Hello, my computer responds very slowly, takes forever to boot up or to open applications. Frequently it seems to stall out and I have to reboot. I don't get ads or other popups, just very slow response. Any help would be appreciated. Here are the results of my Farbar scan. Thanks! Allan
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-10-2020
Ran by katch (administrator) on LAPTOP-0I4945HA (HP HP Pavilion Laptop 15-cc1xx) (26-10-2020 15:07:59)
Running from C:\Users\katch\OneDrive\Desktop
Loaded Profiles: katch
Platform: Windows 10 Home Version 2004 19041.508 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <30>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.32\GoogleCrashHandler64.exe
(HP Inc. -> ) C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
(HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intuit, Inc. -> Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\csp\3.8.106.0\McCSPServiceHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\MMSSHost\MMSSHOST.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe <2>
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_20_6\mcapexe.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.504_none_e781e76525fb2269\TiWorker.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3657408 2017-06-05] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [709152 2018-03-22] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Run: [Google Update] => C:\Users\katch\AppData\Local\Google\Update\1.3.36.32\GoogleUpdateCore.exe [219592 2020-10-15] (Google LLC -> Google LLC)
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Run: [EPSON13B4CC (Epson Stylus NX430)] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIHBA.EXE [232448 2011-01-20] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Run: [BlueJeans.Detector] => C:\Users\katch\AppData\Local\BlueJeans\BlueJeans.Detector.exe [204512 2020-05-14] (Blue Jeans Network, Inc. -> BlueJeans)
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Run: [Lync] => C:\Program Files (x86)\Microsoft Office\Root\Office16\lync.exe [23924016 2020-10-19] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\katch\AppData\Local\Microsoft\Teams\Update.exe [2452152 2020-10-05] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpcpp165: C:\Windows\System32\spool\prtprocs\x64\hpcpp165.DLL [602912 2014-02-19] (Hewlett-Packard Company -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\EPSON NX430 Series 64MonitorBA: C:\WINDOWS\system32\E_ILMHBA.DLL [118784 2008-11-11] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HP D711 Status Monitor: C:\WINDOWS\system32\hpinkstsD711LM.dll [393352 2017-03-27] (Hewlett Packard -> HP Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\86.0.4240.111\Installer\chrmstp.exe [2020-10-26] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0C90A7D1-D36B-4C3C-90C2-F815A3A67099} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {0D62D10F-7EC6-4B1D-9652-EB5725BFCF14} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1153944 2020-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DDC46B3-8AF2-452A-BE5B-CA57870DFD69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {0E006E32-393E-4A86-8587-CCF6F9052C9D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [345944 2020-09-18] (HP Inc. -> HP Inc.)
Task: {171B78B6-6A59-4A5F-B4F3-2A1E80290939} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {1F7D8ED8-3A50-41B8-9AF4-232E940019AA} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-09-12] (HP Inc. -> )
Task: {20B3EE89-1376-4654-B097-4AC3497F6646} - System32\Tasks\G2MUpdateTask-S-1-5-21-3042792064-3823080371-1606204181-1001 => C:\Users\katch\AppData\Local\GoToMeeting\18962\g2mupdate.exe [31320 2020-10-21] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {2134A028-45D2-4C99-977A-DA937F6AFC59} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4011448 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {21ED05CF-B46C-4126-B0AB-CAC550676D91} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1362464 2017-03-13] (HP Inc. -> HP Development Company, L.P.)
Task: {26118084-81C1-4770-8AF8-536708E050C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E9465EC-F72F-4C76-834A-6F120D144B58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\BingPopup\BingPopup.exe [524120 2020-10-01] (HP Inc. -> HP Inc.)
Task: {44333A51-A3BD-45BD-839A-FB0FDC280A43} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [135000 2020-06-22] (HP Inc. -> HP Inc.)
Task: {45D5063E-64C3-4DCF-A8BF-E1B944461726} - System32\Tasks\G2MUploadTask-S-1-5-21-3042792064-3823080371-1606204181-1001 => C:\Users\katch\AppData\Local\GoToMeeting\18962\g2mupload.exe [31320 2020-10-21] (LogMeIn, Inc. -> LogMeIn, Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {4D98209C-E7AC-4F1B-BED6-7D81E614372A} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {4F42D78D-A4C5-41BD-BF49-7B815A1CDB9D} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4603200 2020-08-16] (McAfee, LLC -> McAfee, LLC)
Task: {50A37FED-CC69-4B67-8DAB-82E12EA06172} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {586B9482-E76B-4CCA-AFD0-F374720C22C7} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-09] (McAfee, LLC -> McAfee, LLC)
Task: {5DB0C8C0-87ED-48F7-A9A9-098511003709} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH69H4M0WH => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {73070996-E262-457D-BC91-93924750C533} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4011448 2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {79414C52-2A62-4FF3-B61A-27114D7A467D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-14] (Google Inc -> Google Inc.)
Task: {89F9F7FD-7263-47BD-A2EA-F4F88FB6D104} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {8F47324B-9045-423D-A24C-CA70820DCC41} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3042792064-3823080371-1606204181-1001UA => C:\Users\katch\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-08-14] (Google Inc -> Google Inc.)
Task: {9BD8955D-816C-4F65-997F-8841B321318A} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)
Task: {9D770850-4483-4DB2-819E-683137405025} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.160\DADUpdater.exe [4194672 2020-09-30] (McAfee, LLC -> McAfee, LLC) [File not signed]
Task: {9F36D411-289A-4DC6-A00E-E3B2158D3C51} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-08-14] (Google Inc -> Google Inc.)
Task: {B1B197EE-3499-448A-84DC-C49488F85E13} - System32\Tasks\Agent Activation Runtime\S-1-5-21-3042792064-3823080371-1606204181-1001 => C:\WINDOWS\System32\AgentActivationRuntimeStarter.exe [13312 2020-08-27] (Microsoft Windows -> )
Task: {B21C5274-A702-4FEE-A68F-2D2B9C6B18ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {B350364B-1170-4CEC-B5C7-897E27BD0410} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1090800 2020-08-14] (McAfee, LLC -> McAfee, LLC)
Task: {B946FB51-4CAC-44D3-9A81-77DB71E3F8AB} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C262F693-2B36-4682-B60F-8EEB563ABBAF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {CA56D087-8811-4BD9-B9F4-9640043ACAB9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {CDA2CC12-66F1-4223-955E-7D76BB99D2F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22855048 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {E1C0E4B2-B70C-4006-8C17-A3E63FD1F936} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3042792064-3823080371-1606204181-1001Core => C:\Users\katch\AppData\Local\Google\Update\GoogleUpdate.exe [153168 2018-08-14] (Google Inc -> Google Inc.)
Task: {E2711EBC-DC8E-483B-929C-ED6D23FA0FF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {F057CA7C-762C-422A-8E9C-FFF6942A99F8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-04-07] (HP Inc. -> HP Inc.)
Task: {F9B98F27-3CD7-4008-9E44-255D8218B97D} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [117584 2020-10-19] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3042792064-3823080371-1606204181-1001.job => C:\Users\katch\AppData\Local\GoToMeeting\18962\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3042792064-3823080371-1606204181-1001.job => C:\Users\katch\AppData\Local\GoToMeeting\18962\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{42b1491e-4b69-4c25-96e7-3834f82d66cb}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{640734c7-7e2d-4b06-b1e7-2d4c498167b9}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{d1560fb4-a8bb-4fc7-b6ad-41cf95a90466}: [DhcpNameServer] 40.23.1.11
Edge:
======
DownloadDir: C:\Users\katch\Downloads
Edge DefaultProfile: Default
Edge Profile: C:\Users\katch\AppData\Local\Microsoft\Edge\User Data\Default [2020-10-14]
Edge DownloadDir: C:\Users\katch\Downloads
Edge HomePage: Default -> hxxp://google.com/
Edge StartupUrls: Default -> "hxxps://www.google.com/"
Edge Profile: C:\Users\katch\AppData\Local\Microsoft\Edge\User Data\Guest Profile [2020-06-29]
FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-10-08] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-08-21] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3042792064-3823080371-1606204181-1001: LWAPlugin15.8 -> C:\Users\katch\AppData\Roaming\Mozilla\Plugins\npLWAPlugin15.8.dll [2013-03-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\katch\AppData\Roaming\mozilla\plugins\npLWAPlugin15.8.dll [2018-06-05]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default [2020-10-26]
CHR Notifications: Default -> hxxps://icscallcenter.awsapps.com; hxxps://teams.microsoft.com; hxxps://www.facebook.com; hxxps://www.harryanddavid.com
CHR Extension: (Slides) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-14]
CHR Extension: (Docs) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-15]
CHR Extension: (Google Drive) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-15]
CHR Extension: (Sheets) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-14]
CHR Extension: (Google Docs Offline) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-10-25]
CHR Extension: (Windscribe - Free Proxy and Ad Blocker) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmpcagpplmpfojmgmnngilcnanddlhb [2020-05-07]
CHR Extension: (Cisco Webex Extension) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2020-07-02]
CHR Extension: (Chrome Web Store Payments) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-12-20]
CHR Extension: (Gmail) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-26]
CHR Extension: (Chrome Media Router) - C:\Users\katch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-10-14]
CHR Profile: C:\Users\katch\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-02-15]
CHR Profile: C:\Users\katch\AppData\Local\Google\Chrome\User Data\System Profile [2019-02-15]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8945512 2020-10-08] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1508656 2018-05-31] (McAfee, Inc. -> McAfee, Inc.)
S2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1321096 2018-09-28] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [472576 2017-09-12] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
S2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_6\McApExe.exe [768256 2020-09-11] (McAfee, LLC -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [454560 2016-11-15] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.8.106.0\\McCSPServiceHost.exe [2726312 2020-08-13] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-06-02] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1745400 2020-08-14] (McAfee, LLC -> McAfee, LLC)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-15] (Hewlett-Packard) [File not signed]
S2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4221040 2020-07-29] (McAfee, LLC -> McAfee, LLC)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-15] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.2-0\NisSrv.exe [2372048 2020-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1556328 2018-09-17] (WildTangent Inc -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2009.2-0\MsMpEng.exe [128360 2020-09-17] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75704 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [529848 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [382392 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85928 2020-06-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521656 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1006008 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [595896 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2020-06-07] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116664 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252344 2020-06-09] (McAfee, Inc. -> McAfee, LLC)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2020-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [428264 2020-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [69864 2020-09-17] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-26 15:07 - 2020-10-26 15:09 - 000000000 ____D C:\FRST
2020-10-16 08:33 - 2020-10-16 10:07 - 000349384 _____ C:\WINDOWS\ntbtlog.txt
2020-10-16 08:33 - 2020-10-16 08:33 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2020-10-12 16:46 - 2020-10-12 16:48 - 000000000 ___RD C:\Users\katch\OneDrive\Documents\Scanned Documents
2020-10-05 20:33 - 2020-10-05 20:33 - 000000000 ____D C:\WINDOWS\system32\Tasks\Agent Activation Runtime
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-10-26 14:46 - 2018-08-14 22:55 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-10-26 14:46 - 2018-08-14 22:55 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-10-26 14:46 - 2018-08-14 22:55 - 000002267 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-10-26 14:43 - 2019-12-07 02:14 - 000000000 ___HD C:\Program Files\WindowsApps
2020-10-26 14:43 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-10-26 14:42 - 2020-06-16 00:31 - 000002428 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-10-26 14:42 - 2020-06-16 00:31 - 000002266 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-10-26 14:42 - 2020-06-16 00:31 - 000002266 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-10-26 14:42 - 2019-12-07 02:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-10-26 14:38 - 2019-12-07 02:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-10-26 14:24 - 2018-06-05 20:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2020-10-26 14:23 - 2020-08-27 11:21 - 000003480 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-10-26 14:23 - 2020-08-27 11:21 - 000003356 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-10-26 14:22 - 2018-04-23 20:46 - 000000000 __SHD C:\Users\katch\IntelGraphicsProfiles
2020-10-26 14:20 - 2020-08-27 10:43 - 000000000 ____D C:\Users\katch
2020-10-26 14:16 - 2020-08-27 11:21 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-10-26 14:16 - 2020-08-27 10:37 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-10-26 14:16 - 2020-08-27 10:36 - 000008192 ___SH C:\DumpStack.log.tmp
2020-10-26 14:16 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\ServiceState
2020-10-25 10:15 - 2019-12-07 02:03 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-10-25 10:04 - 2020-08-27 11:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-10-25 09:49 - 2019-03-02 12:47 - 000000000 ____D C:\Users\katch\AppData\Local\D3DSCache
2020-10-25 09:44 - 2017-11-17 23:15 - 000000000 ____D C:\ProgramData\mcafee
2020-10-25 09:34 - 2020-08-27 10:37 - 000455080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-10-25 09:34 - 2019-12-07 02:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-10-25 09:33 - 2020-05-14 12:04 - 000000666 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3042792064-3823080371-1606204181-1001.job
2020-10-25 09:33 - 2020-05-14 12:04 - 000000570 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3042792064-3823080371-1606204181-1001.job
2020-10-25 09:28 - 2019-12-07 02:13 - 000000000 ____D C:\WINDOWS\INF
2020-10-25 09:20 - 2019-12-07 02:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-10-25 09:01 - 2017-07-01 02:23 - 000000000 ____D C:\SWSetup
2020-10-21 19:54 - 2017-07-01 02:01 - 000000000 ____D C:\Program Files (x86)\HP
2020-10-21 19:31 - 2020-08-27 11:21 - 000003836 _____ C:\WINDOWS\system32\Tasks\G2MUploadTask-S-1-5-21-3042792064-3823080371-1606204181-1001
2020-10-21 19:31 - 2020-08-27 11:21 - 000003740 _____ C:\WINDOWS\system32\Tasks\G2MUpdateTask-S-1-5-21-3042792064-3823080371-1606204181-1001
2020-10-21 19:31 - 2020-05-14 12:04 - 000000000 ____D C:\Users\katch\AppData\Local\GoToMeeting
2020-10-21 19:07 - 2017-11-17 23:07 - 000000000 ____D C:\WINDOWS\HP
2020-10-19 07:23 - 2017-07-01 02:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-10-17 14:13 - 2020-08-27 11:21 - 000003380 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3042792064-3823080371-1606204181-1001
2020-10-17 14:13 - 2020-08-27 10:43 - 000002374 _____ C:\Users\katch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-10-17 14:13 - 2018-04-23 20:50 - 000000000 ___RD C:\Users\katch\OneDrive
2020-10-16 10:08 - 2020-09-07 10:56 - 000000000 ____D C:\Users\katch\AppData\Local\ElevatedDiagnostics
2020-10-15 23:54 - 2020-08-27 11:21 - 000003682 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3042792064-3823080371-1606204181-1001UA
2020-10-15 23:53 - 2020-08-27 11:21 - 000003414 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-3042792064-3823080371-1606204181-1001Core
2020-10-14 14:22 - 2020-08-27 11:21 - 000003418 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-10-14 14:22 - 2020-08-27 11:21 - 000003294 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-10-13 05:56 - 2017-11-17 23:15 - 000000000 ____D C:\Program Files (x86)\McAfee
2020-10-12 10:36 - 2020-08-27 11:21 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-10-08 19:56 - 2017-11-17 23:15 - 000000000 ____D C:\Program Files\Common Files\mcafee
2020-10-08 19:54 - 2020-08-27 11:21 - 000003316 _____ C:\WINDOWS\system32\Tasks\McAfeeLogon
2020-10-06 05:35 - 2019-12-07 02:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-10-05 20:44 - 2019-10-11 00:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-10-05 12:51 - 2020-04-21 00:15 - 000002375 _____ C:\Users\katch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2020-10-05 12:10 - 2020-08-27 10:55 - 000936842 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-10-02 17:33 - 2019-12-07 02:18 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-10-02 17:33 - 2019-12-07 02:18 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-10-2020
Ran by katch (26-10-2020 15:12:58)
Running from C:\Users\katch\OneDrive\Desktop
Windows 10 Home Version 2004 19041.508 (X64) (2020-08-27 18:23:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3042792064-3823080371-1606204181-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3042792064-3823080371-1606204181-503 - Limited - Disabled)
Guest (S-1-5-21-3042792064-3823080371-1606204181-501 - Limited - Disabled)
katch (S-1-5-21-3042792064-3823080371-1606204181-1001 - Administrator - Enabled) => C:\Users\katch
WDAGUtilityAccount (S-1-5-21-3042792064-3823080371-1606204181-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (HKLM\...\{F8F948EA-5AEA-4158-8821-A2F788ECE936}) (Version: 16.2.1 - Hewlett-Packard) Hidden
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Connect (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Adobe Connect App) (Version: 2020.1.5.32 - Adobe Systems Inc.)
BlueJeans (HKLM\...\{8DF7AE4E-E857-468A-89B6-9E9312F5E766}) (Version: 2.19.465 - BlueJeans Network, Inc.) Hidden
BlueJeans (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\{ff3a625a-721c-4501-9db1-1f5d05a42063}) (Version: 2.20.294 - BlueJeans Network, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ChromecastApp (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\ActiveTouchMeetingClient) (Version: 40.6.4 - Cisco Webex LLC)
ELAN Touchpad 18.2.13.1_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.13.1 - ELAN Microelectronic Corp.)
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
EPSON NX430 Series Printer Uninstall (HKLM\...\EPSON NX430 Series) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 86.0.4240.111 - Google LLC)
Google Earth Pro (HKLM\...\{FB8010D4-05F4-420D-8DFC-2F911A6DD100}) (Version: 7.3.3.7786 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.31 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.14.0.18962 (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\GoToMeeting) (Version: 10.14.0.18962 - LogMeIn, Inc.)
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.15.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{AC154691-D9B6-4CD9-BB9B-ACDAF61367E5}) (Version: 2.22.1 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{6A139049-EBB9-4076-8664-B468888E55A3}) (Version: 1.3.392.0 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{183BD477-774B-4700-B40B-EE43886E74D2}) (Version: 12.17.27.5 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.)
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10203.4295 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R28 - McAfee, LLC)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 86.0.622.51 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.137.93 - )
Microsoft Lync Web App Plug-in (HKLM\...\{BE6D5464-0B1F-46CC-8973-F9651FE6A45A}) (Version: 15.8.8308.965 - Microsoft Corporation)
Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.13231.20390 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\OneDriveSetup.exe) (Version: 20.169.0823.0006 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\Teams) (Version: 1.3.00.24755 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24123 (HKLM-x32\...\{206898cc-4b41-4d98-ac28-9f9ae57f91fe}) (Version: 14.0.24123.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13231.20200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.13231.20126 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.154 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.3.0.4461 - Microsoft Corporation)
TurboTax 2018 (HKLM-x32\...\TurboTax 2018) (Version: 2018.0 - Intuit, Inc)
TurboTax 2019 (HKLM-x32\...\TurboTax 2019) (Version: 2019.0 - Intuit, Inc)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-3) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-4) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.9 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 1.0.0.272 - WildTangent) Hidden
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zoom (HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\ZoomUMX) (Version: 5.1 - Zoom Video Communications, Inc.)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-07] (Autodesk Inc.)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-24] (Dolby Laboratories)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.3.0_x64__xbfy0k16fey96 [2020-01-18] (Dropbox Inc.)
Fitbit -> C:\Program Files\WindowsApps\Fitbit.Fitbit_2.44.1997.0_x64__6mqt6hf9g46tw [2019-10-06] (Fitbit)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.3.407.0_x86__v10z8vjag6ke6 [2017-11-17] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_120.1.741.0_x64__v10z8vjag6ke6 [2020-10-12] (HP Inc.)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_5.2.0.6_x86__h6adky7gbf63m [2020-10-21] (Gameloft SE)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-12] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.16.4002.0_x64__8wekyb3d8bbwe [2020-09-03] (Microsoft Studios)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.97.752.0_x64__mcm4njqhnhss8 [2020-07-14] (Netflix, Inc.)
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2018-04-23] (Plex)
Power Media Player 14 for HP Consumer PCs with DVD -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.PowerMediaPlayer14forHPConsumerPC_14.2.9528.0_x86__06qsbagp91rvg [2019-01-25] (CYBERLINKCOM CORP)
Priceline.com: The Best Deals on Hotels, Flights and Rental Cars -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Priceline.comTheBestDealso_2.0.4.0_x64__mgae2k3ys4ra0 [2020-09-17] (Priceline Partner Network)
Smartfriend by HP Care -> C:\Program Files\WindowsApps\AD2F1837.SmartfriendbyHPCare_1.1.13.0_x64__v10z8vjag6ke6 [2018-04-23] (HP Inc.)
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.82.0_x64__qt5r5pa5dyg8m [2019-12-29] (WildTangent Games)
Zoom Rooms -> C:\Program Files\WindowsApps\ZoomVideoCommunicationsIn.ZoomRooms_5.2.267.0_x86__r9fg4ykbbcwvc [2020-09-29] (Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\katch\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{46406D82-6EC0-47CC-8A75-1F33C6DEDBBE}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.35.442\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{62634D95-960B-4834-8E71-A70408AD8FD9}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.34.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{6D264B70-DA18-401D-910C-B202D89670C6}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\katch\AppData\Local\GoToMeeting\17956\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{A804CF1A-91E5-4F0C-9E8C-DB39E74056DD}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.33.23\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\katch\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20240.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.36.32\psuser_64.dll (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{E9E7529D-7F09-410B-AF2A-CC154473B19C}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.35.452\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001_Classes\CLSID\{EF076C91-DC9E-43E3-84ED-3D219E065A4F}\InprocServer32 -> C:\Users\katch\AppData\Local\Google\Update\1.3.35.301\psuser_64.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-10-16 10:34 - 2020-10-16 10:34 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\1ff3450085cc7f4a620750812f41f4f2\BRIDGECommon.ni.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\3c2a50356ef4b223b20361c6100c7f91\BridgeExtension.ni.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 000370688 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\f15657bef6e7c177f2bced3da7647cb6\CleanStartController.ni.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\1e99dc3200d7d7a2c2342c2d61b558c7\Interop.IWshRuntimeLibrary.ni.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\db5005138cb996d33c3f3ef169ead9c8\Hardcodet.Wpf.TaskbarNotification.ni.dll
2013-11-15 00:47 - 2013-11-15 00:47 - 000050688 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2013-11-15 00:47 - 2013-11-15 00:47 - 000066048 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2020-05-06 11:56 - 2019-02-21 09:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 001585664 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\26c5994f7f6c039c3c9b4d155c87741e\NAudio.ni.dll
2020-10-16 10:34 - 2020-10-16 10:34 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\2637cd6f5d9683e8fe5dcffbd939cff7\Newtonsoft.Json.ni.dll
2020-10-16 10:37 - 2020-10-16 10:37 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\6951c36ad6edd08d370e0d8a50629525\log4net.ni.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {265293AB-6346-4B50-98EC-2D08B6366BDF} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {265293AB-6346-4B50-98EC-2D08B6366BDF} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001 -> {265293AB-6346-4B50-98EC-2D08B6366BDF} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-10-05] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-08-21] (McAfee, LLC -> McAfee, LLC)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\sharepoint.com -> hxxps://cawaterboards-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-03-18 14:03 - 2017-03-18 14:01 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\StartupApproved\Run: => "BlueJeans.Detector"
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-3042792064-3823080371-1606204181-1001\...\StartupApproved\Run: => "Lync"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{5FD6D010-08FF-46CF-80F0-D17FA16F3491}C:\users\katch\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\katch\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BC007109-0139-4620-A340-A482DE9A1833}C:\users\katch\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\katch\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69E881BC-519B-4DC4-929D-9A05F176E37E}] => (Allow) C:\Users\katch\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{9BB4009A-4C46-4E05-82EC-CF50C1D15C5D}] => (Allow) C:\Users\katch\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{A9DC686C-2625-405B-84D5-F92BC9ECFA51}C:\users\katch\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\katch\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe => No File
FirewallRules: [TCP Query User{4ECF1266-C63E-4DC8-8BF9-D1E84D853F93}C:\users\katch\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe] => (Allow) C:\users\katch\appdata\local\microsoft\skypeforbusinessplugin\16.2.0.511\pluginhost.exe => No File
FirewallRules: [UDP Query User{560D4CD8-4502-4A05-AD4B-9066731DEEF4}C:\users\katch\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\katch\appdata\local\bluejeans\current\bluejeans.exe (Blue Jeans Network, Inc. -> BlueJeans)
FirewallRules: [TCP Query User{FDCD02EB-7C2B-4A21-BC76-6FC269A8F324}C:\users\katch\appdata\local\bluejeans\current\bluejeans.exe] => (Allow) C:\users\katch\appdata\local\bluejeans\current\bluejeans.exe (Blue Jeans Network, Inc. -> BlueJeans)
FirewallRules: [{E15563CA-BD8C-4294-87C0-9803A6B8686E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{92821AA7-BB51-4BE5-9524-BC9A8C4D9584}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C1DA3247-19F7-4398-BE38-A3D075837510}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B26A941E-55C8-46DE-BBDA-F915D501BC76}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{AD273DE4-1A13-4087-BAF0-AFDB02F35382}] => (Allow) C:\Users\katch\AppData\Local\Temp\7zS21D1\HP.EasyStart.exe => No File
FirewallRules: [{86D93D59-C069-43A4-AF53-BFFE89F5D024}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{A82FEB7B-A0DA-45E7-9080-504104933DC3}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{87511421-4986-46AC-A70C-40DF0F42844C}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{71F77930-8484-4F0E-955C-B68190274D5D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9FF961C5-92CE-4ACF-9835-74C93543BF1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A08A32E-A84B-43A2-A468-05A295CF11AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CB4074AC-5AFC-47C0-9726-F8E5514BD1CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4BB729A6-1E43-4B66-88E7-5D57B9797181}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{3DB32705-565D-4E46-B255-B1A50DF8397E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{52B3CA2B-012E-4881-904A-61CA6627A18E}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{36F7B003-0178-44B6-BFA3-2B4E7CAAB727}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{D7C8430D-B2DD-471D-BDC4-270839803484}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{7A9D61DC-39A2-4852-B91A-ED29885EA626}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{F30191F4-A809-4484-894F-97DDC80E43F5}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Intuit, Inc. -> Intuit Inc.)
FirewallRules: [{E47A52B5-6DE7-460C-8D15-7FB3BA6F1AF7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5CE8FCF5-CCC3-412D-888A-E3C80B102F8E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{78EAF13E-E707-42AF-81AA-F47F4EFBD7D2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BA0DC62D-69C0-45BD-9E72-DD96D159DC12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{C801A006-55F7-4367-83BC-8AD842531253}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6778D059-DE68-4105-BFA4-0300811116AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
15-10-2020 11:44:17 Windows Modules Installer
19-10-2020 07:20:14 Windows Modules Installer
25-10-2020 09:58:30 Windows Modules Installer
26-10-2020 14:38:45 Windows Modules Installer
==================== Faulty Device Manager Devices ============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (10/26/2020 03:00:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wuauclt.exe, version: 10.0.19041.508, time stamp: 0x5c5723e6
Faulting module name: ntdll.dll, version: 10.0.19041.488, time stamp: 0x70e69bad
Exception code: 0xc0000005
Fault offset: 0x0000000000045e16
Faulting process id: 0x13ec
Faulting application start time: 0x01d6abe05aaf7155
Faulting application path: C:\WINDOWS\system32\wuauclt.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 43ff8cbb-0dfd-4141-99f7-d965ec5d3528
Faulting package full name:
Faulting package-relative application ID:
Error: (10/26/2020 02:45:28 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (10/26/2020 02:29:11 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Program Files\mcafee\CoreUI\CoreUI.pam for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program McAfee CoreUI Launcher because of this error.
Program: McAfee CoreUI Launcher
File: C:\Program Files\mcafee\CoreUI\CoreUI.pam
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C000009C
Disk type: 3
Error: (10/26/2020 02:29:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launch.exe, version: 18.8.118.0, time stamp: 0x5f3d842a
Faulting module name: bcryptPrimitives.dll, version: 10.0.19041.264, time stamp: 0x90efa57f
Exception code: 0xc0000006
Fault offset: 0x00000000000199d3
Faulting process id: 0x33a4
Faulting application start time: 0x01d6abdef81b44af
Faulting application path: C:\Program Files\McAfee\CoreUI\Launch.exe
Faulting module path: C:\WINDOWS\System32\bcryptPrimitives.dll
Report Id: c18ee6f0-41a2-4b54-a2b4-ee76e3741fb3
Faulting package full name:
Faulting package-relative application ID:
Error: (10/26/2020 02:28:33 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (10/26/2020 02:17:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname LAPTOP-0I4945HA.local already in use; will try LAPTOP-0I4945HA-2.local instead
Error: (10/26/2020 02:17:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 LAPTOP-0I4945HA.local. Addr 192.168.1.68
Error: (10/26/2020 02:17:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.68:5353 16 LAPTOP-0I4945HA.local. AAAA 2602:0306:3110:3C20:5CF8:BB61:7C8B:0844
System errors:
=============
Error: (10/26/2020 03:09:00 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:08:56 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:08:52 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:08:48 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:01:35 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:01:31 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:01:27 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (10/26/2020 03:01:23 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Windows Defender:
===================================
Date: 2020-10-04 18:19:31.9160000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {A0AE47A7-91BD-4D3D-97DB-7A657D39222A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-29 18:37:52.0010000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {7C16B617-08AB-4341-9705-15F55E04CB13}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-25 13:44:16.6010000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {E6A9633B-8F0A-45AB-9521-EC63D811B25E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-24 19:45:53.8540000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {CD2163C6-CC84-4E12-986B-955ED957DB5A}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-09-24 19:35:44.0990000Z
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan ID: {BA6D8F7A-2152-46A3-AA7B-CEA66A8912E2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2020-10-26 14:45:28.5680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2020-10-26 14:45:28.5580000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2020-10-26 14:45:28.4780000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2020-10-26 14:45:28.4680000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.
Date: 2020-10-26 14:30:39.7550000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-26 14:30:39.7320000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-26 14:30:39.7130000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
Date: 2020-10-26 14:30:39.6930000Z
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\mcafee\MfeAV\AMSIExt.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Insyde F.22 08/25/2017
Motherboard: HP 83F8
Processor: Intel® Core i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 46%
Total physical RAM: 12174.22 MB
Available physical RAM: 6452.86 MB
Total Virtual: 14030.22 MB
Available Virtual: 8376.3 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:915.54 GB) (Free:775.67 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.74 GB) (Free:1.76 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (SCULPTED_BUNS_THIGHS) (CDROM) (Total:1.51 GB) (Free:0 GB) UDF
\\?\Volume{c45ccb48-9fd5-454f-8629-0f5ee11e5520}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.45 GB) NTFS
\\?\Volume{1679a829-c224-432f-8a56-18d9bc9adccf}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 540EA267)
Partition: GPT.
==================== End of Addition.txt =======================