.0.18362.207
Copyright: © Microsoft Corporation. All rights reserved.
 
====== End of File: ======
 
 
========= sc start bfe =========
 
[SC] StartService FAILED 1056:
 
An instance of the service is already running.
 
 
========= End of CMD: =========
 
 
========= DISM /Online /Cleanup-Image /RestoreHealth =========
 
 
Deployment Image Servicing and Management tool
Version: 10.0.18362.900
 
Image Version: 10.0.18363.959
 
 
[==                         3.8%                           ] 
 
[==                         3.8%                           ] 
 
[==                         3.8%                           ] 
 
[==                         3.9%                           ] 
 
[==                         4.1%                           ] 
 
[==                         4.3%                           ] 
 
[==                         4.5%                           ] 
 
[==                         4.5%                           ] 
 
[==                         4.6%                           ] 
 
[==                         4.8%                           ] 
 
[==                         4.9%                           ] 
 
[==                         5.1%                           ] 
 
[===                        5.3%                           ] 
 
[===                        5.4%                           ] 
 
[===                        5.6%                           ] 
 
[===                        5.7%                           ] 
 
[===                        5.8%                           ] 
 
[===                        5.8%                           ] 
 
[===                        6.0%                           ] 
 
[===                        6.0%                           ] 
 
[===                        6.1%                           ] 
 
[===                        6.3%                           ] 
 
[===                        6.4%                           ] 
 
[===                        6.6%                           ] 
 
[===                        6.7%                           ] 
 
[===                        6.9%                           ] 
 
[====                       7.1%                           ] 
 
[====                       7.3%                           ] 
 
[====                       7.5%                           ] 
 
[====                       7.5%                           ] 
 
[====                       7.6%                           ] 
 
[====                       7.8%                           ] 
 
[====                       7.8%                           ] 
 
[====                       7.9%                           ] 
 
[====                       8.0%                           ] 
 
[====                       8.3%                           ] 
 
[====                       8.5%                           ] 
 
[====                       8.6%                           ] 
 
[=====                      8.8%                           ] 
 
[=====                      8.8%                           ] 
 
[=====                      9.1%                           ] 
 
[=====                      9.2%                           ] 
 
[=====                      9.3%                           ] 
 
[=====                      9.5%                           ] 
 
[=====                      9.7%                           ] 
 
[=====                      9.8%                           ] 
 
[=====                      9.9%                           ] 
 
[=====                      10.2%                          ] 
 
[=====                      10.3%                          ] 
 
[======                     10.4%                          ] 
 
[======                     10.6%                          ] 
 
[======                     10.6%                          ] 
 
[======                     10.8%                          ] 
 
[======                     10.9%                          ] 
 
[======                     11.2%                          ] 
 
[======                     11.3%                          ] 
 
[======                     11.5%                          ] 
 
[======                     11.7%                          ] 
 
[======                     11.7%                          ] 
 
[======                     11.8%                          ] 
 
[======                     12.0%                          ] 
 
[======                     12.0%                          ] 
 
[=======                    12.2%                          ] 
 
[=======                    12.4%                          ] 
 
[=======                    12.5%                          ] 
 
[=======                    12.8%                          ] 
 
[=======                    13.0%                          ] 
 
[=======                    13.1%                          ] 
 
[=======                    13.2%                          ] 
 
[=======                    13.4%                          ] 
 
[=======                    13.6%                          ] 
 
[========                   13.8%                          ] 
 
[========                   13.9%                          ] 
 
[========                   14.0%                          ] 
 
[========                   14.0%                          ] 
 
[========                   14.2%                          ] 
 
[========                   14.4%                          ] 
 
[========                   14.6%                          ] 
 
[========                   14.9%                          ] 
 
[========                   14.9%                          ] 
 
[========                   15.0%                          ] 
 
[========                   15.2%                          ] 
 
[========                   15.5%                          ] 
 
[=========                  15.5%                          ] 
 
[=========                  15.8%                          ] 
 
[=========                  16.0%                          ] 
 
[=========                  16.0%                          ] 
 
[=========                  16.3%                          ] 
 
[=========                  16.5%                          ] 
 
[=========                  16.8%                          ] 
 
[=========                  17.0%                          ] 
 
[=========                  17.1%                          ] 
 
[=========                  17.2%                          ] 
 
[==========                 17.5%                          ] 
 
[==========                 17.8%                          ] 
 
[==========                 18.4%                          ] 
 
[===========                19.0%                          ] 
 
[===========                19.5%                          ] 
 
[===========                20.1%                          ] 
 
[===========                20.3%                          ] 
 
[===========                20.5%                          ] 
 
[============               20.8%                          ] 
 
[============               21.0%                          ] 
 
[============               21.2%                          ] 
 
[============               21.4%                          ] 
 
[============               21.5%                          ] 
 
[============               21.7%                          ] 
 
[============               22.0%                          ] 
 
[============               22.3%                          ] 
 
[=============              22.5%                          ] 
 
[=============              22.8%                          ] 
 
[=============              23.1%                          ] 
 
[=============              23.4%                          ] 
 
[=============              23.6%                          ] 
 
[=============              23.9%                          ] 
 
[==============             24.2%                          ] 
 
[==============             24.4%                          ] 
 
[==============             24.7%                          ] 
 
[==============             24.9%                          ] 
 
[==============             25.1%                          ] 
 
[==============             25.2%                          ] 
 
[==============             25.4%                          ] 
 
[==============             25.4%                          ] 
 
[==============             25.7%                          ] 
 
[===============            25.9%                          ] 
 
[===============            26.0%                          ] 
 
[===============            26.2%                          ] 
 
[===============            26.3%                          ] 
 
[===============            26.3%                          ] 
 
[===============            26.6%                          ] 
 
[===============            26.7%                          ] 
 
[===============            26.9%                          ] 
 
[===============            27.1%                          ] 
 
[===============            27.2%                          ] 
 
[===============            27.4%                          ] 
 
[===============            27.5%                          ] 
 
[===============            27.5%                          ] 
 
[================           27.6%                          ] 
 
[================           27.6%                          ] 
 
[================           27.6%                          ] 
 
[================           27.7%                          ] 
 
[================           27.8%                          ] 
 
[================           27.8%                          ] 
 
[================           27.8%                          ] 
 
[================           28.0%                          ] 
 
[================           28.2%                          ] 
 
[================           28.2%                          ] 
 
[================           28.3%                          ] 
 
[================           28.4%                          ] 
 
[================           28.5%                          ] 
 
[================           28.7%                          ] 
 
[================           28.9%                          ] 
 
[================           29.1%                          ] 
 
[================           29.3%                          ] 
 
[=================          29.4%                          ] 
 
[=================          29.6%                          ] 
 
[=================          29.8%                          ] 
 
[=================          30.0%                          ] 
 
[=================          30.3%                          ] 
 
[=================          30.6%                          ] 
 
[=================          30.9%                          ] 
 
[==================         31.2%                          ] 
 
[==================         31.5%                          ] 
 
[==================         31.8%                          ] 
 
[==================         31.9%                          ] 
 
[==================         32.1%                          ] 
 
[==================         32.3%                          ] 
 
[==================         32.5%                          ] 
 
[==================         32.7%                          ] 
 
[===================        32.8%                          ] 
 
[===================        32.8%                          ] 
 
[===================        33.1%                          ] 
 
[===================        33.4%                          ] 
 
[===================        33.6%                          ] 
 
[===================        33.8%                          ] 
 
[===================        34.0%                          ] 
 
[===================        34.3%                          ] 
 
[===================        34.4%                          ] 
 
[====================       34.6%                          ] 
 
[====================       34.8%                          ] 
 
[====================       35.0%                          ] 
 
[====================       35.3%                          ] 
 
[====================       35.5%                          ] 
 
[====================       35.6%                          ] 
 
[====================       35.7%                          ] 
 
[====================       35.9%                          ] 
 
[=====================      36.2%                          ] 
 
[=====================      36.6%                          ] 
 
[=====================      36.8%                          ] 
 
[=====================      37.1%                          ] 
 
[=====================      37.5%                          ] 
 
[=====================      37.7%                          ] 
 
[=====================      37.7%                          ] 
 
[=====================      37.7%                          ] 
 
[=====================      37.8%                          ] 
 
[=====================      37.9%                          ] 
 
[======================     38.3%                          ] 
 
[======================     38.3%                          ] 
 
[======================     38.5%                          ] 
 
[======================     38.6%                          ] 
 
[======================     38.8%                          ] 
 
[======================     38.9%                          ] 
 
[======================     39.0%                          ] 
 
[======================     39.1%                          ] 
 
[======================     39.2%                          ] 
 
[======================     39.5%                          ] 
 
[======================     39.5%                          ] 
 
[======================     39.6%                          ] 
 
[=======================    39.8%                          ] 
 
[=======================    39.8%                          ] 
 
[=======================    39.9%                          ] 
 
[=======================    39.9%                          ] 
 
[=======================    40.2%                          ] 
 
[=======================    40.4%                          ] 
 
[=======================    40.4%                          ] 
 
[=======================    40.7%                          ] 
 
[=======================    40.8%                          ] 
 
[=======================    41.1%                          ] 
 
[=======================    41.1%                          ] 
 
[=======================    41.2%                          ] 
 
[=======================    41.2%                          ] 
 
[========================   41.5%                          ] 
 
[========================   41.7%                          ] 
 
[========================   41.9%                          ] 
 
[========================   42.1%                          ] 
 
[========================   42.3%                          ] 
 
[========================   42.4%                          ] 
 
[========================   42.6%                          ] 
 
[========================   42.7%                          ] 
 
[========================   42.7%                          ] 
 
[========================   42.8%                          ] 
 
[========================   42.9%                          ] 
 
[========================   43.0%                          ] 
 
[=========================  43.2%                          ] 
 
[=========================  43.2%                          ] 
 
[=========================  43.2%                          ] 
 
[=========================  43.3%                          ] 
 
[=========================  43.3%                          ] 
 
[=========================  43.3%                          ] 
 
[=========================  43.4%                          ] 
 
[=========================  43.4%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  43.5%                          ] 
 
[=========================  43.6%                          ] 
 
[=========================  43.6%                          ] 
 
[=========================  43.7%                          ] 
 
[=========================  43.7%                          ] 
 
[=========================  43.8%                          ] 
 
[=========================  43.8%                          ] 
 
[=========================  43.8%                          ] 
 
[=========================  43.9%                          ] 
 
[=========================  44.0%                          ] 
 
[=========================  44.1%                          ] 
 
[=========================  44.2%                          ] 
 
[=========================  44.2%                          ] 
 
[=========================  44.4%                          ] 
 
[=========================  44.5%                          ] 
 
[=========================  44.6%                          ] 
 
[=========================  44.7%                          ] 
 
[=========================  44.8%                          ] 
 
[========================== 44.9%                          ] 
 
[========================== 45.1%                          ] 
 
[========================== 45.2%                          ] 
 
[========================== 45.4%                          ] 
 
[========================== 45.4%                          ] 
 
[========================== 45.6%                          ] 
 
[========================== 45.7%                          ] 
 
[========================== 45.7%                          ] 
 
[========================== 45.8%                          ] 
 
[========================== 45.8%                          ] 
 
[========================== 45.9%                          ] 
 
[========================== 46.0%                          ] 
 
[========================== 46.0%                          ] 
 
[========================== 46.0%                          ] 
 
[========================== 46.0%                          ] 
 
[========================== 46.1%                          ] 
 
[========================== 46.1%                          ] 
 
[========================== 46.2%                          ] 
 
[========================== 46.3%                          ] 
 
[========================== 46.3%                          ] 
 
[========================== 46.3%                          ] 
 
[========================== 46.5%                          ] 
 
[========================== 46.5%                          ] 
 
[===========================46.6%                          ] 
 
[===========================46.7%                          ] 
 
[===========================46.9%                          ] 
 
[===========================46.9%                          ] 
 
[===========================47.0%                          ] 
 
[===========================47.0%                          ] 
 
[===========================47.1%                          ] 
 
[===========================47.2%                          ] 
 
[===========================47.5%                          ] 
 
[===========================47.8%                          ] 
 
[===========================48.2%                          ] 
 
[===========================48.4%                          ] 
 
[===========================48.7%                          ] 
 
[===========================48.8%                          ] 
 
[===========================49.1%                          ] 
 
[===========================49.4%                          ] 
 
[===========================49.7%                          ] 
 
[===========================50.2%                          ] 
 
[===========================50.5%                          ] 
 
[===========================50.9%                          ] 
 
[===========================51.5%                          ] 
 
[===========================51.7%                          ] 
 
[===========================52.0%                          ] 
 
[===========================52.5%                          ] 
 
[===========================52.8%                          ] 
 
[===========================53.1%                          ] 
 
[===========================53.2%                          ] 
 
[===========================53.3%                          ] 
 
[===========================53.5%                          ] 
 
[===========================53.5%                          ] 
 
[===========================53.6%                          ] 
 
[===========================53.6%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.7%                          ] 
 
[===========================53.8%                          ] 
 
[===========================53.8%                          ] 
 
[===========================53.9%                          ] 
 
[===========================53.9%                          ] 
 
[===========================53.9%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.0%                          ] 
 
[===========================54.1%                          ] 
 
[===========================54.1%                          ] 
 
[===========================54.1%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.2%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.3%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.4%                          ] 
 
[===========================54.5%                          ] 
 
[===========================54.5%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.6%                          ] 
 
[===========================54.7%                          ] 
 
[===========================54.7%                          ] 
 
[===========================54.7%                          ] 
 
[===========================54.8%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================54.9%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.0%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.1%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.2%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.3%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.4%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.5%                          ] 
 
[===========================55.7%                          ] 
 
[===========================55.7%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.8%                          ] 
 
[===========================55.9%                          ] 
 
[===========================55.9%                          ] 
 
[===========================56.0%                          ] 
 
[===========================56.1%                          ] 
 
[===========================56.1%                          ] 
 
[===========================56.1%                          ] 
 
[===========================56.2%                          ] 
 
[===========================56.2%                          ] 
 
[===========================56.2%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.3%                          ] 
 
[===========================56.4%                          ] 
 
[===========================56.4%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.5%                          ] 
 
[===========================56.6%                          ] 
 
[===========================56.8%                          ] 
 
[===========================57.1%=                         ] 
 
[===========================57.2%=                         ] 
 
[===========================57.3%=                         ] 
 
[===========================57.4%=                         ] 
 
[===========================57.4%=                         ] 
 
[===========================57.4%=                         ] 
 
[===========================57.4%=                         ] 
 
[===========================57.7%=                         ] 
 
[===========================57.7%=                         ] 
 
[===========================58.0%=                         ] 
 
[===========================59.0%==                        ] 
 
[===========================59.5%==                        ] 
 
[===========================59.6%==                        ] 
 
[===========================60.2%==                        ] 
 
[===========================62.3%====                      ] 
 
[===========================84.9%=================         ] 
 
[==========================100.0%==========================] 
The restore operation completed successfully.
The operation completed successfully.
 
========= End of CMD: =========
 
 
========= SFC /scannow =========
 
 
 
Beginning system scan.  This process will take some time.
 
 
 
Beginning verification phase of system scan.
 
 
Verification 0% complete.
Verification 1% complete.
Verification 1% complete.
Verification 2% complete.
Verification 3% complete.
Verification 3% complete.
Verification 4% complete.
Verification 4% complete.
Verification 5% complete.
Verification 6% complete.
Verification 6% complete.
Verification 7% complete.
Verification 7% complete.
Verification 8% complete.
Verification 9% complete.
Verification 9% complete.
Verification 10% complete.
Verification 11% complete.
Verification 11% complete.
Verification 12% complete.
Verification 12% complete.
Verification 13% complete.
Verification 14% complete.
Verification 14% complete.
Verification 15% complete.
Verification 15% complete.
Verification 16% complete.
Verification 17% complete.
Verification 17% complete.
Verification 18% complete.
Verification 19% complete.
Verification 19% complete.
Verification 20% complete.
Verification 20% complete.
Verification 21% complete.
Verification 22% complete.
Verification 22% complete.
Verification 23% complete.
Verification 23% complete.
Verification 24% complete.
Verification 25% complete.
Verification 25% complete.
Verification 26% complete.
Verification 27% complete.
Verification 27% complete.
Verification 28% complete.
Verification 28% complete.
Verification 29% complete.
Verification 30% complete.
Verification 30% complete.
Verification 31% complete.
Verification 31% complete.
Verification 32% complete.
Verification 33% complete.
Verification 33% complete.
Verification 34% complete.
Verification 35% complete.
Verification 35% complete.
Verification 36% complete.
Verification 36% complete.
Verification 37% complete.
Verification 38% complete.
Verification 38% complete.
Verification 39% complete.
Verification 39% complete.
Verification 40% complete.
Verification 41% complete.
Verification 41% complete.
Verification 42% complete.
Verification 43% complete.
Verification 43% complete.
Verification 44% complete.
Verification 44% complete.
Verification 45% complete.
Verification 46% complete.
Verification 46% complete.
Verification 47% complete.
Verification 47% complete.
Verification 48% complete.
Verification 49% complete.
Verification 49% complete.
Verification 50% complete.
Verification 51% complete.
Verification 51% complete.
Verification 52% complete.
Verification 52% complete.
Verification 53% complete.
Verification 54% complete.
Verification 54% complete.
Verification 55% complete.
Verification 55% complete.
Verification 56% complete.
Verification 57% complete.
Verification 57% complete.
Verification 58% complete.
Verification 59% complete.
Verification 59% complete.
Verification 60% complete.
Verification 60% complete.
Verification 61% complete.
Verification 62% complete.
Verification 62% complete.
Verification 63% complete.
Verification 63% complete.
Verification 64% complete.
Verification 65% complete.
Verification 65% complete.
Verification 66% complete.
Verification 67% complete.
Verification 67% complete.
Verification 68% complete.
Verification 68% complete.
Verification 69% complete.
Verification 70% complete.
Verification 70% complete.
Verification 71% complete.
Verification 71% complete.
Verification 72% complete.
Verification 73% complete.
Verification 73% complete.
Verification 74% complete.
Verification 75% complete.
Verification 75% complete.
Verification 76% complete.
Verification 76% complete.
Verification 77% complete.
Verification 78% complete.
Verification 78% complete.
Verification 79% complete.
Verification 79% complete.
Verification 80% complete.
Verification 81% complete.
Verification 81% complete.
Verification 82% complete.
Verification 83% complete.
Verification 83% complete.
Verification 84% complete.
Verification 84% complete.
Verification 85% complete.
Verification 86% complete.
Verification 86% complete.
Verification 87% complete.
Verification 87% complete.
Verification 88% complete.
Verification 89% complete.
Verification 89% complete.
Verification 90% complete.
Verification 91% complete.
Verification 91% complete.
Verification 92% complete.
Verification 92% complete.
Verification 93% complete.
Verification 94% complete.
Verification 94% complete.
Verification 95% complete.
Verification 95% complete.
Verification 96% complete.
Verification 97% complete.
Verification 97% complete.
Verification 98% complete.
Verification 99% complete.
Verification 99% complete.
Verification 100% complete.
 
 
Windows Resource Protection did not find any integrity violations.
 
 
========= End of CMD: =========
 
 
========= findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log =========
 
2020-07-28 11:41:40, Info                  CSI    00000006 [SR] Verifying 1 components
2020-07-28 11:41:40, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:41, Info                  CSI    00000008 [SR] Verify complete
2020-07-28 11:41:41, Info                  CSI    00000009 [SR] Verifying 1 components
2020-07-28 11:41:41, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:41, Info                  CSI    0000000b [SR] Verify complete
2020-07-28 11:41:41, Info                  CSI    0000000c [SR] Verifying 1 components
2020-07-28 11:41:41, Info                  CSI    0000000d [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:41, Info                  CSI    0000000e [SR] Verify complete
2020-07-28 11:41:41, Info                  CSI    0000000f [SR] Verifying 1 components
2020-07-28 11:41:41, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:41, Info                  CSI    00000011 [SR] Verify complete
2020-07-28 11:41:41, Info                  CSI    00000012 [SR] Verifying 1 components
2020-07-28 11:41:41, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:42, Info                  CSI    00000014 [SR] Verify complete
2020-07-28 11:41:42, Info                  CSI    00000015 [SR] Verifying 1 components
2020-07-28 11:41:42, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-07-28 11:41:42, Info                  CSI    00000017 [SR] Verify complete
2020-08-05 12:03:26, Info                  CSI    00000006 [SR] Verifying 1 components
2020-08-05 12:03:26, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:28, Info                  CSI    00000009 [SR] Verify complete
2020-08-05 12:03:28, Info                  CSI    0000000a [SR] Verifying 1 components
2020-08-05 12:03:28, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:29, Info                  CSI    0000000c [SR] Verify complete
2020-08-05 12:03:29, Info                  CSI    0000000d [SR] Verifying 1 components
2020-08-05 12:03:29, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:29, Info                  CSI    0000000f [SR] Verify complete
2020-08-05 12:03:29, Info                  CSI    00000010 [SR] Verifying 1 components
2020-08-05 12:03:29, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:30, Info                  CSI    00000012 [SR] Verify complete
2020-08-05 12:03:30, Info                  CSI    00000013 [SR] Verifying 1 components
2020-08-05 12:03:30, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:31, Info                  CSI    00000015 [SR] Verify complete
2020-08-05 12:03:31, Info                  CSI    00000016 [SR] Verifying 1 components
2020-08-05 12:03:31, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2020-08-05 12:03:33, Info                  CSI    00000018 [SR] Verify complete
2020-08-13 10:32:00, Info                  CSI    00000006 [SR] Verifying 1 components
2020-08-13 10:32:00, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:01, Info                  CSI    00000008 [SR] Verify complete
2020-08-13 10:32:01, Info                  CSI    00000009 [SR] Verifying 1 components
2020-08-13 10:32:01, Info                  CSI    0000000a [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:02, Info                  CSI    0000000b [SR] Verify complete
2020-08-13 10:32:02, Info                  CSI    0000000c [SR] Verifying 1 components
2020-08-13 10:32:02, Info                  CSI    0000000d [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:02, Info                  CSI    0000000e [SR] Verify complete
2020-08-13 10:32:02, Info                  CSI    0000000f [SR] Verifying 1 components
2020-08-13 10:32:02, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:02, Info                  CSI    00000011 [SR] Verify complete
2020-08-13 10:32:02, Info                  CSI    00000012 [SR] Verifying 1 components
2020-08-13 10:32:02, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:02, Info                  CSI    00000014 [SR] Verify complete
2020-08-13 10:32:02, Info                  CSI    00000015 [SR] Verifying 1 components
2020-08-13 10:32:02, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-08-13 10:32:03, Info                  CSI    00000017 [SR] Verify complete
2020-08-20 12:54:15, Info                  CSI    00000006 [SR] Verifying 1 components
2020-08-20 12:54:15, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:17, Info                  CSI    00000009 [SR] Verify complete
2020-08-20 12:54:17, Info                  CSI    0000000a [SR] Verifying 1 components
2020-08-20 12:54:17, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:20, Info                  CSI    0000000d [SR] Verify complete
2020-08-20 12:54:20, Info                  CSI    0000000e [SR] Verifying 1 components
2020-08-20 12:54:20, Info                  CSI    0000000f [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:20, Info                  CSI    00000010 [SR] Verify complete
2020-08-20 12:54:20, Info                  CSI    00000011 [SR] Verifying 1 components
2020-08-20 12:54:20, Info                  CSI    00000012 [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:21, Info                  CSI    00000013 [SR] Verify complete
2020-08-20 12:54:21, Info                  CSI    00000014 [SR] Verifying 1 components
2020-08-20 12:54:21, Info                  CSI    00000015 [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:21, Info                  CSI    00000016 [SR] Verify complete
2020-08-20 12:54:21, Info                  CSI    00000017 [SR] Verifying 1 components
2020-08-20 12:54:21, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2020-08-20 12:54:21, Info                  CSI    00000019 [SR] Verify complete
2020-08-28 12:19:51, Info                  CSI    00000006 [SR] Verifying 1 components
2020-08-28 12:19:51, Info                  CSI    00000007 [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:53, Info                  CSI    00000009 [SR] Verify complete
2020-08-28 12:19:53, Info                  CSI    0000000a [SR] Verifying 1 components
2020-08-28 12:19:53, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:54, Info                  CSI    0000000c [SR] Verify complete
2020-08-28 12:19:54, Info                  CSI    0000000d [SR] Verifying 1 components
2020-08-28 12:19:54, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:54, Info                  CSI    0000000f [SR] Verify complete
2020-08-28 12:19:54, Info                  CSI    00000010 [SR] Verifying 1 components
2020-08-28 12:19:54, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:54, Info                  CSI    00000012 [SR] Verify complete
2020-08-28 12:19:55, Info                  CSI    00000013 [SR] Verifying 1 components
2020-08-28 12:19:55, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:55, Info                  CSI    00000015 [SR] Verify complete
2020-08-28 12:19:55, Info                  CSI    00000016 [SR] Verifying 1 components
2020-08-28 12:19:55, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2020-08-28 12:19:56, Info                  CSI    00000018 [SR] Verify complete
2020-08-28 16:34:02, Info                  CSI    0000000f [SR] Verifying 100 components
2020-08-28 16:34:02, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:03, Info                  CSI    00000011 [SR] Verify complete
2020-08-28 16:34:03, Info                  CSI    00000012 [SR] Verifying 100 components
2020-08-28 16:34:03, Info                  CSI    00000013 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:03, Info                  CSI    00000014 [SR] Verify complete
2020-08-28 16:34:04, Info                  CSI    00000015 [SR] Verifying 100 components
2020-08-28 16:34:04, Info                  CSI    00000016 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:04, Info                  CSI    00000017 [SR] Verify complete
2020-08-28 16:34:04, Info                  CSI    00000018 [SR] Verifying 100 components
2020-08-28 16:34:04, Info                  CSI    00000019 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:06, Info                  CSI    0000001b [SR] Verify complete
2020-08-28 16:34:06, Info                  CSI    0000001c [SR] Verifying 100 components
2020-08-28 16:34:06, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:07, Info                  CSI    0000001e [SR] Verify complete
2020-08-28 16:34:07, Info                  CSI    0000001f [SR] Verifying 100 components
2020-08-28 16:34:07, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:08, Info                  CSI    00000021 [SR] Verify complete
2020-08-28 16:34:08, Info                  CSI    00000022 [SR] Verifying 100 components
2020-08-28 16:34:08, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:12, Info                  CSI    00000024 [SR] Verify complete
2020-08-28 16:34:12, Info                  CSI    00000025 [SR] Verifying 100 components
2020-08-28 16:34:12, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:14, Info                  CSI    00000027 [SR] Verify complete
2020-08-28 16:34:14, Info                  CSI    00000028 [SR] Verifying 100 components
2020-08-28 16:34:14, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:19, Info                  CSI    0000002a [SR] Verify complete
2020-08-28 16:34:19, Info                  CSI    0000002b [SR] Verifying 100 components
2020-08-28 16:34:19, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:24, Info                  CSI    0000002d [SR] Verify complete
2020-08-28 16:34:24, Info                  CSI    0000002e [SR] Verifying 100 components
2020-08-28 16:34:24, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:36, Info                  CSI    00000030 [SR] Verify complete
2020-08-28 16:34:36, Info                  CSI    00000031 [SR] Verifying 100 components
2020-08-28 16:34:36, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:51, Info                  CSI    00000033 [SR] Verify complete
2020-08-28 16:34:51, Info                  CSI    00000034 [SR] Verifying 100 components
2020-08-28 16:34:51, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:55, Info                  CSI    00000036 [SR] Verify complete
2020-08-28 16:34:55, Info                  CSI    00000037 [SR] Verifying 100 components
2020-08-28 16:34:55, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:56, Info                  CSI    00000039 [SR] Verify complete
2020-08-28 16:34:56, Info                  CSI    0000003a [SR] Verifying 100 components
2020-08-28 16:34:56, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2020-08-28 16:34:58, Info                  CSI    0000003c [SR] Verify complete
2020-08-28 16:34:58, Info                  CSI    0000003d [SR] Verifying 100 components
2020-08-28 16:34:58, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:03, Info                  CSI    00000042 [SR] Verify complete
2020-08-28 16:35:03, Info                  CSI    00000043 [SR] Verifying 100 components
2020-08-28 16:35:03, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:04, Info                  CSI    00000045 [SR] Verify complete
2020-08-28 16:35:04, Info                  CSI    00000046 [SR] Verifying 100 components
2020-08-28 16:35:04, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:08, Info                  CSI    00000049 [SR] Verify complete
2020-08-28 16:35:08, Info                  CSI    0000004a [SR] Verifying 100 components
2020-08-28 16:35:08, Info                  CSI    0000004b [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:11, Info                  CSI    0000004c [SR] Verify complete
2020-08-28 16:35:11, Info                  CSI    0000004d [SR] Verifying 100 components
2020-08-28 16:35:11, Info                  CSI    0000004e [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:14, Info                  CSI    00000051 [SR] Verify complete
2020-08-28 16:35:14, Info                  CSI    00000052 [SR] Verifying 100 components
2020-08-28 16:35:14, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:18, Info                  CSI    00000056 [SR] Verify complete
2020-08-28 16:35:18, Info                  CSI    00000057 [SR] Verifying 100 components
2020-08-28 16:35:18, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:20, Info                  CSI    00000059 [SR] Verify complete
2020-08-28 16:35:20, Info                  CSI    0000005a [SR] Verifying 100 components
2020-08-28 16:35:20, Info                  CSI    0000005b [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:23, Info                  CSI    0000005d [SR] Verify complete
2020-08-28 16:35:23, Info                  CSI    0000005e [SR] Verifying 100 components
2020-08-28 16:35:23, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:27, Info                  CSI    00000060 [SR] Verify complete
2020-08-28 16:35:28, Info                  CSI    00000061 [SR] Verifying 100 components
2020-08-28 16:35:28, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:44, Info                  CSI    00000066 [SR] Verify complete
2020-08-28 16:35:45, Info                  CSI    00000067 [SR] Verifying 100 components
2020-08-28 16:35:45, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:50, Info                  CSI    00000069 [SR] Verify complete
2020-08-28 16:35:50, Info                  CSI    0000006a [SR] Verifying 100 components
2020-08-28 16:35:50, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:53, Info                  CSI    0000006c [SR] Verify complete
2020-08-28 16:35:53, Info                  CSI    0000006d [SR] Verifying 100 components
2020-08-28 16:35:53, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:55, Info                  CSI    0000006f [SR] Verify complete
2020-08-28 16:35:55, Info                  CSI    00000070 [SR] Verifying 100 components
2020-08-28 16:35:55, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2020-08-28 16:35:58, Info                  CSI    00000073 [SR] Verify complete
2020-08-28 16:35:59, Info                  CSI    00000074 [SR] Verifying 100 components
2020-08-28 16:35:59, Info                  CSI    00000075 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:01, Info                  CSI    00000076 [SR] Verify complete
2020-08-28 16:36:01, Info                  CSI    00000077 [SR] Verifying 100 components
2020-08-28 16:36:01, Info                  CSI    00000078 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:03, Info                  CSI    00000079 [SR] Verify complete
2020-08-28 16:36:03, Info                  CSI    0000007a [SR] Verifying 100 components
2020-08-28 16:36:03, Info                  CSI    0000007b [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:05, Info                  CSI    0000007c [SR] Verify complete
2020-08-28 16:36:05, Info                  CSI    0000007d [SR] Verifying 100 components
2020-08-28 16:36:05, Info                  CSI    0000007e [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:07, Info                  CSI    0000007f [SR] Verify complete
2020-08-28 16:36:07, Info                  CSI    00000080 [SR] Verifying 100 components
2020-08-28 16:36:07, Info                  CSI    00000081 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:10, Info                  CSI    00000083 [SR] Verify complete
2020-08-28 16:36:10, Info                  CSI    00000084 [SR] Verifying 100 components
2020-08-28 16:36:10, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:12, Info                  CSI    00000086 [SR] Verify complete
2020-08-28 16:36:13, Info                  CSI    00000087 [SR] Verifying 100 components
2020-08-28 16:36:13, Info                  CSI    00000088 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:16, Info                  CSI    0000008a [SR] Verify complete
2020-08-28 16:36:16, Info                  CSI    0000008b [SR] Verifying 100 components
2020-08-28 16:36:16, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:20, Info                  CSI    0000008f [SR] Verify complete
2020-08-28 16:36:20, Info                  CSI    00000090 [SR] Verifying 100 components
2020-08-28 16:36:20, Info                  CSI    00000091 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:24, Info                  CSI    00000096 [SR] Verify complete
2020-08-28 16:36:24, Info                  CSI    00000097 [SR] Verifying 100 components
2020-08-28 16:36:24, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:32, Info                  CSI    000000a3 [SR] Verify complete
2020-08-28 16:36:32, Info                  CSI    000000a4 [SR] Verifying 100 components
2020-08-28 16:36:32, Info                  CSI    000000a5 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:40, Info                  CSI    000000ad [SR] Verify complete
2020-08-28 16:36:40, Info                  CSI    000000ae [SR] Verifying 100 components
2020-08-28 16:36:40, Info                  CSI    000000af [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:43, Info                  CSI    000000b1 [SR] Verify complete
2020-08-28 16:36:43, Info                  CSI    000000b2 [SR] Verifying 100 components
2020-08-28 16:36:43, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:46, Info                  CSI    000000b5 [SR] Verify complete
2020-08-28 16:36:46, Info                  CSI    000000b6 [SR] Verifying 100 components
2020-08-28 16:36:46, Info                  CSI    000000b7 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:51, Info                  CSI    000000ba [SR] Verify complete
2020-08-28 16:36:51, Info                  CSI    000000bb [SR] Verifying 100 components
2020-08-28 16:36:51, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:52, Info                  CSI    000000bd [SR] Verify complete
2020-08-28 16:36:53, Info                  CSI    000000be [SR] Verifying 100 components
2020-08-28 16:36:53, Info                  CSI    000000bf [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:53, Info                  CSI    000000c0 [SR] Verify complete
2020-08-28 16:36:53, Info                  CSI    000000c1 [SR] Verifying 100 components
2020-08-28 16:36:53, Info                  CSI    000000c2 [SR] Beginning Verify and Repair transaction
2020-08-28 16:36:58, Info                  CSI    000000c5 [SR] Verify complete
2020-08-28 16:36:58, Info                  CSI    000000c6 [SR] Verifying 100 components
2020-08-28 16:36:58, Info                  CSI    000000c7 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:02, Info                  CSI    000000c9 [SR] Verify complete
2020-08-28 16:37:02, Info                  CSI    000000ca [SR] Verifying 100 components
2020-08-28 16:37:02, Info                  CSI    000000cb [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:10, Info                  CSI    000000d6 [SR] Verify complete
2020-08-28 16:37:10, Info                  CSI    000000d7 [SR] Verifying 100 components
2020-08-28 16:37:10, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:14, Info                  CSI    000000db [SR] Verify complete
2020-08-28 16:37:14, Info                  CSI    000000dc [SR] Verifying 100 components
2020-08-28 16:37:14, Info                  CSI    000000dd [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:17, Info                  CSI    000000de [SR] Verify complete
2020-08-28 16:37:17, Info                  CSI    000000df [SR] Verifying 100 components
2020-08-28 16:37:17, Info                  CSI    000000e0 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:21, Info                  CSI    000000e4 [SR] Verify complete
2020-08-28 16:37:22, Info                  CSI    000000e5 [SR] Verifying 100 components
2020-08-28 16:37:22, Info                  CSI    000000e6 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:28, Info                  CSI    000000e7 [SR] Verify complete
2020-08-28 16:37:28, Info                  CSI    000000e8 [SR] Verifying 100 components
2020-08-28 16:37:28, Info                  CSI    000000e9 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:35, Info                  CSI    000000ee [SR] Verify complete
2020-08-28 16:37:35, Info                  CSI    000000ef [SR] Verifying 100 components
2020-08-28 16:37:35, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:40, Info                  CSI    000000f3 [SR] Verify complete
2020-08-28 16:37:40, Info                  CSI    000000f4 [SR] Verifying 100 components
2020-08-28 16:37:40, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:54, Info                  CSI    000000fa [SR] Verify complete
2020-08-28 16:37:54, Info                  CSI    000000fb [SR] Verifying 100 components
2020-08-28 16:37:54, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2020-08-28 16:37:57, Info                  CSI    000000fe [SR] Verify complete
2020-08-28 16:37:57, Info                  CSI    000000ff [SR] Verifying 100 components
2020-08-28 16:37:57, Info                  CSI    00000100 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:01, Info                  CSI    00000102 [SR] Verify complete
2020-08-28 16:38:01, Info                  CSI    00000103 [SR] Verifying 100 components
2020-08-28 16:38:01, Info                  CSI    00000104 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:05, Info                  CSI    00000106 [SR] Verify complete
2020-08-28 16:38:06, Info                  CSI    00000107 [SR] Verifying 100 components
2020-08-28 16:38:06, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:09, Info                  CSI    0000010a [SR] Verify complete
2020-08-28 16:38:09, Info                  CSI    0000010b [SR] Verifying 100 components
2020-08-28 16:38:09, Info                  CSI    0000010c [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:14, Info                  CSI    0000010d [SR] Verify complete
2020-08-28 16:38:14, Info                  CSI    0000010e [SR] Verifying 100 components
2020-08-28 16:38:14, Info                  CSI    0000010f [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:18, Info                  CSI    00000111 [SR] Verify complete
2020-08-28 16:38:18, Info                  CSI    00000112 [SR] Verifying 100 components
2020-08-28 16:38:18, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:22, Info                  CSI    00000114 [SR] Verify complete
2020-08-28 16:38:22, Info                  CSI    00000115 [SR] Verifying 100 components
2020-08-28 16:38:22, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:26, Info                  CSI    00000118 [SR] Verify complete
2020-08-28 16:38:26, Info                  CSI    00000119 [SR] Verifying 100 components
2020-08-28 16:38:26, Info                  CSI    0000011a [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:30, Info                  CSI    0000011c [SR] Verify complete
2020-08-28 16:38:30, Info                  CSI    0000011d [SR] Verifying 100 components
2020-08-28 16:38:30, Info                  CSI    0000011e [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:35, Info                  CSI    0000011f [SR] Verify complete
2020-08-28 16:38:35, Info                  CSI    00000120 [SR] Verifying 100 components
2020-08-28 16:38:35, Info                  CSI    00000121 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:38, Info                  CSI    00000122 [SR] Verify complete
2020-08-28 16:38:38, Info                  CSI    00000123 [SR] Verifying 100 components
2020-08-28 16:38:38, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:40, Info                  CSI    00000125 [SR] Verify complete
2020-08-28 16:38:41, Info                  CSI    00000126 [SR] Verifying 100 components
2020-08-28 16:38:41, Info                  CSI    00000127 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:43, Info                  CSI    00000128 [SR] Verify complete
2020-08-28 16:38:44, Info                  CSI    00000129 [SR] Verifying 100 components
2020-08-28 16:38:44, Info                  CSI    0000012a [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:47, Info                  CSI    0000012b [SR] Verify complete
2020-08-28 16:38:47, Info                  CSI    0000012c [SR] Verifying 100 components
2020-08-28 16:38:47, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:52, Info                  CSI    00000130 [SR] Verify complete
2020-08-28 16:38:53, Info                  CSI    00000131 [SR] Verifying 100 components
2020-08-28 16:38:53, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2020-08-28 16:38:56, Info                  CSI    00000133 [SR] Verify complete
2020-08-28 16:38:56, Info                  CSI    00000134 [SR] Verifying 100 components
2020-08-28 16:38:56, Info                  CSI    00000135 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:01, Info                  CSI    00000138 [SR] Verify complete
2020-08-28 16:39:01, Info                  CSI    00000139 [SR] Verifying 100 components
2020-08-28 16:39:01, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:04, Info                  CSI    0000013b [SR] Verify complete
2020-08-28 16:39:04, Info                  CSI    0000013c [SR] Verifying 100 components
2020-08-28 16:39:04, Info                  CSI    0000013d [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:11, Info                  CSI    00000142 [SR] Verify complete
2020-08-28 16:39:12, Info                  CSI    00000143 [SR] Verifying 100 components
2020-08-28 16:39:12, Info                  CSI    00000144 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:16, Info                  CSI    00000145 [SR] Verify complete
2020-08-28 16:39:16, Info                  CSI    00000146 [SR] Verifying 100 components
2020-08-28 16:39:16, Info                  CSI    00000147 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:27, Info                  CSI    00000151 [SR] Verify complete
2020-08-28 16:39:27, Info                  CSI    00000152 [SR] Verifying 100 components
2020-08-28 16:39:27, Info                  CSI    00000153 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:36, Info                  CSI    00000155 [SR] Verify complete
2020-08-28 16:39:36, Info                  CSI    00000156 [SR] Verifying 100 components
2020-08-28 16:39:36, Info                  CSI    00000157 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:40, Info                  CSI    00000159 [SR] Verify complete
2020-08-28 16:39:40, Info                  CSI    0000015a [SR] Verifying 100 components
2020-08-28 16:39:40, Info                  CSI    0000015b [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:46, Info                  CSI    0000015f [SR] Verify complete
2020-08-28 16:39:46, Info                  CSI    00000160 [SR] Verifying 100 components
2020-08-28 16:39:46, Info                  CSI    00000161 [SR] Beginning Verify and Repair transaction
2020-08-28 16:39:54, Info                  CSI    00000165 [SR] Verify complete
2020-08-28 16:39:55, Info                  CSI    00000166 [SR] Verifying 100 components
2020-08-28 16:39:55, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:01, Info                  CSI    0000016c [SR] Verify complete
2020-08-28 16:40:02, Info                  CSI    0000016d [SR] Verifying 100 components
2020-08-28 16:40:02, Info                  CSI    0000016e [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:06, Info                  CSI    00000170 [SR] Verify complete
2020-08-28 16:40:07, Info                  CSI    00000171 [SR] Verifying 100 components
2020-08-28 16:40:07, Info                  CSI    00000172 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:16, Info                  CSI    00000175 [SR] Verify complete
2020-08-28 16:40:16, Info                  CSI    00000176 [SR] Verifying 100 components
2020-08-28 16:40:16, Info                  CSI    00000177 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:21, Info                  CSI    00000178 [SR] Verify complete
2020-08-28 16:40:21, Info                  CSI    00000179 [SR] Verifying 100 components
2020-08-28 16:40:21, Info                  CSI    0000017a [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:25, Info                  CSI    0000017b [SR] Verify complete
2020-08-28 16:40:25, Info                  CSI    0000017c [SR] Verifying 100 components
2020-08-28 16:40:25, Info                  CSI    0000017d [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:29, Info                  CSI    0000017e [SR] Verify complete
2020-08-28 16:40:29, Info                  CSI    0000017f [SR] Verifying 100 components
2020-08-28 16:40:29, Info                  CSI    00000180 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:33, Info                  CSI    00000182 [SR] Verify complete
2020-08-28 16:40:33, Info                  CSI    00000183 [SR] Verifying 100 components
2020-08-28 16:40:33, Info                  CSI    00000184 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:38, Info                  CSI    00000186 [SR] Verify complete
2020-08-28 16:40:38, Info                  CSI    00000187 [SR] Verifying 100 components
2020-08-28 16:40:38, Info                  CSI    00000188 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:45, Info                  CSI    0000018c [SR] Verify complete
2020-08-28 16:40:45, Info                  CSI    0000018d [SR] Verifying 100 components
2020-08-28 16:40:45, Info                  CSI    0000018e [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:50, Info                  CSI    0000018f [SR] Verify complete
2020-08-28 16:40:50, Info                  CSI    00000190 [SR] Verifying 100 components
2020-08-28 16:40:50, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2020-08-28 16:40:54, Info                  CSI    00000193 [SR] Verify complete
2020-08-28 16:40:54, Info                  CSI    00000194 [SR] Verifying 100 components
2020-08-28 16:40:54, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:01, Info                  CSI    00000197 [SR] Verify complete
2020-08-28 16:41:01, Info                  CSI    00000198 [SR] Verifying 100 components
2020-08-28 16:41:01, Info                  CSI    00000199 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:06, Info                  CSI    0000019c [SR] Verify complete
2020-08-28 16:41:06, Info                  CSI    0000019d [SR] Verifying 100 components
2020-08-28 16:41:06, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:09, Info                  CSI    000001a1 [SR] Verify complete
2020-08-28 16:41:09, Info                  CSI    000001a2 [SR] Verifying 100 components
2020-08-28 16:41:09, Info                  CSI    000001a3 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:12, Info                  CSI    000001a4 [SR] Verify complete
2020-08-28 16:41:12, Info                  CSI    000001a5 [SR] Verifying 100 components
2020-08-28 16:41:12, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:18, Info                  CSI    000001ad [SR] Verify complete
2020-08-28 16:41:18, Info                  CSI    000001ae [SR] Verifying 100 components
2020-08-28 16:41:18, Info                  CSI    000001af [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:24, Info                  CSI    000001b9 [SR] Verify complete
2020-08-28 16:41:24, Info                  CSI    000001ba [SR] Verifying 100 components
2020-08-28 16:41:24, Info                  CSI    000001bb [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:26, Info                  CSI    000001bc [SR] Verify complete
2020-08-28 16:41:27, Info                  CSI    000001bd [SR] Verifying 100 components
2020-08-28 16:41:27, Info                  CSI    000001be [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:30, Info                  CSI    000001c0 [SR] Verify complete
2020-08-28 16:41:30, Info                  CSI    000001c1 [SR] Verifying 100 components
2020-08-28 16:41:30, Info                  CSI    000001c2 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:32, Info                  CSI    000001c4 [SR] Verify complete
2020-08-28 16:41:33, Info                  CSI    000001c5 [SR] Verifying 100 components
2020-08-28 16:41:33, Info                  CSI    000001c6 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:35, Info                  CSI    000001c7 [SR] Verify complete
2020-08-28 16:41:35, Info                  CSI    000001c8 [SR] Verifying 100 components
2020-08-28 16:41:35, Info                  CSI    000001c9 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:37, Info                  CSI    000001cb [SR] Verify complete
2020-08-28 16:41:37, Info                  CSI    000001cc [SR] Verifying 100 components
2020-08-28 16:41:37, Info                  CSI    000001cd [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:41, Info                  CSI    000001d1 [SR] Verify complete
2020-08-28 16:41:41, Info                  CSI    000001d2 [SR] Verifying 100 components
2020-08-28 16:41:41, Info                  CSI    000001d3 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:44, Info                  CSI    000001d4 [SR] Verify complete
2020-08-28 16:41:44, Info                  CSI    000001d5 [SR] Verifying 100 components
2020-08-28 16:41:44, Info                  CSI    000001d6 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:47, Info                  CSI    000001d7 [SR] Verify complete
2020-08-28 16:41:47, Info                  CSI    000001d8 [SR] Verifying 100 components
2020-08-28 16:41:47, Info                  CSI    000001d9 [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:51, Info                  CSI    000001db [SR] Verify complete
2020-08-28 16:41:51, Info                  CSI    000001dc [SR] Verifying 100 components
2020-08-28 16:41:51, Info                  CSI    000001dd [SR] Beginning Verify and Repair transaction
2020-08-28 16:41:53, Info                  CSI    000001e0 [SR] Verify complete
2020-08-28 16:41:53, Info                  CSI    000001e1 [SR] Verifying 100 components
2020-08-28 16:41:53, Info                  CSI    000001e2 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:00, Info                  CSI    000001e8 [SR] Verify complete
2020-08-28 16:42:00, Info                  CSI    000001e9 [SR] Verifying 100 components
2020-08-28 16:42:00, Info                  CSI    000001ea [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:06, Info                  CSI    000001f1 [SR] Verify complete
2020-08-28 16:42:06, Info                  CSI    000001f2 [SR] Verifying 100 components
2020-08-28 16:42:06, Info                  CSI    000001f3 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:09, Info                  CSI    000001f4 [SR] Verify complete
2020-08-28 16:42:09, Info                  CSI    000001f5 [SR] Verifying 100 components
2020-08-28 16:42:09, Info                  CSI    000001f6 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:11, Info                  CSI    000001f7 [SR] Verify complete
2020-08-28 16:42:12, Info                  CSI    000001f8 [SR] Verifying 100 components
2020-08-28 16:42:12, Info                  CSI    000001f9 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:14, Info                  CSI    000001fa [SR] Verify complete
2020-08-28 16:42:14, Info                  CSI    000001fb [SR] Verifying 100 components
2020-08-28 16:42:14, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:17, Info                  CSI    000001fe [SR] Verify complete
2020-08-28 16:42:18, Info                  CSI    000001ff [SR] Verifying 100 components
2020-08-28 16:42:18, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:20, Info                  CSI    00000201 [SR] Verify complete
2020-08-28 16:42:20, Info                  CSI    00000202 [SR] Verifying 100 components
2020-08-28 16:42:20, Info                  CSI    00000203 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:22, Info                  CSI    00000204 [SR] Verify complete
2020-08-28 16:42:23, Info                  CSI    00000205 [SR] Verifying 100 components
2020-08-28 16:42:23, Info                  CSI    00000206 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:26, Info                  CSI    00000209 [SR] Verify complete
2020-08-28 16:42:26, Info                  CSI    0000020a [SR] Verifying 100 components
2020-08-28 16:42:26, Info                  CSI    0000020b [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:30, Info                  CSI    0000020e [SR] Verify complete
2020-08-28 16:42:30, Info                  CSI    0000020f [SR] Verifying 100 components
2020-08-28 16:42:30, Info                  CSI    00000210 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:34, Info                  CSI    00000211 [SR] Verify complete
2020-08-28 16:42:34, Info                  CSI    00000212 [SR] Verifying 100 components
2020-08-28 16:42:34, Info                  CSI    00000213 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:38, Info                  CSI    00000214 [SR] Verify complete
2020-08-28 16:42:38, Info                  CSI    00000215 [SR] Verifying 100 components
2020-08-28 16:42:38, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:41, Info                  CSI    00000217 [SR] Verify complete
2020-08-28 16:42:41, Info                  CSI    00000218 [SR] Verifying 100 components
2020-08-28 16:42:41, Info                  CSI    00000219 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:46, Info                  CSI    0000021a [SR] Verify complete
2020-08-28 16:42:46, Info                  CSI    0000021b [SR] Verifying 100 components
2020-08-28 16:42:46, Info                  CSI    0000021c [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:49, Info                  CSI    0000021d [SR] Verify complete
2020-08-28 16:42:49, Info                  CSI    0000021e [SR] Verifying 100 components
2020-08-28 16:42:49, Info                  CSI    0000021f [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:53, Info                  CSI    00000220 [SR] Verify complete
2020-08-28 16:42:53, Info                  CSI    00000221 [SR] Verifying 100 components
2020-08-28 16:42:53, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2020-08-28 16:42:57, Info                  CSI    00000223 [SR] Verify complete
2020-08-28 16:42:57, Info                  CSI    00000224 [SR] Verifying 100 components
2020-08-28 16:42:57, Info                  CSI    00000225 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:02, Info                  CSI    00000227 [SR] Verify complete
2020-08-28 16:43:02, Info                  CSI    00000228 [SR] Verifying 100 components
2020-08-28 16:43:02, Info                  CSI    00000229 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:06, Info                  CSI    0000022d [SR] Verify complete
2020-08-28 16:43:06, Info                  CSI    0000022e [SR] Verifying 100 components
2020-08-28 16:43:06, Info                  CSI    0000022f [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:10, Info                  CSI    00000230 [SR] Verify complete
2020-08-28 16:43:10, Info                  CSI    00000231 [SR] Verifying 100 components
2020-08-28 16:43:10, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:12, Info                  CSI    00000233 [SR] Verify complete
2020-08-28 16:43:13, Info                  CSI    00000234 [SR] Verifying 100 components
2020-08-28 16:43:13, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:14, Info                  CSI    00000236 [SR] Verify complete
2020-08-28 16:43:15, Info                  CSI    00000237 [SR] Verifying 100 components
2020-08-28 16:43:15, Info                  CSI    00000238 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:19, Info                  CSI    0000023b [SR] Verify complete
2020-08-28 16:43:19, Info                  CSI    0000023c [SR] Verifying 100 components
2020-08-28 16:43:19, Info                  CSI    0000023d [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:24, Info                  CSI    00000241 [SR] Verify complete
2020-08-28 16:43:25, Info                  CSI    00000242 [SR] Verifying 100 components
2020-08-28 16:43:25, Info                  CSI    00000243 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:28, Info                  CSI    00000244 [SR] Verify complete
2020-08-28 16:43:28, Info                  CSI    00000245 [SR] Verifying 100 components
2020-08-28 16:43:28, Info                  CSI    00000246 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:32, Info                  CSI    0000024b [SR] Verify complete
2020-08-28 16:43:32, Info                  CSI    0000024c [SR] Verifying 100 components
2020-08-28 16:43:32, Info                  CSI    0000024d [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:38, Info                  CSI    00000252 [SR] Verify complete
2020-08-28 16:43:38, Info                  CSI    00000253 [SR] Verifying 100 components
2020-08-28 16:43:38, Info                  CSI    00000254 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:43, Info                  CSI    00000256 [SR] Verify complete
2020-08-28 16:43:43, Info                  CSI    00000257 [SR] Verifying 100 components
2020-08-28 16:43:43, Info                  CSI    00000258 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:49, Info                  CSI    0000025a [SR] Verify complete
2020-08-28 16:43:49, Info                  CSI    0000025b [SR] Verifying 100 components
2020-08-28 16:43:49, Info                  CSI    0000025c [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:54, Info                  CSI    0000025f [SR] Verify complete
2020-08-28 16:43:54, Info                  CSI    00000260 [SR] Verifying 100 components
2020-08-28 16:43:54, Info                  CSI    00000261 [SR] Beginning Verify and Repair transaction
2020-08-28 16:43:58, Info                  CSI    00000262 [SR] Verify complete
2020-08-28 16:43:58, Info                  CSI    00000263 [SR] Verifying 100 components
2020-08-28 16:43:58, Info                  CSI    00000264 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:01, Info                  CSI    00000265 [SR] Verify complete
2020-08-28 16:44:01, Info                  CSI    00000266 [SR] Verifying 100 components
2020-08-28 16:44:01, Info                  CSI    00000267 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:04, Info                  CSI    00000268 [SR] Verify complete
2020-08-28 16:44:04, Info                  CSI    00000269 [SR] Verifying 100 components
2020-08-28 16:44:04, Info                  CSI    0000026a [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:08, Info                  CSI    0000026c [SR] Verify complete
2020-08-28 16:44:09, Info                  CSI    0000026d [SR] Verifying 100 components
2020-08-28 16:44:09, Info                  CSI    0000026e [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:13, Info                  CSI    00000273 [SR] Verify complete
2020-08-28 16:44:13, Info                  CSI    00000274 [SR] Verifying 100 components
2020-08-28 16:44:13, Info                  CSI    00000275 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:18, Info                  CSI    00000276 [SR] Verify complete
2020-08-28 16:44:18, Info                  CSI    00000277 [SR] Verifying 100 components
2020-08-28 16:44:18, Info                  CSI    00000278 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:22, Info                  CSI    0000027a [SR] Verify complete
2020-08-28 16:44:23, Info                  CSI    0000027b [SR] Verifying 100 components
2020-08-28 16:44:23, Info                  CSI    0000027c [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:28, Info                  CSI    0000027e [SR] Verify complete
2020-08-28 16:44:28, Info                  CSI    0000027f [SR] Verifying 100 components
2020-08-28 16:44:28, Info                  CSI    00000280 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:32, Info                  CSI    00000281 [SR] Verify complete
2020-08-28 16:44:32, Info                  CSI    00000282 [SR] Verifying 100 components
2020-08-28 16:44:32, Info                  CSI    00000283 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:37, Info                  CSI    00000286 [SR] Verify complete
2020-08-28 16:44:37, Info                  CSI    00000287 [SR] Verifying 100 components
2020-08-28 16:44:37, Info                  CSI    00000288 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:42, Info                  CSI    0000028a [SR] Verify complete
2020-08-28 16:44:42, Info                  CSI    0000028b [SR] Verifying 100 components
2020-08-28 16:44:42, Info                  CSI    0000028c [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:45, Info                  CSI    0000028d [SR] Verify complete
2020-08-28 16:44:45, Info                  CSI    0000028e [SR] Verifying 100 components
2020-08-28 16:44:45, Info                  CSI    0000028f [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:52, Info                  CSI    00000291 [SR] Verify complete
2020-08-28 16:44:52, Info                  CSI    00000292 [SR] Verifying 100 components
2020-08-28 16:44:52, Info                  CSI    00000293 [SR] Beginning Verify and Repair transaction
2020-08-28 16:44:58, Info                  CSI    00000296 [SR] Verify complete
2020-08-28 16:44:58, Info                  CSI    00000297 [SR] Verifying 100 components
2020-08-28 16:44:58, Info                  CSI    00000298 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:03, Info                  CSI    00000299 [SR] Verify complete
2020-08-28 16:45:03, Info                  CSI    0000029a [SR] Verifying 100 components
2020-08-28 16:45:03, Info                  CSI    0000029b [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:07, Info                  CSI    0000029e [SR] Verify complete
2020-08-28 16:45:07, Info                  CSI    0000029f [SR] Verifying 100 components
2020-08-28 16:45:07, Info                  CSI    000002a0 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:13, Info                  CSI    000002a6 [SR] Verify complete
2020-08-28 16:45:13, Info                  CSI    000002a7 [SR] Verifying 100 components
2020-08-28 16:45:13, Info                  CSI    000002a8 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:18, Info                  CSI    000002a9 [SR] Verify complete
2020-08-28 16:45:19, Info                  CSI    000002aa [SR] Verifying 100 components
2020-08-28 16:45:19, Info                  CSI    000002ab [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:21, Info                  CSI    000002ac [SR] Verify complete
2020-08-28 16:45:21, Info                  CSI    000002ad [SR] Verifying 100 components
2020-08-28 16:45:21, Info                  CSI    000002ae [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:25, Info                  CSI    000002b1 [SR] Verify complete
2020-08-28 16:45:25, Info                  CSI    000002b2 [SR] Verifying 100 components
2020-08-28 16:45:25, Info                  CSI    000002b3 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:29, Info                  CSI    000002b6 [SR] Verify complete
2020-08-28 16:45:29, Info                  CSI    000002b7 [SR] Verifying 100 components
2020-08-28 16:45:29, Info                  CSI    000002b8 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:34, Info                  CSI    000002c2 [SR] Verify complete
2020-08-28 16:45:35, Info                  CSI    000002c3 [SR] Verifying 100 components
2020-08-28 16:45:35, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:38, Info                  CSI    000002c7 [SR] Verify complete
2020-08-28 16:45:38, Info                  CSI    000002c8 [SR] Verifying 100 components
2020-08-28 16:45:38, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:40, Info                  CSI    000002ca [SR] Verify complete
2020-08-28 16:45:40, Info                  CSI    000002cb [SR] Verifying 100 components
2020-08-28 16:45:40, Info                  CSI    000002cc [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:44, Info                  CSI    000002ce [SR] Verify complete
2020-08-28 16:45:44, Info                  CSI    000002cf [SR] Verifying 55 components
2020-08-28 16:45:44, Info                  CSI    000002d0 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:48, Info                  CSI    000002d6 [SR] Verify complete
2020-08-28 16:45:48, Info                  CSI    000002d7 [SR] Repairing 0 components
2020-08-28 16:45:48, Info                  CSI    000002d8 [SR] Beginning Verify and Repair transaction
2020-08-28 16:45:48, Info                  CSI    000002d9 [SR] Repair complete
 
========= End of CMD: =========
 
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
Failed to clear log Intel-SST-CFD-HDA/IntelSST.
The instance name passed was not recognized as valid by a WMI data provider.
Failed to clear log Microsoft-Windows-LiveId/Analytic.
Access is denied.
Failed to clear log Microsoft-Windows-LiveId/Operational.
Access is denied.
Failed to clear log Microsoft-Windows-USBVideo/Analytic.
The instance name passed was not recognized as valid by a WMI data provider.
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 16:47:21 ====
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-08-2020
Ran by HP (administrator) on LAPTOP-FCQT1SKQ (HP HP Pavilion Notebook) (28-08-2020 16:55:49)
Running from C:\Users\HP\Desktop
Loaded Profiles: HP
Platform: Windows 10 Home Version 1909 18363.959 (X64) Language: English (United Kingdom)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Google LLC -> Google LLC) C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe <13>
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel® Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\HP\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.8-0\NisSrv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent Inc -> WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9181696 2016-12-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
HKLM-x32\...\Run: [PowerDVD14Agent] => C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe [795336 2016-01-29] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [Google Update] => C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\GoogleUpdateCore.exe [217544 2020-03-21] (Google LLC -> Google LLC)
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [8022104 2020-04-20] (LAVASOFT SOFTWARE CANADA INC -> Lavasoft)
HKLM\...\Windows x64\Print Processors\hpzpp5k2: C:\Windows\System32\spool\prtprocs\x64\hpzpp5k2.dll [224768 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PCL hpz3l5k2: C:\WINDOWS\system32\hpz3l5k2.dll [130048 2007-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {16F3E5CA-074F-4D1E-8109-D9B4EA0E268B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3242380816-148138334-2338840981-1001UA => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)
Task: {1C9E7433-014B-4348-B316-05F183255E5D} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {272A407D-F120-4FA9-A110-C6DC7C099E0F} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {2BDE04DC-CD07-4D38-9F74-42BE6E6F6EC9} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {3F12E0BC-0355-4B10-87C0-7450BA0CC409} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {43254BF7-9CFC-4899-928E-F8F77FCC3E39} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {482A6F5E-2777-40C0-BCC2-D3833FF5F084} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {4A3C25E8-6AE0-4B2C-BD3C-3CC6D84B232B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [662872 2020-04-30] (HP Inc. -> HP Inc.)
Task: {5789398B-BBFA-4FA2-90F0-D22A604957A9} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe
Task: {5A1A4FDD-8252-4DF5-9195-CF481B5776D3} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {5BC48988-FA58-4275-82B0-4B7B1B4F53A8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A402668-CA22-4081-9A73-8B996DD05C60} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6C25B47A-3545-4446-855B-03BA8505894F} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A0A3992F-F88D-47CC-80AF-D73BCE4DC8CE} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe
Task: {A0F23110-0EA5-43D0-9027-D0BEB03F1F7F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1312664 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {A4C280F1-CB6F-4F38-9020-BEBDC2E93089} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3242380816-148138334-2338840981-1001Core => C:\Users\HP\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-09-08] (Google Inc -> Google Inc.)
Task: {A517403B-0070-45B2-856B-24191F416960} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {A8433D85-73BF-4ADA-942A-8533A89E6CBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {AA26E1EE-7AC2-49EE-A0CB-5BA4936E33B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1505624 2020-05-20] (HP Inc. -> HP Inc.)
Task: {ADCCE64E-81BC-4E1E-B8D1-8B883F42265A} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {B3D78A7A-1679-4A5E-A0FD-D23DFE91EFCF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MpCmdRun.exe [525048 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B489D725-AD5A-4F13-B2D1-02FF245942FC} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23819120 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {BB270CD1-B681-4A04-8A42-0FEA3021BA01} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {C96E1A05-2C8E-47D9-AF2B-8DBA7A12A120} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {CA1EA942-1F19-4345-BED1-32CEB9DCFAFF} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [857568 2016-01-14] (Intel® Trusted Connect Service -> Intel® Corporation)
Task: {DA47B706-2D31-4BB5-8277-5FE30F2D0ACA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [118616 2020-08-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {DB347944-6313-465A-9481-E7726556BF0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {E3B148D2-892E-471F-B258-090441AEB29A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {FB5C8FFB-1D56-4CA7-ADD7-3AF1F13F953B} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
Task: {FC88F052-0F21-433C-9DC9-8F6C584A2970} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1133912 2020-06-19] (HP Inc. -> HP Inc.)
Task: {FD02DE29-E83E-4EC7-A3DD-CE0D2DB6F8B7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
Task: {FF236CCA-FD6D-4B57-8FA8-42305D63D644} - System32\Tasks\HPDAS => C:\Program [Argument = Files\HP\HP ePrint\HP.DeliveryAndStatus.Desktop.App.exe /CheckJobs]
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{c036807e-c83f-4dac-8b80-f3a73ea3935a}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{f0367b84-4165-4b7c-aca7-bf572017e741}: [DhcpNameServer] 40.23.1.12
 
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9E5F076F-E0BD-4C09-9B8C-885B7FF92BBE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3242380816-148138334-2338840981-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3242380816-148138334-2338840981-1001 -> {9E5F076F-E0BD-4C09-9B8C-885B7FF92BBE} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> No File
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll No File
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-08-08] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} -  No File
 
Edge: 
======
DownloadDir: C:\Users\HP\Downloads
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13]
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2020-08-27]
 
FireFox:
========
FF DefaultProfile: qn2is5s3.default
FF ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\qn2is5s3.default [2020-08-28]
FF Homepage: Mozilla\Firefox\Profiles\qn2is5s3.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 04:16:17&bName=&bitmask=0600
FF NewTab: Mozilla\Firefox\Profiles\qn2is5s3.default -> hxxps://defaultsearch.co/homepage?hp=1&pId=BT171001&iDate=2020-04-20 04:16:17&bName=&bitmask=0600
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-26] (Adobe Systems Incorporated -> )
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-26] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1219159.dll [2015-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-12-22] (WildTangent Inc -> )
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2020-08-27]
CHR HomePage: Default -> hxxps://www.google.co.uk/
CHR StartupUrls: Default -> "hxxps://www.google.co.uk/"
CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?fr=mcafee&type=E211GB1274G0&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR DefaultSuggestURL: Default -> hxxps://uk.search.yahoo.com/sugg/gossip/gossip-uk-partner?output=fxjson&appid=mca&source=yahoo_mcafee_searchassist&command={searchTerms}
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-09-08]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-08]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-09-08]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-09-08]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-09-08]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-08]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-08]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2020-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-15]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-04]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-08]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-01-06]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1 [2020-08-28]
CHR DownloadDir: C:\Users\HP\Desktop
CHR Extension: (Slides) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-01-06]
CHR Extension: (Safe Torrent Scanner) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aegnopegbbhjeeiganiajffnalhlkkjb [2020-08-15]
CHR Extension: (Docs) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2020-01-06]
CHR Extension: (Google Drive) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-01-06]
CHR Extension: (YouTube) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-06]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2020-08-08]
CHR Extension: (Download image) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcbjajkiiojcgdinllnmcgnihjemcibg [2020-04-07]
CHR Extension: (High Contrast) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2020-05-05]
CHR Extension: (Sheets) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-01-06]
CHR Extension: (Google Docs Offline) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-01-06]
CHR Extension: (Gmail) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-01-06]
CHR Extension: (Chrome Media Router) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-07-20]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2020-01-07]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10566536 2020-08-05] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1392792 2016-01-20] (Intel® Software -> Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-12-22] (WildTangent Inc -> WildTangent)
R2 HP Comm Recover; c:\Program Files\HPCommRecovery\HPCommRecovery.exe [48128 2016-04-18] (HP Inc.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379224 2020-05-20] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (Hewlett-Packard Company -> HP Inc.)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-09-17] (Intel® Software Asset Manager -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6960640 2020-01-13] (Malwarebytes Inc -> Malwarebytes)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1882\McCHSvc.exe [408192 2020-07-20] (McAfee, LLC -> McAfee, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
S2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [29272 2020-04-20] (LAVASOFT SOFTWARE CANADA INC -> )
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\NisSrv.exe [2343128 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.8-0\MsMpEng.exe [128376 2020-08-27] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-04-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-01-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-08-28] (Malwarebytes Inc -> Malwarebytes)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8673040 2020-02-06] (Intel Wireless Driver -> Intel Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2020-08-27] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [428264 2020-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-08-27] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ===================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-28 16:50 - 2020-08-28 16:50 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-08-28 16:47 - 2020-08-28 16:49 - 001388448 _____ C:\Users\Public\ASR.dat
2020-08-28 16:10 - 2020-08-28 16:47 - 000110258 _____ C:\Users\HP\Desktop\Fixlog.txt
2020-08-28 12:24 - 2020-08-28 12:24 - 000006339 _____ C:\Users\HP\Desktop\SearchReg.txt
2020-08-27 10:53 - 2020-08-27 10:55 - 000043293 _____ C:\Users\HP\Desktop\Addition.txt
2020-08-27 10:49 - 2020-08-28 16:58 - 000029812 _____ C:\Users\HP\Desktop\FRST.txt
2020-08-27 10:49 - 2020-08-28 16:57 - 000000000 ____D C:\FRST
2020-08-27 10:30 - 2020-08-27 10:30 - 002298368 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2020-08-27 09:20 - 2020-08-27 09:20 - 002117080 _____ (BitTorrent Inc.) C:\Users\HP\Downloads\uTorrent.exe
2020-08-26 16:45 - 2020-08-26 16:45 - 000000000 ____D C:\ProgramData\Mozilla
2020-08-26 16:20 - 2020-08-26 19:12 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S03.WEBRip.x264-ION10
2020-08-25 16:35 - 2020-08-25 16:44 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S07.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:59 - 2020-08-21 09:46 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S06.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:58 - 2020-08-21 09:52 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S05.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:57 - 2020-08-21 09:41 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S04.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-20 17:56 - 2020-08-20 22:13 - 000000000 ____D C:\Users\HP\Downloads\Burn.Notice.S03.1080p.AMZN.WEBRip.DDP5.1.x264-NiXON[rartv]
2020-08-19 19:23 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP\AppData\Roaming\Intel
2020-08-19 19:21 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP\AppData\Local\Packages
2020-08-19 19:20 - 2020-08-19 19:23 - 000000000 ____D C:\Users\TEMP
2020-07-29 08:40 - 2020-08-05 12:04 - 000000000 ____D C:\ProgramData\McAfee
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2020-08-28 16:57 - 2020-06-14 14:59 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-08-28 16:57 - 2020-06-14 14:59 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-08-28 16:57 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-08-28 16:53 - 2016-10-31 11:12 - 000000000 ___RD C:\Users\HP\OneDrive
2020-08-28 16:52 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-08-28 16:51 - 2016-10-31 11:09 - 000000000 __SHD C:\Users\HP\IntelGraphicsProfiles
2020-08-28 16:49 - 2019-11-04 23:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-08-28 16:48 - 2019-03-19 05:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-08-28 16:33 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-08-27 09:38 - 2020-06-14 14:59 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-08-27 09:38 - 2020-06-14 14:59 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-08-27 09:38 - 2020-06-14 14:59 - 000002283 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-08-27 09:37 - 2019-04-19 10:12 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2020-08-27 09:24 - 2016-11-06 12:10 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2020-08-27 08:46 - 2019-11-04 22:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-08-26 16:45 - 2016-12-26 23:47 - 000000000 ____D C:\Users\HP\AppData\LocalLow\Mozilla
2020-08-25 21:11 - 2019-11-04 23:13 - 000003372 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3242380816-148138334-2338840981-1001
2020-08-25 21:10 - 2019-11-04 22:54 - 000002361 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-08-25 11:04 - 2020-01-06 14:58 - 000002581 _____ C:\Users\HP\Desktop\Peter (Nigel Worton) - Chrome.lnk
2020-08-20 20:26 - 2018-04-03 09:22 - 000000000 ____D C:\Users\HP\AppData\Roaming\vlc
2020-08-20 12:53 - 2016-04-01 10:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-08-19 20:45 - 2019-11-04 22:54 - 000000000 ____D C:\Users\HP
2020-08-19 19:46 - 2019-03-19 05:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-08-19 19:21 - 2019-03-19 05:52 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-08-19 19:21 - 2016-11-23 00:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-08-19 11:14 - 2018-09-08 10:10 - 000002490 _____ C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-08-16 14:17 - 2019-11-04 23:05 - 000936852 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-08-16 14:17 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2020-08-07 10:00 - 2016-08-14 00:44 - 000000000 ____D C:\ProgramData\AVAST Software
2020-07-30 16:17 - 2016-04-01 10:58 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-07-30 16:17 - 2016-04-01 10:58 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-07-29 08:40 - 2019-11-04 23:13 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-07-29 08:40 - 2019-11-04 23:13 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
 
==================== Files in the root of some directories ========
 
2020-08-28 16:47 - 2020-08-28 16:49 - 001388448 _____ () C:\Users\Public\ASR.dat
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by HP (28-08-2020 16:59:51)
Running from C:\Users\HP\Desktop
Windows 10 Home Version 1909 18363.959 (X64) (2019-11-04 22:14:15)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3242380816-148138334-2338840981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3242380816-148138334-2338840981-503 - Limited - Disabled)
Guest (S-1-5-21-3242380816-148138334-2338840981-501 - Limited - Disabled)
HP (S-1-5-21-3242380816-148138334-2338840981-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-3242380816-148138334-2338840981-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.)
Bejeweled 3 (HKLM-x32\...\WTA-c57375fe-7c4e-42fe-933d-8b7cb7ba6162) (Version: 2.2.0.95 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (HKLM-x32\...\WTA-2ef5d62f-3135-477e-89cd-6164f99a589b) (Version: 3.0.2.59 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (HKLM-x32\...\WTA-9e42fc3c-37a6-4064-9cee-b0c58c7fd7b7) (Version: 3.0.2.48 - WildTangent) Hidden
Crazy Chicken Soccer (HKLM-x32\...\WTA-04fae52d-5b85-45e7-97a2-e3eee4beccc4) (Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6129 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)
Delicious: Emily's Wonder Wedding Premium Edition (HKLM-x32\...\WTA-2c6c49fa-0409-4d00-9e40-6d7f96b35a71) (Version: 3.0.2.59 - WildTangent) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.335.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\Google Chrome) (Version: 84.0.4147.135 - Google LLC)
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.8.26.13 - HP)
HP Support Solutions Framework (HKLM-x32\...\{5F084DD8-AF2C-4004-9C92-820C32E4BD55}) (Version: 12.16.22.11 - HP)
HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10605.221 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.2.1183 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel® WiDi (HKLM\...\{6B15F1EF-F3A8-4C29-BF9E-18EB3683A83D}) (Version: 6.0.60.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{AC8973AF-7F4C-40F4-BFE1-C02FE95ED2C2}) (Version: 3.2.1184 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{EB14CEF0-8F59-47A3-B965-D0C0D6AC0DA3}) (Version: 18.1.1605.3087 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-e54f8f30-ded5-4713-b255-3f1c0a6a244e) (Version: 2.2.0.97 - WildTangent) Hidden
Little Boy: Walter's Scooter (HKLM-x32\...\WTA-e1a91bd4-66dd-4922-a5b2-c1c6d9efca3b) (Version: 3.0.2.59 - WildTangent) Hidden
Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1882.1 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.13029.20344 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 84.0.522.63 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.135.29 - )
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\OneDriveSetup.exe) (Version: 20.143.0716.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 59.0.3.6691 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13029.20344 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13029.20200 - Microsoft Corporation) Hidden
Polar Bowler 1st Frame (HKLM-x32\...\WTA-23827b4e-108f-4284-87b0-51bfd8873d17) (Version: 3.0.2.59 - WildTangent) Hidden
PuppetShow: Return to Joyville (HKLM-x32\...\WTA-06e278ba-c41e-4757-96de-130a857e3058) (Version: 3.0.2.126 - WildTangent) Hidden
Ranch Rush 2 - Premium Edition (HKLM-x32\...\WTA-a64258ed-e30d-4290-ad12-8669665b8415) (Version: 2.2.0.97 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8004 - Realtek Semiconductor Corp.)
Regency Solitaire (HKLM-x32\...\WTA-93d69599-2a50-42a2-8d5b-44db68268a02) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-bac43998-d8ae-40b4-b589-518dccc9e574) (Version: 3.0.2.126 - WildTangent) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Tasty Blue (HKLM-x32\...\WTA-4f663862-6154-412b-8b02-055692f51785) (Version: 3.0.2.59 - WildTangent) Hidden
Telegram Desktop version 1.9.21 (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.9.21 - Telegram FZ-LLC)
Trinklit Supreme (HKLM-x32\...\WTA-5dd697cc-e579-4843-b7db-72ee6bd50de2) (Version: 2.2.0.98 - WildTangent) Hidden
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
UpdateAssistant (HKLM\...\{F339C545-24DC-4870-AA32-6EB6B0500B95}) (Version: 1.24.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-4) (Version: 1.0.42.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{802e10a9-a06e-4d71-a1fc-fb91afd27f22}) (Version: 4.10.2225.4082 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.0.28 - WildTangent)
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.2 - WildTangent) Hidden
Youda Jewel Shop (HKLM-x32\...\WTA-8d6b64bc-52ce-421b-942c-dbb80f64e66d) (Version: 3.0.2.51 - WildTangent) Hidden
Zoom (HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
 
Packages:
=========
Adblock Plus -> C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.19.0_neutral__d55gg7py3s0m0 [2020-02-13] (eyeo GmbH)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-20] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.174.500.0_x86__kgqvnymyfvs32 [2020-08-12] (king.com)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-02] (Universal Music Mobile)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa [2020-08-06] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-07] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8042.0_x64__8wekyb3d8bbwe [2020-08-12] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.96.725.0_x64__mcm4njqhnhss8 [2020-04-15] (Netflix, Inc.)
Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-08] (Microsoft Corporation)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.19.82.0_x64__kx24dqmazqk8j [2020-06-04] (Random Salad Games LLC)
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_6.1.736.0_x86__v10z8vjag6ke6 [2018-09-08] (Snapfish)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-12-27] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\HP\AppData\Local\Google\Chrome\Application\84.0.4147.135\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3242380816-148138334-2338840981-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\HP\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll (Google LLC -> Google LLC)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki124164.inf_amd64_85b60d2b8c3af983\igfxDTCM.dll [2017-09-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\HP\Desktop\Peter (Nigel Worton) - Chrome.lnk -> C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\HP\Desktop\Sara - Chrome.lnk -> C:\Users\HP\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
 
==================== Loaded Modules (Whitelisted) =============
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer trusted/restricted ==========
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3242380816-148138334-2338840981-1001\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-10-30 08:24 - 2020-07-28 19:21 - 000000903 _____ C:\WINDOWS\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3242380816-148138334-2338840981-1001\Control Panel\Desktop\\Wallpaper -> F:\Pics\Wallpaper\northern lights.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [UDP Query User{DAB3F114-0D9A-4AB6-9558-A610262F6F89}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{2E0AC2A7-1919-4F38-BC81-51D00FF3B1B5}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{433F2BEC-D3C9-4440-B97B-204E3B1D4990}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{64DDD6A4-1263-4EAA-9D0A-E9A5872932EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{7077F34A-558A-409A-88E0-BF10EE7D8BE0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DC0433B4-AEA0-4E71-8B60-9027FA72CD69}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{39EE962F-B901-4152-93E6-D83216F5D639}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9736A5F1-8CFC-47DD-9380-DF92620D5E63}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{1C30EA58-BE04-4209-8CEE-D999F8DB9BCC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{5C434431-7B13-4BEA-B43A-33CD22297B1B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{E8078ED3-A0AF-4937-92E6-1D4BB6A309E4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4809BC0F-A572-4E77-9184-BA6EA2B700AC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BD04F22A-E296-4031-93A0-F09A4EDEDDBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{21F14182-7EF6-4DA7-A3A3-92D23FEC325C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{DEFC4C9B-366E-4018-A306-BFC9346B7144}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{C813EF60-E5A0-430E-A17E-C065227D6B92}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{A89AF886-5E28-4E67-8037-267885AFB8F6}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3D6ECBE7-57B6-498E-A1FB-50FDB9A2CA2D}C:\users\hp\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\hp\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{B140F270-46E4-4520-ADA8-A20C8EB0F6E0}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{3A133507-FEC6-49F0-B9F3-3A8C3A71FC5B}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{66F1EAA8-00FF-43D9-B1C6-6335903FA821}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{1A63DD85-93AE-4755-B940-3D9F9F1E2546}] => (Allow) C:\Users\HP\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9C0D0817-AFFA-43AE-9CE7-276120F286CE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{424792ED-9709-4171-BE3F-D89915274EB1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{67C3587D-575C-463D-BF07-6604FBBAF1DC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7AFFB92B-BFE2-4CE0-9588-246F7B9C10BC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B67F14C5-F677-4DFA-B098-FDC324E24D59}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C203531B-67B7-489F-BEA7-6CFD7BC50CC8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2534634C-D5A1-4C18-9660-F30E43ED19BD}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4229A4A8-4792-44B6-B3C1-5F9E4C62ECB8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12108.5.48031.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B970527E-22E3-4FCA-B0E3-DAE3482227C4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1008338-E26A-48BB-8C80-02DA86085AC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF6CBE1C-5CEE-42B6-99FA-22DB9D7DEEF8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7361720F-3268-4025-A18C-238D15A50F75}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.63.76.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{2C4B92EB-627F-4F5E-8AFE-2ECA08E3674F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (08/28/2020 04:58:13 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
 
 
System errors:
=============
Error: (08/28/2020 04:50:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WCAssistantService service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (08/28/2020 04:50:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the WCAssistantService service to connect.
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.52 05/02/2019
Motherboard: HP 820B
Processor: Intel® Core™ i3-6100U CPU @ 2.30GHz
Percentage of memory in use: 44%
Total physical RAM: 8081.91 MB
Available physical RAM: 4509.08 MB
Total Virtual: 9425.91 MB
Available Virtual: 5791.55 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:915.6 GB) (Free:665.84 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.87 GB) (Free:1.67 GB) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{203edf85-fe81-47c4-835d-106479c6ad08}\ () (Fixed) (Total:1.76 GB) (Free:1.12 GB) NTFS
\\?\Volume{1edf090f-6b48-404f-a6f3-ef3d030710fc}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: AA025105)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
Farbar Recovery Scan Tool (x64) Version: 26-08-2020
Ran by HP (28-08-2020 17:06:02)
Running from C:\Users\HP\Desktop
Boot Mode: Normal
 
================== Search Registry: "utorrent" ===========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\State\UserSettings\S-1-5-21-3242380816-148138334-2338840981-1001]
"\Device\HarddiskVolume3\Users\HP\Downloads\uTorrent.exe"="0x485983FF4A7CD60100000000000000000000000002000000"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe"="0x5341435001000000000000000700000028000000D83E20003C86200001000000000000000000000A00210000631F6E6F0EDED40100000000000000000500000010000000000000000000000000000000000000000200000050000000000000000000004000000000000000000000000000000000545211000000000004000000020000000000000000000000000000000000000000000000000000003C1B1300000000000A00000000000000"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.FriendlyAppName"="µTorrent"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\Users\HP\AppData\Roaming\uTorrent\uTorrent.exe.ApplicationCompany"="BitTorrent Inc."
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.FriendlyAppName"="µTorrent"
[HKEY_USERS\S-1-5-21-3242380816-148138334-2338840981-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache]
"C:\users\hp\appdata\roaming\utorrent\updates\3.5.5_45724.exe.ApplicationCompany"="BitTorrent Inc."
 
====== End of Search ======

  • 0

#6
RKinner
Posted 28 August 2020 - 12:37 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Try your reinstall now.


  • 0

#7
peter plus
Posted 28 August 2020 - 01:53 PM

peter plus

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 278 posts

All good. 

 

Many thanks


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP