My laptop is very slow and occasionally the wifi drops while every other computer, smart phone, tablet, etc is unaffected. I'm not sure my laptop is infected with malware, but it's the next thing to check.
Thanks for your help!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Owner (administrator) on PC (04-07-2018 09:32:28)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner & Administrator)
Platform: Windows 10 Home Version 1709 16299.522 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(HP) C:\Windows\System32\HP3DDGService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe
(Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-06-28] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-13] (Flexera Software LLC.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2012-11-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Carbonite Backup] => C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1278568 2017-09-07] (Carbonite, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25638872 2018-04-23] (Google)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [rUpdater agent] => C:\Users\Owner\AppData\Roaming\rUpdater Software\rUpdater\rUpdater_agent.exe
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2018-05-23] (Apple Inc.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [HP Photosmart 7520 series (NET)] => C:\Program Files\HP\HP Photosmart 7520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\Run: [GoogleChromeAutoLaunch_721577D41E77D440C916E2687EBA0267] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1588568 2018-06-22] (Google Inc.)
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk [2018-07-03]
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 7520 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicyScripts: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{0c0a2277-4bd3-4e28-bd32-48f83edcc842}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{6d8dd44a-b54f-4d3e-b5b2-28304bfcd113}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b8f28657-6e8a-4fed-b22c-341d02a71645}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT13/1
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT13/1
SearchScopes: HKU\S-1-5-21-3571816096-2060556278-31395193-1002 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-05-27] (Microsoft Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Panda Security Toolbar -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-27] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\SysWow64\skype4com.dll [2013-01-10] (Skype Technologies)
FireFox:
========
FF DefaultProfile: g5a5vmkh.default
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\g5a5vmkh.default [2018-06-06]
FF HKLM-x32\...\Firefox\Extensions: [jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2012-07-18] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-04-28] [Legacy] [not signed]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1232202.dll [2018-03-09] (Adobe Systems, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)
FF Plugin-x32: nuance.com/DragonRIAPlugin -> C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\npDgnRia.dll [2012-07-18] (Nuance Communications Inc.)
Chrome:
=======
CHR HomePage: Default -> mysearch.avg.com
CHR StartupUrls: Default -> "hxxps://outlook.live.com/owa/?authRedirect=true","chrome://newtab/","hxxps://lastpass.com/?ac=1&lpnorefresh=1"
CHR Profile: C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Docs) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-06]
CHR Extension: (Quick Maps) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgbojmobaekecckmomemopckmeipecij [2016-10-06]
CHR Extension: (Yahoo Partner) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjicifbhnpakmaekfnphojjehhnifkmc [2018-05-12]
CHR Extension: (Cat licking your screen) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\bljgfogmfiepjlefknbnfopdoabpldcb [2016-10-06]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-06]
CHR Extension: (AVG Secure Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2016-10-06]
CHR Extension: (Chromebleed) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2016-10-06]
CHR Extension: (Avast SafePrice) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-06-23]
CHR Extension: (Sheets) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (iCloud Bookmarks) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2017-10-13]
CHR Extension: (Office Editing for Docs, Sheets & Slides) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbkeegbaiigmenfmjfclcdgdpimamgkj [2018-06-16]
CHR Extension: (Google Docs Offline) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-08]
CHR Extension: (Pinterest Save Button) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2018-07-03]
CHR Extension: (AmazonSmile 1Button for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdgenjhkjihnmigcommchefpajjhdmba [2016-10-06]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2018-07-03]
CHR Extension: (HP Network Check Launcher) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkfpchpiljkaemlpmpebnglgkomamfeo [2017-10-30]
CHR Extension: (Grammarly for Chrome) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2018-06-23]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-10-06]
CHR Extension: (MyPoints Score) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcglgmippekbdbmniknikdgkmnnpdnmh [2018-05-26]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2016-10-06]
CHR Extension: (Wikibuy) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2018-06-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (cats.) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdfklfdfahcjkkkogigggbfhbojcnhgb [2016-10-06]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-06]
CHR Extension: (Chrome Media Router) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-08]
CHR HKU\S-1-5-21-3571816096-2060556278-31395193-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2012-07-18]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor13.0; C:\Program Files\Adobe\Elements 13 Organizer\PhotoshopElementsFileAgent.exe [231120 2014-08-31] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7780400 2018-06-28] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-06-28] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 hp3ddgsrv; C:\WINDOWS\system32\HP3DDGService.exe [130072 2017-10-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332656 2018-05-02] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
R2 osrss; C:\WINDOWS\system32\osrss.dll [130808 2018-06-08] (Microsoft Corporation)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [287752 2015-10-02] (Visicom Media Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\NisSrv.exe [3925648 2018-06-29] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MsMpEng.exe [100080 2018-06-29] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\WINDOWS\system32\DRIVERS\Accelerometer.sys [53760 2017-12-18] (HP)
S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [197160 2018-06-28] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [229392 2018-06-28] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201328 2018-06-28] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346664 2018-06-28] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59592 2018-06-28] (AVAST Software)
S3 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-28] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239680 2018-06-28] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46976 2018-06-28] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159640 2018-06-28] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111872 2018-06-28] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-06-28] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027728 2018-06-28] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [463080 2018-06-28] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [211160 2018-06-28] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381584 2018-06-28] (AVAST Software)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-12-07] (Advanced Micro Devices)
R0 hpdskflt; C:\WINDOWS\System32\DRIVERS\hpdskflt.sys [39936 2017-12-18] (HP)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-07] (REALiX)
R1 MpKsl539ff557; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FF8F30B9-29CC-4A9A-A93C-816D6D12B370}\MpKsl539ff557.sys [58120 2018-07-03] (Microsoft Corporation)
R3 netr28x; C:\WINDOWS\System32\drivers\netr28x.sys [2537984 2017-09-29] (MediaTek Inc.)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc.)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [302808 2015-12-07] (Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [888064 2015-12-07] (Realtek )
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [33008 2013-04-05] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46592 2018-06-29] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [340008 2018-06-29] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [59944 2018-06-29] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys [34960 2018-02-02] (HP)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-04 09:32 - 2018-07-04 09:34 - 000024937 _____ C:\Users\Owner\Desktop\FRST.txt
2018-07-04 09:32 - 2018-07-04 09:32 - 000000000 ____D C:\FRST
2018-07-03 16:04 - 2018-07-03 16:05 - 002412544 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2018-07-03 15:50 - 2018-07-03 15:50 - 000000000 ___HD C:\OneDriveTemp
2018-07-03 14:37 - 2018-07-03 14:37 - 000125399 _____ C:\Users\Owner\Downloads\hosts.zip
2018-07-02 11:51 - 2018-07-02 11:51 - 008723637 _____ C:\Users\Owner\Downloads\ocm01756784-1896.pdf
2018-06-29 08:43 - 2018-06-29 08:43 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-06-28 07:41 - 2018-06-28 07:41 - 000000000 ____D C:\Users\Owner\AppData\Local\CrashDumps
2018-06-28 07:37 - 2018-06-28 07:37 - 000000000 ____D C:\Users\Owner\AppData\Local\AVAST Software
2018-06-28 07:20 - 2018-06-28 07:19 - 000378072 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-06-28 07:20 - 2018-06-28 07:19 - 000015360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2018-06-27 17:33 - 2018-06-08 14:09 - 000130808 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-06-27 17:18 - 2018-06-13 17:39 - 001206680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-06-27 17:18 - 2018-06-13 17:39 - 001056152 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-06-27 17:18 - 2018-06-13 17:38 - 005859248 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-06-27 17:18 - 2018-06-13 17:38 - 002002336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-06-27 17:18 - 2018-06-13 17:38 - 000077240 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-06-27 17:18 - 2018-06-13 17:36 - 008629152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-27 17:18 - 2018-06-13 17:36 - 000137624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-06-27 17:18 - 2018-06-13 17:35 - 002395544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-27 17:18 - 2018-06-13 17:31 - 007671696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-06-27 17:18 - 2018-06-13 17:31 - 000979864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-06-27 17:18 - 2018-06-13 17:31 - 000491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-06-27 17:18 - 2018-06-13 17:28 - 000555928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-27 17:18 - 2018-06-13 17:28 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-06-27 17:18 - 2018-06-13 17:27 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-06-27 17:18 - 2018-06-13 17:25 - 002773408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-06-27 17:18 - 2018-06-13 16:46 - 000422592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-06-27 17:18 - 2018-06-13 16:44 - 006086960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-27 17:18 - 2018-06-13 16:44 - 000747928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2018-06-27 17:18 - 2018-06-13 16:41 - 001525288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-27 17:18 - 2018-06-13 16:30 - 025256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-27 17:18 - 2018-06-13 16:24 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-27 17:18 - 2018-06-13 16:24 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-06-27 17:18 - 2018-06-13 16:21 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-27 17:18 - 2018-06-13 16:21 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-06-27 17:18 - 2018-06-13 16:19 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-27 17:18 - 2018-06-13 16:18 - 018930688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-27 17:18 - 2018-06-13 16:17 - 019358720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-27 17:18 - 2018-06-13 16:17 - 003663360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-27 17:18 - 2018-06-13 16:16 - 012730368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-06-27 17:18 - 2018-06-13 16:16 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-06-27 17:18 - 2018-06-13 16:14 - 006060032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-27 17:18 - 2018-06-13 16:14 - 002464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-27 17:18 - 2018-06-13 16:14 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-06-27 17:18 - 2018-06-13 16:14 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2018-06-27 17:18 - 2018-06-13 16:13 - 007812608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-06-27 17:18 - 2018-06-13 16:13 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2018-06-27 17:18 - 2018-06-13 16:13 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-27 17:18 - 2018-06-13 16:13 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-27 17:18 - 2018-06-13 16:12 - 002577920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-06-27 17:18 - 2018-06-13 16:12 - 002349568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2018-06-27 17:18 - 2018-06-13 16:11 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-27 17:18 - 2018-06-13 16:08 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-06-27 17:18 - 2018-06-13 16:07 - 023678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-27 17:18 - 2018-06-13 16:07 - 013712896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-06-27 17:18 - 2018-06-13 16:07 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2018-06-27 17:18 - 2018-06-13 16:06 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-06-27 17:18 - 2018-06-13 16:05 - 008068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-27 17:18 - 2018-06-13 16:04 - 008432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-06-27 17:18 - 2018-06-13 16:03 - 003161088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-06-27 17:18 - 2018-06-13 16:03 - 002857984 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 003126272 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 002786304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 002528768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-27 17:18 - 2018-06-13 16:01 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-06-27 17:18 - 2018-06-13 16:01 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-06-27 17:18 - 2018-06-13 16:00 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-06-27 17:18 - 2018-06-13 15:57 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-06-27 17:17 - 2018-06-13 17:41 - 001568160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-06-27 17:17 - 2018-06-13 17:41 - 001093040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-27 17:17 - 2018-06-13 17:41 - 000925672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-27 17:17 - 2018-06-13 17:41 - 000137112 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-06-27 17:17 - 2018-06-13 17:40 - 000423320 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-06-27 17:17 - 2018-06-13 17:40 - 000300448 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-27 17:17 - 2018-06-13 17:40 - 000069528 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-06-27 17:17 - 2018-06-13 17:39 - 000748472 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-06-27 17:17 - 2018-06-13 17:39 - 000608152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-06-27 17:17 - 2018-06-13 17:39 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-06-27 17:17 - 2018-06-13 17:38 - 001133880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-27 17:17 - 2018-06-13 17:38 - 000664984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-06-27 17:17 - 2018-06-13 17:38 - 000479920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-06-27 17:17 - 2018-06-13 17:38 - 000461216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-06-27 17:17 - 2018-06-13 17:38 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-06-27 17:17 - 2018-06-13 17:35 - 001416864 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-27 17:17 - 2018-06-13 17:35 - 001210784 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-27 17:17 - 2018-06-13 17:35 - 001002048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-06-27 17:17 - 2018-06-13 17:35 - 000453024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2018-06-27 17:17 - 2018-06-13 17:33 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-06-27 17:17 - 2018-06-13 17:32 - 000130600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2018-06-27 17:17 - 2018-06-13 17:31 - 000525728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-27 17:17 - 2018-06-13 17:29 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-27 17:17 - 2018-06-13 17:29 - 000671024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-27 17:17 - 2018-06-13 17:29 - 000225696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-27 17:17 - 2018-06-13 17:28 - 000688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-27 17:17 - 2018-06-13 17:26 - 001084736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-27 17:17 - 2018-06-13 17:26 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2018-06-27 17:17 - 2018-06-13 17:25 - 000628632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-06-27 17:17 - 2018-06-13 17:24 - 000057464 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-06-27 17:17 - 2018-06-13 16:54 - 001383784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-27 17:17 - 2018-06-13 16:54 - 000212896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-06-27 17:17 - 2018-06-13 16:50 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-06-27 17:17 - 2018-06-13 16:44 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-27 17:17 - 2018-06-13 16:44 - 000550176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-27 17:17 - 2018-06-13 16:42 - 000544432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-27 17:17 - 2018-06-13 16:41 - 001033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-27 17:17 - 2018-06-13 16:39 - 000505160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp_win.dll
2018-06-27 17:17 - 2018-06-13 16:39 - 000251096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2018-06-27 17:17 - 2018-06-13 16:24 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-27 17:17 - 2018-06-13 16:21 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSOpusDecoder.dll
2018-06-27 17:17 - 2018-06-13 16:20 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2018-06-27 17:17 - 2018-06-13 16:19 - 000102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-06-27 17:17 - 2018-06-13 16:17 - 000098304 _____ C:\WINDOWS\system32\runexehelper.exe
2018-06-27 17:17 - 2018-06-13 16:16 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-27 17:17 - 2018-06-13 16:16 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2018-06-27 17:17 - 2018-06-13 16:15 - 001508864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2018-06-27 17:17 - 2018-06-13 16:13 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-27 17:17 - 2018-06-13 16:13 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-27 17:17 - 2018-06-13 16:12 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-06-27 17:17 - 2018-06-13 16:12 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-06-27 17:17 - 2018-06-13 16:12 - 000159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSOpusDecoder.dll
2018-06-27 17:17 - 2018-06-13 16:11 - 008962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2018-06-27 17:17 - 2018-06-13 16:11 - 000975360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-27 17:17 - 2018-06-13 16:11 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2018-06-27 17:17 - 2018-06-13 16:10 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-06-27 17:17 - 2018-06-13 16:07 - 001495552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-27 17:17 - 2018-06-13 16:05 - 001238016 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-27 17:17 - 2018-06-13 16:04 - 003180544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-27 17:17 - 2018-06-13 16:04 - 002212352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-27 17:17 - 2018-06-13 16:03 - 001607168 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2018-06-27 17:17 - 2018-06-13 16:01 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-27 17:17 - 2018-06-13 16:01 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-06-27 17:17 - 2018-06-13 16:01 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2018-06-27 17:17 - 2018-06-13 15:58 - 001570304 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2018-06-27 17:17 - 2018-06-13 15:57 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcadm.dll
2018-06-27 17:17 - 2018-06-13 15:57 - 000012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaevts.dll
2018-06-27 17:17 - 2018-06-13 13:19 - 004171264 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2018-06-27 17:17 - 2018-06-13 13:18 - 004876800 _____ (Gracenote, Inc.) C:\WINDOWS\system32\gnsdk_fp.dll
2018-06-27 16:59 - 2018-06-27 17:21 - 866014505 _____ C:\Users\Owner\Downloads\windows10.0-kb4284822-x64_0fcd8ba2f62befe1ab243819de299e16052571b2.msu
2018-06-27 16:38 - 2018-06-27 16:39 - 013669907 _____ C:\Users\Owner\Downloads\windows10.0-kb4090914-x64_c72e85e0ed037eee289e3793c01b5f0a0f7b63f1.msu
2018-06-27 16:30 - 2018-06-27 16:30 - 000195346 _____ C:\Users\Owner\Downloads\wu170509 (1).diagcab
2018-06-27 16:19 - 2018-06-27 16:19 - 000195346 _____ C:\Users\Owner\Downloads\wu170509.diagcab
2018-06-26 16:04 - 2018-06-26 16:04 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-06-26 16:03 - 2018-06-26 16:04 - 000273318 _____ C:\WINDOWS\ntbtlog.txt
2018-06-21 16:18 - 2018-06-21 16:18 - 000000126 _____ C:\Users\Owner\Downloads\Guest List.csv
2018-06-20 06:07 - 2018-06-20 06:07 - 000000000 ____D C:\ProgramData\Packages
2018-06-17 16:05 - 2018-06-17 16:05 - 000020584 _____ C:\Users\Owner\Downloads\eSign.pdf
2018-06-15 10:15 - 2018-06-15 10:15 - 000512879 _____ C:\Users\Owner\Downloads\voicemail.wav
2018-06-12 16:47 - 2018-06-08 02:32 - 001638432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-12 16:47 - 2018-06-08 02:32 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-12 16:47 - 2018-06-08 02:30 - 002514944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-12 16:47 - 2018-06-08 02:30 - 001953544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-12 16:47 - 2018-06-08 02:27 - 001173584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-12 16:47 - 2018-06-08 02:27 - 000377760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-12 16:47 - 2018-06-08 02:24 - 003009736 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-12 16:47 - 2018-06-08 02:24 - 002711248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-12 16:47 - 2018-06-08 02:24 - 000891808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-06-12 16:47 - 2018-06-08 02:23 - 004486400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-12 16:47 - 2018-06-08 02:23 - 002412688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-12 16:47 - 2018-06-08 02:22 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-12 16:47 - 2018-06-08 02:22 - 001269640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-12 16:47 - 2018-06-08 02:22 - 000093624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-12 16:47 - 2018-06-08 02:21 - 000594080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-12 16:47 - 2018-06-08 01:21 - 001931256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-12 16:47 - 2018-06-08 01:21 - 001614168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-12 16:47 - 2018-06-08 01:21 - 000777912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-12 16:47 - 2018-06-08 01:19 - 001433360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-12 16:47 - 2018-06-08 01:18 - 000097160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-12 16:47 - 2018-06-08 01:10 - 002338272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-12 16:47 - 2018-06-08 01:09 - 017161216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-12 16:47 - 2018-06-08 01:09 - 002193688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-12 16:47 - 2018-06-08 01:09 - 000791968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2018-06-12 16:47 - 2018-06-08 01:08 - 003979696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-12 16:47 - 2018-06-08 01:08 - 001990672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-12 16:47 - 2018-06-08 01:07 - 002386320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-12 16:47 - 2018-06-08 01:07 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-12 16:47 - 2018-06-08 01:07 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-12 16:47 - 2018-06-08 01:06 - 006015208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-12 16:47 - 2018-06-08 01:06 - 004668688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-12 16:47 - 2018-06-08 01:06 - 000551696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-06-12 16:47 - 2018-06-08 01:05 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-12 16:47 - 2018-06-08 01:02 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-06-12 16:47 - 2018-06-08 01:02 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-12 16:47 - 2018-06-08 01:02 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-12 16:47 - 2018-06-08 01:02 - 000253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-06-12 16:47 - 2018-06-08 01:02 - 000093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-06-12 16:47 - 2018-06-08 01:01 - 000672768 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-12 16:47 - 2018-06-08 01:01 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-06-12 16:47 - 2018-06-08 01:00 - 012833792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-12 16:47 - 2018-06-08 01:00 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2018-06-12 16:47 - 2018-06-08 01:00 - 000258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2018-06-12 16:47 - 2018-06-08 00:59 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-06-12 16:47 - 2018-06-08 00:58 - 004723712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-12 16:47 - 2018-06-08 00:58 - 003332608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-12 16:47 - 2018-06-08 00:58 - 002083840 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-06-12 16:47 - 2018-06-08 00:57 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-12 16:47 - 2018-06-08 00:57 - 001812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-12 16:47 - 2018-06-08 00:57 - 001597952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-12 16:47 - 2018-06-08 00:57 - 001345024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-12 16:47 - 2018-06-08 00:57 - 000808960 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-12 16:47 - 2018-06-08 00:46 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-12 16:47 - 2018-06-08 00:46 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-12 16:47 - 2018-06-08 00:43 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-12 16:47 - 2018-06-08 00:42 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-06-12 16:47 - 2018-06-08 00:41 - 013704704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-12 16:47 - 2018-06-08 00:41 - 011924992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-12 16:47 - 2018-06-08 00:41 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-06-12 16:47 - 2018-06-08 00:40 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-12 16:47 - 2018-06-08 00:40 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2018-06-12 16:47 - 2018-06-08 00:39 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-06-12 16:47 - 2018-06-08 00:38 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-12 16:47 - 2018-06-08 00:38 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-12 16:47 - 2018-06-08 00:38 - 000235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2018-06-12 16:47 - 2018-06-08 00:36 - 003662848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-12 16:47 - 2018-06-08 00:35 - 002868736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-12 16:47 - 2018-06-08 00:35 - 002014720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-06-12 16:47 - 2018-06-08 00:35 - 001565184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-12 16:47 - 2018-06-08 00:35 - 001474560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-12 16:47 - 2018-05-11 18:15 - 000128408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-06-12 16:47 - 2018-05-11 18:14 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-06-12 16:47 - 2018-05-11 18:14 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-06-12 16:47 - 2018-05-11 18:10 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-12 16:47 - 2018-05-11 18:10 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-12 16:47 - 2018-05-11 18:10 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-12 16:47 - 2018-05-11 18:09 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-06-12 16:47 - 2018-05-11 18:09 - 000103320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-12 16:47 - 2018-05-11 18:08 - 000428440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-06-12 16:47 - 2018-05-11 18:07 - 002711168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-12 16:47 - 2018-05-11 18:07 - 002268024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-06-12 16:47 - 2018-05-11 18:07 - 001506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-12 16:47 - 2018-05-11 18:05 - 000616792 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-06-12 16:47 - 2018-05-11 16:53 - 002462704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-12 16:47 - 2018-05-11 16:53 - 001456104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-06-12 16:47 - 2018-05-11 16:53 - 001017048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-12 16:47 - 2018-05-11 16:52 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-06-12 16:47 - 2018-05-11 16:48 - 000316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-06-12 16:47 - 2018-05-11 16:48 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-06-12 16:47 - 2018-05-11 16:47 - 000276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-06-12 16:47 - 2018-05-11 16:46 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-06-12 16:47 - 2018-05-11 16:46 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-06-12 16:47 - 2018-05-11 16:45 - 000816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2018-06-12 16:47 - 2018-05-11 16:42 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-12 16:47 - 2018-05-11 16:39 - 001717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-12 16:47 - 2018-05-11 16:29 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-06-12 16:47 - 2018-05-11 16:29 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadauthhelper.dll
2018-06-12 16:47 - 2018-05-11 16:19 - 001353216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-06-12 16:46 - 2018-06-08 12:26 - 021754880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-12 16:46 - 2018-06-08 12:26 - 017084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-06-12 16:46 - 2018-06-08 12:03 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-12 16:46 - 2018-06-08 11:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-12 16:46 - 2018-06-08 11:58 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-12 16:46 - 2018-06-08 06:42 - 002491120 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-12 16:46 - 2018-06-08 06:41 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-12 16:46 - 2018-06-08 02:33 - 000269720 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-06-12 16:46 - 2018-06-08 02:33 - 000192920 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-12 16:46 - 2018-06-08 02:26 - 000712456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-12 16:46 - 2018-06-08 02:25 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2018-06-12 16:46 - 2018-06-08 02:24 - 001488288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-06-12 16:46 - 2018-06-08 02:23 - 021357336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-12 16:46 - 2018-06-08 02:23 - 002472888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-12 16:46 - 2018-06-08 02:23 - 000824904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-06-12 16:46 - 2018-06-08 02:23 - 000677304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-12 16:46 - 2018-06-08 02:23 - 000137552 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-12 16:46 - 2018-06-08 02:22 - 006791992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-12 16:46 - 2018-06-08 02:21 - 007385096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-12 16:46 - 2018-06-08 02:21 - 004507096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-12 16:46 - 2018-06-08 02:20 - 001101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-12 16:46 - 2018-06-08 01:10 - 003485400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2018-06-12 16:46 - 2018-06-08 01:10 - 001124768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-06-12 16:46 - 2018-06-08 01:08 - 020290256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-06-12 16:46 - 2018-06-08 01:07 - 000975360 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-06-12 16:46 - 2018-06-08 01:07 - 000436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-12 16:46 - 2018-06-08 01:07 - 000400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-06-12 16:46 - 2018-06-08 01:06 - 006481096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-12 16:46 - 2018-06-08 01:06 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2018-06-12 16:46 - 2018-06-08 01:06 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-06-12 16:46 - 2018-06-08 01:04 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-12 16:46 - 2018-06-08 01:04 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-12 16:46 - 2018-06-08 01:03 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-12 16:46 - 2018-06-08 01:02 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-06-12 16:46 - 2018-06-08 01:01 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-06-12 16:46 - 2018-06-08 00:59 - 003124224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2018-06-12 16:46 - 2018-06-08 00:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-06-12 16:46 - 2018-06-08 00:58 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-12 16:46 - 2018-06-08 00:57 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2018-06-12 16:46 - 2018-06-08 00:56 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-12 16:46 - 2018-06-08 00:55 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-12 16:46 - 2018-06-08 00:45 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-06-12 16:46 - 2018-06-08 00:41 - 000372736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-12 16:46 - 2018-06-08 00:40 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-06-12 16:46 - 2018-06-08 00:39 - 000941568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-12 16:46 - 2018-06-08 00:39 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-06-12 16:46 - 2018-06-08 00:35 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-12 16:46 - 2018-06-08 00:35 - 004384768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2018-06-12 16:46 - 2018-05-12 08:57 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2018-06-12 16:46 - 2018-05-12 08:56 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-06-12 16:46 - 2018-05-12 08:55 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-06-12 16:46 - 2018-05-12 08:55 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-12 16:46 - 2018-05-11 16:54 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-12 16:46 - 2018-05-11 16:50 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-06-12 16:46 - 2018-05-11 16:44 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-12 16:46 - 2018-05-11 16:41 - 003630080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-12 16:46 - 2018-05-11 16:20 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-12 16:45 - 2018-06-08 02:29 - 001849760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-06-12 16:45 - 2018-06-08 02:29 - 000937376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-06-12 16:45 - 2018-06-08 02:29 - 000028576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-12 16:45 - 2018-06-08 02:24 - 006282280 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-06-12 16:45 - 2018-06-08 02:24 - 001029536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2018-06-12 16:45 - 2018-06-08 02:24 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-12 16:45 - 2018-06-08 02:24 - 000247712 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-12 16:45 - 2018-06-08 02:22 - 001358496 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-12 16:45 - 2018-06-08 02:22 - 000054376 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-12 16:45 - 2018-06-08 02:21 - 001206104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-06-12 16:45 - 2018-06-08 02:21 - 000260904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-06-12 16:45 - 2018-06-08 01:09 - 002993728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-06-12 16:45 - 2018-06-08 01:09 - 000832952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2018-06-12 16:45 - 2018-06-08 01:08 - 001075984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-12 16:45 - 2018-06-08 01:08 - 000640024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-06-12 16:45 - 2018-06-08 01:07 - 000047608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-12 16:45 - 2018-06-08 01:06 - 001131696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-06-12 16:45 - 2018-06-08 01:06 - 000129208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-06-12 16:45 - 2018-06-08 01:05 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-12 16:45 - 2018-06-08 01:05 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-12 16:45 - 2018-06-08 01:05 - 000028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanelExternalHook.dll
2018-06-12 16:45 - 2018-06-08 01:04 - 001925120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-06-12 16:45 - 2018-06-08 01:04 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-12 16:45 - 2018-06-08 01:03 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-12 16:45 - 2018-06-08 01:01 - 000652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2018-06-12 16:45 - 2018-06-08 01:01 - 000623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-06-12 16:45 - 2018-06-08 01:01 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-12 16:45 - 2018-06-08 01:00 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2018-06-12 16:45 - 2018-06-08 00:59 - 001297920 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-12 16:45 - 2018-06-08 00:59 - 001116672 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-12 16:45 - 2018-06-08 00:59 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-12 16:45 - 2018-06-08 00:59 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-12 16:45 - 2018-06-08 00:57 - 001135104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-12 16:45 - 2018-06-08 00:56 - 000969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2018-06-12 16:45 - 2018-06-08 00:53 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-12 16:45 - 2018-06-08 00:46 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-12 16:45 - 2018-06-08 00:40 - 001277440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-06-12 16:45 - 2018-06-08 00:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2018-06-12 16:45 - 2018-06-08 00:39 - 000963584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2018-06-12 16:45 - 2018-06-08 00:39 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-12 16:45 - 2018-06-08 00:35 - 000935424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-12 16:45 - 2018-06-08 00:35 - 000891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2018-06-12 16:45 - 2018-06-08 00:34 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DbgModel.dll
2018-06-12 16:45 - 2018-05-12 08:53 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-12 16:45 - 2018-05-12 08:52 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2018-06-12 16:45 - 2018-05-12 08:52 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialStore.dll
2018-06-12 16:45 - 2018-05-11 18:15 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-06-12 16:45 - 2018-05-11 18:08 - 000757792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-06-12 16:45 - 2018-05-11 16:54 - 003198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-12 16:45 - 2018-05-11 16:52 - 000909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\PayloadRestrictions.dll
2018-06-12 16:45 - 2018-05-11 16:52 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Proxy.dll
2018-06-12 16:45 - 2018-05-11 16:51 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaproxystub.dll
2018-06-12 16:45 - 2018-05-11 16:50 - 002186240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaclient.dll
2018-06-12 16:45 - 2018-05-11 16:50 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadauthhelper.dll
2018-06-12 16:45 - 2018-05-11 16:50 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-06-12 16:45 - 2018-05-11 16:50 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\secur32.dll
2018-06-12 16:45 - 2018-05-11 16:50 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-12 16:45 - 2018-05-11 16:49 - 001685504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2018-06-12 16:45 - 2018-05-11 16:48 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-06-12 16:45 - 2018-05-11 16:48 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2018-06-12 16:45 - 2018-05-11 16:47 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-06-12 16:45 - 2018-05-11 16:47 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2018-06-12 16:45 - 2018-05-11 16:47 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2018-06-12 16:45 - 2018-05-11 16:47 - 000082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-06-12 16:45 - 2018-05-11 16:40 - 001363968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-12 16:45 - 2018-05-11 16:38 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-06-12 16:45 - 2018-05-11 16:33 - 002762752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-12 16:45 - 2018-05-11 16:31 - 000662528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PayloadRestrictions.dll
2018-06-12 16:45 - 2018-05-11 16:31 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft.Bluetooth.Proxy.dll
2018-06-12 16:45 - 2018-05-11 16:31 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaproxystub.dll
2018-06-12 16:45 - 2018-05-11 16:30 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-12 16:45 - 2018-05-11 16:29 - 001428480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaclient.dll
2018-06-12 16:45 - 2018-05-11 16:29 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2018-06-12 16:45 - 2018-05-11 16:29 - 000023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\secur32.dll
2018-06-12 16:45 - 2018-05-11 16:28 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2018-06-12 16:45 - 2018-05-11 16:28 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2018-06-12 16:45 - 2018-05-11 16:27 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2018-06-12 16:45 - 2018-05-11 16:26 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2018-06-12 16:45 - 2018-05-11 16:26 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2018-06-12 16:45 - 2018-05-11 16:20 - 000821248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-12 10:06 - 2018-06-12 10:10 - 379800106 _____ C:\Users\Owner\Downloads\2018-catalogue-digital.pdf
2018-06-11 13:56 - 2018-06-15 16:51 - 000012186 _____ C:\Users\Owner\Documents\BowWow Menders KAM Snap Inventory.xlsx
2018-06-07 11:14 - 2018-06-07 11:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2018-06-06 13:14 - 2018-06-06 13:14 - 000000000 ____D C:\Program Files (x86)\Secunia
2018-06-06 12:48 - 2018-06-06 13:09 - 000000000 ____D C:\ProgramData\HitmanPro
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-07-04 09:32 - 2018-01-20 13:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-04 06:09 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-07-04 06:08 - 2017-09-29 08:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-04 06:08 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-03 15:50 - 2015-09-03 16:45 - 000000000 __RDL C:\Users\Owner\OneDrive
2018-07-03 15:48 - 2015-10-04 12:45 - 000000000 ___RD C:\Users\Owner\iCloudDrive
2018-07-03 15:43 - 2018-01-20 13:46 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-03 15:43 - 2016-07-04 14:00 - 000000338 _____ C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job
2018-07-03 15:41 - 2017-09-29 03:45 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2018-07-03 15:41 - 2015-12-01 15:12 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-07-03 15:41 - 2015-08-01 18:31 - 000000000 ____D C:\ProgramData\panda_url_filtering
2018-07-03 15:40 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-07-03 15:38 - 2017-06-12 10:32 - 000000000 ____D C:\Users\Owner\Desktop\Temp
2018-07-03 15:23 - 2018-01-20 13:46 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-07-02 23:38 - 2018-01-20 13:46 - 000003230 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForOwner
2018-06-30 19:33 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\rescache
2018-06-29 17:04 - 2016-01-01 18:10 - 000000000 ____D C:\Users\Owner\Documents\CheckBook
2018-06-29 08:43 - 2017-09-29 08:46 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-29 08:43 - 2016-01-21 08:23 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-06-28 07:20 - 2017-09-29 08:46 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-06-28 07:19 - 2018-01-20 12:13 - 000463080 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000381584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000211160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000197160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000159640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000111872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-06-28 07:19 - 2018-01-20 12:13 - 000046976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-06-28 07:18 - 2018-01-20 12:13 - 001027728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-06-28 07:18 - 2018-01-20 12:13 - 000346664 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-06-28 07:18 - 2018-01-20 12:13 - 000229392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-06-28 07:18 - 2018-01-20 12:13 - 000201328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-06-28 07:18 - 2018-01-20 12:13 - 000059592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-06-28 07:18 - 2017-12-22 10:26 - 000239680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-06-28 02:46 - 2013-11-01 12:25 - 000000000 ____D C:\ProgramData\TEMP
2018-06-27 18:20 - 2017-09-29 08:44 - 000000000 ____D C:\WINDOWS\INF
2018-06-27 18:19 - 2018-01-20 13:08 - 000279640 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-27 18:15 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-27 17:33 - 2017-09-29 08:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-27 16:23 - 2014-12-13 21:52 - 000000000 ____D C:\Users\Owner\AppData\Local\ElevatedDiagnostics
2018-06-27 08:37 - 2016-01-03 09:56 - 000000000 ___RD C:\Users\Owner\Documents\Scanned Documents
2018-06-26 16:14 - 2018-01-20 13:13 - 001721574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-26 16:05 - 2015-09-09 16:24 - 000000000 ____D C:\Users\Owner\AppData\Roaming\rUpdater Software
2018-06-25 15:09 - 2016-10-06 08:05 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-23 15:52 - 2017-09-29 08:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-23 15:47 - 2015-08-01 19:08 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-06-22 16:31 - 2017-12-30 14:16 - 000000000 ____D C:\Users\Owner\Documents\ICE
2018-06-21 10:58 - 2018-01-20 13:46 - 000003348 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3571816096-2060556278-31395193-1002
2018-06-21 10:58 - 2015-12-01 16:02 - 000002370 _____ C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-18 15:23 - 2016-01-03 09:55 - 000000000 ____D C:\Users\Owner\Documents\Life
2018-06-12 18:24 - 2018-01-20 13:52 - 000000000 ___RD C:\Users\Owner\3D Objects
2018-06-12 18:24 - 2014-01-14 18:28 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-12 18:13 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-06-12 18:13 - 2017-09-29 03:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-12 17:19 - 2014-12-15 23:42 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-12 17:11 - 2017-10-10 21:19 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-12 17:11 - 2014-12-15 23:42 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-06 14:20 - 2018-04-12 05:19 - 000000000 ___HD C:\$WINDOWS.~BT
2018-06-06 14:08 - 2018-01-20 09:58 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-06 13:54 - 2017-09-29 08:46 - 000000000 ____D C:\WINDOWS\Registration
2018-06-06 13:53 - 2018-01-20 13:43 - 000049533 _____ C:\WINDOWS\diagwrn.xml
2018-06-06 13:53 - 2018-01-20 13:43 - 000049533 _____ C:\WINDOWS\diagerr.xml
2018-06-06 13:39 - 2016-09-23 15:30 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-06-06 10:21 - 2016-01-03 09:54 - 000000000 ____D C:\Users\Owner\Documents\Crossroads Animal Shelter
2018-06-06 10:03 - 2018-03-26 14:30 - 000000000 ____D C:\Users\Owner\Documents\Bravo
2018-06-05 18:24 - 2018-05-12 12:24 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-05 18:24 - 2018-05-12 12:24 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-10-31 10:28 - 2016-06-03 16:49 - 000007601 _____ () C:\Users\Owner\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-06-30 17:37
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Owner (04-07-2018 09:35:32)
Running from C:\Users\Owner\Desktop
Windows 10 Home Version 1709 16299.522 (X64) (2018-01-20 18:49:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3571816096-2060556278-31395193-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3571816096-2060556278-31395193-503 - Limited - Disabled)
Guest (S-1-5-21-3571816096-2060556278-31395193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3571816096-2060556278-31395193-1004 - Limited - Enabled)
mari__000 (S-1-5-21-3571816096-2060556278-31395193-1006 - Administrator - Enabled)
Owner (S-1-5-21-3571816096-2060556278-31395193-1002 - Administrator - Enabled) => C:\Users\Owner
rwilb_000 (S-1-5-21-3571816096-2060556278-31395193-1005 - Administrator - Enabled)
WDAGUtilityAccount (S-1-5-21-3571816096-2060556278-31395193-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 28 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Photoshop Elements 13 (HKLM-x32\...\{609818B9-23EB-4196-B466-EFE05E92A32F}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.2.202 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{3EAD91D5-2004-1B7F-26FF-C0B4AE3C62F7}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.5.2342 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Carbonite (HKLM-x32\...\{34A6D6FF-7EEC-499E-A54F-71077783AED6}) (Version: 6.3.2 build 7466 (Sep-07-2017) - Carbonite)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dragon NaturallySpeaking 12 (HKLM-x32\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.00.100 - Nuance Communications Inc.)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Documentation (HKLM-x32\...\{A64DC543-B6C3-4745-AAD6-AC9F1B765BCF}) (Version: 1.2.0.0 - Hewlett-Packard)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP MyRoom (HKLM-x32\...\{2C839F0F-5494-454D-9980-A14C5C5EB3EF}) (Version: 10.4.0168 - Hewlett-Packard)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{BD2CDEAF-8D83-4553-A3B3-8B614CC6C96E}) (Version: 1.1.0.0 - HP Inc)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 7520 series Basic Device Software (HKLM\...\{27ABA988-D480-4F44-B0FD-45E5656D2CFE}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 7520 series Help (HKLM-x32\...\{08295D09-E002-48F8-905D-34E4B08509BA}) (Version: 28.0.0 - Hewlett Packard)
HP Photosmart 7520 series Product Improvement Study (HKLM\...\{16B872EE-C458-41BD-BEAE-52758A3F3168}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.6.18.11 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.9.18.3 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6491.0 - IDT)
iTunes (HKLM\...\{BE065D5C-5EB5-4F39-A112-32897C297935}) (Version: 12.7.5.9 - Apple Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.5041.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\OneDriveSetup.exe) (Version: 18.091.0506.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5041.1001 - Microsoft Corporation) Hidden
PSTViewer Pro 7 (HKLM\...\{B515BC8D-408D-4CF5-AC6C-9B1E0E0F0DDF}) (Version: 7.5.460.0 - Encryptomatic, LLC)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Ralink Bluetooth Stack64 (HKLM\...\{307AA214-8490-9119-DA81-C8E875AD1C94}) (Version: 11.0.737.5 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.18.621.2013 - Realtek)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{EC5A6438-850E-4AD1-9169-DD071C8EFFEF}) (Version: 2.10.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{B7AFAF92-D1C8-49A0-B34A-B5DAF9C9D5C6}) (Version: 1.9.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ShellIconOverlayIdentifiers-x32: [ Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)
ContextMenuHandlers1: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc.)
ContextMenuHandlers2: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers4: [Carbonite] -> {FE8BD682-9A64-4740-A92B-EE7E5F7FA0A5} => C:\Program Files\Carbonite\Carbonite Backup\CarboniteNSE.dll [2017-09-07] (Carbonite, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-06-28] (AVAST Software)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {044350E6-C3C5-4CED-8E81-E108D50431F3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {0E187970-92E9-4845-A603-7BA6F471A31F} - System32\Tasks\HP AR Program Upload - cd662528bad74f0292fc12464c7f590c95db0a604934478da499cbe1489bfc24 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {10AE2ED3-1B20-4805-A65D-7D421CA08CC6} - System32\Tasks\HP AR Program Upload - 13b048195d264b5fb015dcb5688a0bf990b19bbb1e4241188313634cf36ebf65 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {177467AE-55D0-41B9-B9F7-47AF0E868074} - System32\Tasks\HP AR Program Upload - 20ed4d4523514baaba4a379532fad29c25009e0232454e64a64bfc0931fdb127 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {1B9E9F96-542C-47C4-BDFF-9F31231CB1DF} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
Task: {3495BB16-2E14-4DAC-AB62-655B3B0BA71B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2018-05-23] (Apple Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36213528-338C-4470-B040-6C6A0FDC8D55} - System32\Tasks\HP AR Program Upload - e041d3ba528447cd8a3844a84947d474a1fe7e4ca863435ca58430f52790766e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {3FD15CAF-00DA-4DF4-B461-2521632DE384} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)
Task: {400F66B8-07BE-4DB3-BC52-BA839403206F} - System32\Tasks\AdobeAAMUpdater-1.0-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-08-27] (Adobe Systems Incorporated)
Task: {48F3CA6F-826F-4888-B2C1-33EAD7E7DF3E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {550D2824-4CA8-40C3-85AA-B97123F2621D} - System32\Tasks\HPCustParticipation HP Photosmart 7520 series => C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {5B8AB74A-2B49-4B48-BC4F-7D19FBE93555} - System32\Tasks\HP AR Program Upload - 54e913671e304774bb065d953d8785201a8e6e5732094e1d93d2575b01c6f336 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {5C43B687-2B29-424F-931C-843259C0FE8A} - System32\Tasks\HP AR Program Upload - 6cbae8e051084ba4901ec4d9d7ec410b7452d3c81fe24303b4468b1b176103fe => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {61BCC6F0-1C1F-4916-8202-6D49B8DB1B8C} - System32\Tasks\HP AR Program Upload - d520a4fe92ff45c5b7400be608664b4dbc44d3556d914fc28e24b6c8d18faea5 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {62162C57-E877-4FA6-8399-EF0C47C763DE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {66D5B3F6-BE8F-4974-AE40-6C4BF5CEEC6C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2018-06-12] (Microsoft Corporation)
Task: {66F1E160-B411-48FD-ADED-FFD1EFEBE882} - System32\Tasks\HP AR Program Upload - 59efb5f037674031b411c4abdc22dbabfc064db05304497a8144a2de34945686 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {68409B33-DABC-4696-B6CB-62576828BAE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-05-11] (HP Inc.)
Task: {6B57DBC6-BCAC-4E1A-A658-9A6E99E7CFD2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {736121B3-183E-452A-BC9C-8681AB220B09} - System32\Tasks\HP AR Program Upload - d3b4ac90ff1641e3a105836f88570e3038466b74f0ea490fbae29202b9f29ff6 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {736E2B85-8DF0-416D-9896-CE91DBFD6417} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)
Task: {7A88A5CF-A084-4356-9477-79ECF5C5D823} - System32\Tasks\HP AR Program Upload - ae42614dad434ccfb23d43e802ad066f34eb2bd3afec47b5a2ecf6513f105e7f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {7C60C842-76D5-4F00-BE70-FE46EE2C587D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)
Task: {7E634445-1972-4713-8AD9-62C341B39542} - System32\Tasks\HP AR Program Upload - a69930d82c9c49c592a14a8213aec954705e24a9f8064e95a918baeb82840aff => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {81113475-3698-49CD-B799-5ED7F9FD85D7} - System32\Tasks\HP AR Program Upload - bda91eab68504b46a4567215c6dfc6d041f3c17eba4d49d39020975a73a92bf2 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {827104DF-5CD3-41FE-BF14-DE784E404802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {82967426-2E44-4132-A32D-1E808A3639D9} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-06-06] (AVAST Software)
Task: {830A47C3-1F9D-4985-885E-AAFE52B6EF46} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-06-29] (Microsoft Corporation)
Task: {839DD036-FCB9-42E0-AC65-F6F9F81033F0} - System32\Tasks\HP AR Program Upload - 23b4b9df709e4eb7a03669f2d3e6d9c3968db8bb0a364ce8ac8c72758fea4a6e => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {87590BD9-1A74-4549-826D-7BAE682EA7C4} - System32\Tasks\HP AR Program Upload - 3302f8c4da98408f9de824303d72f7e8ecaa8997014c430ab5febfcd754d1ec8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {891034CC-A26D-453A-93E2-C1C12576F7CB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {8BDA85CB-8CA8-4674-A3D0-E5E8175D47B2} - System32\Tasks\HP AR Program Upload - b60302ff0fd149c3b28a5599a1d0d2ac522aab96f53946c1b0283e24fbc072bd => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {90F02EDA-B3E2-4F92-BCEF-6A0BEF528E56} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2017-08-18] (Synaptics Incorporated)
Task: {934D048D-6A77-439E-BAB6-CF200D9E9EE9} - System32\Tasks\HP AR Program Upload - d237079b094e40d5b92c2a7a186b1ae878c9d48866ac41e785a85267ca21038b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {93EF3557-8EEB-4F1F-9657-C4E583490EDB} - System32\Tasks\HP AR Program Upload - cc5fe602b0454df298e9f2213c70f5915cedda117e3e4b0ea206214d67c464a8 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {94C66E5B-F752-4DDF-B70F-A8B44ACF4981} - System32\Tasks\HP AR Program Upload - 7a620f6a9e794ac4935f1bd437f9a7568627dc9a7981485cb22ce992afa6a70b => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {958BB90D-CE00-47B2-807C-4E980390CCA6} - System32\Tasks\HP AR Program Upload - c4522da8b5b643d8ae5242a4d41af0140023c55c804c4c5c956057afdacf9d56 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {96C81D51-D447-4500-8994-980C0C3A727F} - System32\Tasks\HP AR Program Upload - 04c32abb928e41d58951629e32c48e15a9b744708e4048439af7a9b6f3b1a21f => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {9A52E4A7-2C5B-45BC-9E9A-8463D7316092} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {9B9F9486-F7D5-45A4-9DDE-6082C0B7C159} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-06-28] (AVAST Software)
Task: {9E24DEB6-D146-43D5-A951-971D3C33503C} - System32\Tasks\HP AR Program Upload - 3575c51157384e2d8ce2c98e4f3828e4836b0231d51c493ba822ab8c186ffbca => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A6CD674D-E253-4A8B-B67E-F8BD6074E621} - System32\Tasks\HP AR Program Upload - 95a0f5c3e17a43178792f2d4fd896425c9b7170f30bd4833ad85df257c454e0d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A708FEFA-B10A-48BC-A597-BC8AD1A6226D} - System32\Tasks\HP AR Program Upload - 88cc1119b3b5443ba7c463ff649a914dfa3022a442f149619cfeca508af1b7db => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {AA9646CB-519F-4CF0-BB80-C881C88B72B8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2017-06-22] (HP Inc.)
Task: {AEDA639D-00B6-4EFF-9BDE-C796EC7A44D5} - System32\Tasks\HP AR Program Upload - 60b9449260e84595a093000ee04f48dc42803145a44e44549b09086fdf283130 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BD82E335-26E4-421E-BDBB-CC21E1414541} - System32\Tasks\HP AR Program Upload - d630fbb24d2e4b58828058b993cfddb084940f9ba3dc42edb773fd41bc9add95 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {BE06E552-7606-40C2-A537-E51E43287E11} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {BFCCCE98-5B63-49C8-8BCA-31CE483EDADA} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {C8B4D475-2A8D-4B01-8E2F-8794CC4434F1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-22] ()
Task: {CAF5EB68-236D-4AEA-9DE0-FFFDA880E3F3} - System32\Tasks\HP AR Program Upload - 47af6eb2eb55495ea77bf8d7240bdb802bb1319547d240f684d2261ca10577c3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {CF6A0242-24C3-4D56-9504-35C88A271C4F} - System32\Tasks\HP AR Program Upload - 27e16fb787014adb989b3b6d3ae895d9ca3fb2e99092439a83ced62f18f59f1d => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {D68DC9B7-9724-48D6-AFFA-F326B3CB4C50} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-01] (Google Inc.)
Task: {D8015EC6-FC86-434B-A369-7D10D676B2F4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_28_0_0_137_pepper.exe [2018-01-09] (Adobe Systems Incorporated)
Task: {D9AA527F-7F7F-4E2C-92DC-D6F0D031C8BC} - System32\Tasks\HP AR Program Upload - 157c157312034a29b55b03fdf0e7a42f5849161fad3940c18ac3edc072ba8db7 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {E324B319-B289-405C-87F3-7A4F92659AA8} - System32\Tasks\HP AR Program Upload - 82cbb129e1d4435cb8f43ac75d80fc026037922f70a14a3eaae9b1fc51a5df84 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {E6AB8001-0B5B-49CC-93E6-D26EE67964D4} - \Optimize Start Menu Cache Files-S-1-5-21-3571816096-2060556278-31395193-1002 -> No File <==== ATTENTION
Task: {E8F05230-863A-4482-9B69-B54C526DE88E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {F5C399E9-3167-46BE-8C19-8AB68F84E08F} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {F86DD61A-78CA-4A0D-A3BB-98C4A359859E} - System32\Tasks\HP AR Program Upload - 9dff23a5152d4eff91c964a9ac6f6adbb4ff3d7ea8ad4acb9c824bd72ea89781 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {F8AAB4A0-F4C8-487C-A15D-751AC942F116} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {FB0405CE-1534-4DEA-B5F6-8822D36939F2} - System32\Tasks\HP AR Program Upload - 05043a01f62c4db8ac8ef14dd94e6d096f6a2ff3485e42539b3d7369458b29b4 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {FE44855B-8408-4395-B8D7-8DB8875960A4} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FE8A1AD1-2C74-44EF-BDCF-86BAB3EAF9B2} - System32\Tasks\HP AR Program Upload - 5dbd5b0315a34311b8639bddbaba717c86cf94835bb34f0e9f10d544291b21d3 => C:\Program Files\HP\HP Photosmart 7520 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 08:41 - 2017-09-29 08:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2014-07-05 00:33 - 2014-07-05 00:33 - 000127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-04 08:24 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2017-11-30 19:54 - 2017-11-30 19:54 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-03-23 19:17 - 2017-01-31 07:34 - 008909512 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2018-06-27 17:18 - 2018-06-13 16:05 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-27 17:18 - 2018-06-13 16:02 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-25 15:09 - 2018-06-22 14:15 - 002663768 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libglesv2.dll
2018-06-25 15:09 - 2018-06-22 14:15 - 000128856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\swiftshader\libegl.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 001042232 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-30 19:55 - 2017-11-30 19:55 - 000076088 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2018-03-10 18:13 - 2018-03-10 18:13 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-06-28 07:19 - 2018-06-28 07:19 - 000483544 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-06-28 07:18 - 2018-06-28 07:18 - 000282840 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-07-03 15:45 - 2018-07-03 15:45 - 000098816 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32api.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000110080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pywintypes27.dll
2018-07-03 15:45 - 2018-07-03 15:45 - 000364544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pythoncom27.dll
2018-07-03 15:45 - 2018-07-03 15:45 - 000320512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32com.shell.shell.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000914432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_hashlib.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 001176576 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._core_.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000806400 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._gdi_.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000816128 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._windows_.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 001067008 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._controls_.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000733184 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._misc_.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000682496 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pysqlite2._sqlite.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_ctypes.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000686080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\unicodedata.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000119808 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32file.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000108544 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32security.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000007168 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\hashobjs_ext.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000017920 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\thumbnails_ext.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000088064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\usb_ext.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000012800 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\common.time34.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000018432 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32event.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000167936 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32gui.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000046080 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_socket.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 001303552 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_ssl.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000128512 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_elementtree.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000127488 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\pyexpat.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000038912 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32inet.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000036864 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_psutil_windows.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000525208 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\windows._lib_cacheinvalidation.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000011264 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32crypt.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000123392 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._wizard.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000077312 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._html2.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000027648 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_multiprocessing.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000020480 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\_yappi.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000035840 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32process.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000078848 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\wx._animate.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000024064 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32pipe.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000010240 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\select.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000025600 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32pdh.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000017408 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32profile.pyd
2018-07-03 15:45 - 2018-07-03 15:45 - 000022528 ____R () C:\Users\Owner\AppData\Local\Temp\_MEI74402\win32ts.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [132]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2018-07-03 14:38 - 000475748 _____ C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.0 fr.a2dfp.net
0.0.0.0 m.fr.a2dfp.net
0.0.0.0 mfr.a2dfp.net
0.0.0.0 ad.a8.net
0.0.0.0 asy.a8ww.net
0.0.0.0 static.a-ads.com
0.0.0.0 abcstats.com
0.0.0.0 a.abv.bg
0.0.0.0 adserver.abv.bg
0.0.0.0 adv.abv.bg
0.0.0.0 bimg.abv.bg
0.0.0.0 ca.abv.bg
0.0.0.0 track.acclaimnetwork.com
0.0.0.0 accuserveadsystem.com
0.0.0.0 www.accuserveadsystem.com
0.0.0.0 achmedia.com
0.0.0.0 csh.actiondesk.com
0.0.0.0 ads.activepower.net
0.0.0.0 ad.activesolutions.cz
0.0.0.0 app.activetrail.com
0.0.0.0 traffic.acwebconnecting.com
0.0.0.0 office.ad1.ru
0.0.0.0 cms.ad2click.nl
0.0.0.0 ad2games.com
0.0.0.0 content.ad20.net
0.0.0.0 core.ad20.net
0.0.0.0 banner.ad.nu
0.0.0.0 adadvisor.net
0.0.0.0 wad.adbasket.net
There are 12587 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\Pictures\2018\2018_01\20180107 Ethan.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "rUpdater agent"
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "HP Photosmart 7520 series (NET)"
HKU\S-1-5-21-3571816096-2060556278-31395193-1002\...\StartupApproved\Run: => "Spotify"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{7F34302A-BCF1-4EA2-8C6F-6DA96B634481}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{382F7EB3-5714-4345-8B1B-F5A202BA5724}C:\users\owner\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\owner\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A8173068-98E1-4B84-B5A2-BF0124A68372}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{9DD3C300-69E9-410D-9768-8268DF317099}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{73AE8A15-EBDB-4066-975D-D371BE7941B7}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{429639AD-9DE5-472D-AD04-12B0CC70E418}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\Bin\DeviceSetup.exe
FirewallRules: [{E0E0A570-D893-4779-BFAF-EB53DBAADFF3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\SendAFax.exe
FirewallRules: [{B2C5544D-344E-4CAE-B2AD-C3805792486D}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\DigitalWizards.exe
FirewallRules: [{990D2631-3B2B-444C-8DBB-F1D9570E62D3}] => (Allow) C:\Program Files\HP\HP Photosmart 7520 series\bin\FaxApplications.exe
FirewallRules: [{88857203-A1FA-4BCA-8BE0-72BCA49B776D}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe
FirewallRules: [{55DA8EEB-690B-495A-95A3-B26CA824A927}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4942\HPDiagnosticCoreUI.exe
FirewallRules: [{0FE2E7E4-F32E-4911-8F01-36A810ACFB00}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe
FirewallRules: [{FB992C17-D058-4DD3-A5AD-3339C78A723C}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS46D5\HPDiagnosticCoreUI.exe
FirewallRules: [{D1CC354E-D6A5-4079-9DA4-3B563E7D9575}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe
FirewallRules: [{F2BB004C-5B84-479B-8369-CCAF95A19623}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS2A62\HPDiagnosticCoreUI.exe
FirewallRules: [{300DA682-686B-463F-8588-B8A412BB71A1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe
FirewallRules: [{957EB282-E084-47CC-B39B-80D364889A03}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS47A6\HPDiagnosticCoreUI.exe
FirewallRules: [{31DF2E4F-9E8E-47E5-9D91-A52BA735A296}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe
FirewallRules: [{18E10B91-7357-48E0-9BEE-0ABBF4D0DDF1}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS05FF\HPDiagnosticCoreUI.exe
FirewallRules: [{800C00E8-0043-4285-912D-0520878E7EC6}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{EE26E174-F3C5-49ED-AF96-4375BFCDBECD}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4F10\HPDiagnosticCoreUI.exe
FirewallRules: [{C19CD7DF-1589-44A7-81AA-93A1AB02F7AC}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe
FirewallRules: [{DA255DC9-2407-4C72-A10A-6EE58EF0F48E}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS4E94\HPDiagnosticCoreUI.exe
FirewallRules: [UDP Query User{17E70F61-2A90-4038-99C1-E3E301908547}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe
FirewallRules: [TCP Query User{A27AC6B7-9386-4046-A5FC-CA4E784E252C}C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe] => (Allow) C:\users\owner\appdata\local\temp\7zs46a4\enterprisedu.exe
FirewallRules: [{0E3C8F37-B259-467D-9705-8B028BE6EC29}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{532A1504-1CD6-4EB1-9D88-832CBD4B5C61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BCB20815-7187-40E4-93FD-33F9652EC2B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D9F0CD80-DBDF-4F1D-999F-D27C39E72091}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{A2AF0334-2FCF-4785-8A0B-C9CF15103A60}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [TCP Query User{71AC7401-346A-45C3-B98B-D550DC856710}C:\program files\verizon cloud\verizon cloud service.exe] => (Allow) C:\program files\verizon cloud\verizon cloud service.exe
FirewallRules: [{5A0F632A-07F3-47FE-9D97-F6AF0B12BFFE}] => (Allow) LPort=1900
FirewallRules: [{DF95C8D4-A149-4209-AC3E-15C8C92565A1}] => (Allow) LPort=2869
FirewallRules: [{E4B674E1-82E2-46E4-A221-9919620027C7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{AAAD9B1F-46F0-443B-A64C-9D661F2551C3}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{98DA7191-3F2A-47F7-8BA3-C7DCABB2E231}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{4968CAF8-E343-4C59-9CA7-2A3471C5E885}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{C6475F0E-5D77-4B16-97C6-587DA739B3FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A841F4B1-5F9E-4474-A2D0-95352830D027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{E1DF5F8A-6CE9-4C46-8D8F-68EEDB4A2D6F}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{0965F846-D44F-4F7D-B066-5877018DE037}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{A78FD93C-B533-401E-823E-2461329B8FE1}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{921CE967-0573-4D10-AAA0-300AFB330F3E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe
FirewallRules: [{C75FE225-25C9-4498-B13D-E528F0E138D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{9036D1A4-7A6A-4072-8CCC-DEB98F6E11FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid64.exe
FirewallRules: [{D5670B83-EC57-4AB4-81A7-6AAFEF693881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{85069B8E-3B43-4C5C-8590-AFC4E70CC0BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ProjectZomboid\ProjectZomboid32.exe
FirewallRules: [{97FA3EA0-087C-417B-A5C6-B3921B71BD78}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{07811608-DE1B-41AB-809C-6947EBE250FC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{79DCA3DD-4808-443E-BFB4-44676B141AC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{51C4E45A-C5B3-4317-93B6-2665A00761F2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F92DAB55-2100-4496-B092-7E35940BFF7B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9134EBE7-9E0F-40DE-BB1B-2CCA814DDD34}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{00746B45-66F9-4130-9C7B-7A7A54A70541}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{45AF73DB-CD3D-4F03-8EF9-049243F17417}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{55E88299-1570-4F2A-BC9A-DE240029A836}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{634BCF34-41D8-4812-9210-DA02A9C518A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{7C3927CE-AB1F-4BCF-8442-1058D560C8C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{347CEAF3-405C-475C-86AD-B20989C9B73E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D558E438-88B2-4F22-842A-A4D153B87271}] => (Allow) C:\Users\Administrator\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{C9E34CCC-7F9B-4D57-88BA-2C4232D6C9FF}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{FE25341A-3A39-4AD8-8479-68329B3176D0}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe
FirewallRules: [{E7AD625E-BF54-4F83-ABC3-705FE22BF357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{35EA0C09-0C1A-4D45-920C-28EAC803655A}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe
FirewallRules: [{84FB5B07-15B4-4B51-BC03-4B3BE4AFA0D9}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{2CC95ACD-940D-4E6A-9710-2E0E68460B8B}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe
FirewallRules: [{7779F5EA-1A36-4D36-B05D-EF490367065A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{ACA4B57B-91B6-4C55-B263-5CB0F0513E44}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7A1165C8-33B0-45CC-B0BD-67A27987A24A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{396330BB-5710-41EF-A8BA-23CE2FADD2A9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F1599A5B-1DAA-4C18-A357-CD55FBC5E13F}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{4B9F8D77-C991-4DC1-B527-A69887EC7768}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
FirewallRules: [{8D0072BD-E00E-45AF-BB20-C494CC61DCAB}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{D5259FD3-0338-4BE1-B6CD-8CC43E6C1E6F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BD15BCC9-A39B-4AD8-895C-72C83C45273D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{A7CA6AA7-4AEF-416D-AB9E-30E35D196984}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D638B2EF-CC5C-4538-B716-EAA5B4743DF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{351EF3AF-88D8-482E-945B-25FF2832EE88}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{83923E4A-E76D-417E-B862-9020CFB46E4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9C6496B5-B155-48B3-A5DC-71ED669DDD17}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{87BFF0F6-3908-45E2-B21B-1F8B5D09ACB4}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{FAD139DC-3C20-46A0-B0FA-79B788C4D521}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{B0B82F4E-742A-4039-A581-3BBAAD3A109A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{97A3064E-8034-4672-A47B-89428E45EB41}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{74F795BD-037C-42F3-81DB-B9123E5D8BA2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{CE704780-EA55-45B5-863D-329DC98C67BA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{2DDFEF7C-4252-47A7-A850-7F6DE7AAE8A2}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe
FirewallRules: [{6121C2E9-D55E-4AEA-8056-FCF01E4A60E4}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{00C14A15-BA90-42E0-90AF-F6501B2B34CE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe
FirewallRules: [{F67360EC-D1B4-4492-BF95-126FB166C09A}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe
FirewallRules: [{6BED2BA7-7EE0-421F-819D-168785BCBB23}] => (Allow) C:\Users\Owner\AppData\Local\Temp\7zS18D5\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{518D0F4D-1C6D-4C62-B7D6-542DCE8E38AB}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [UDP Query User{25BB462A-3926-42E9-9008-C5EA57BF69D3}C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe] => (Allow) C:\program files (x86)\hewlett-packard\hp support solutions\modules\hpdevicedetection3.exe
FirewallRules: [{7E7E7E65-2F44-476A-A2BE-E9626193EA5B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3FF21F05-CDD2-4D81-BD02-1D5694009933}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3EE36798-7D0C-4A43-B25F-ED27FC599234}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{40DB4255-C9ED-48C3-A7A8-6545E91223CB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{15C5240F-C70C-4E1A-B2F9-CC8F7E52E2F3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{602656AC-A642-41ED-B5FA-75FF3895D696}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B5DDBEA5-9C2A-4448-8C0D-DDA67D3193FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{42457AA8-D3F7-4A76-B462-BAE2E0DBC77C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D3FA597B-101F-4007-A590-8FEF4EB0D2CC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{1083BED6-5058-430C-9743-33BBE94B539C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A7ECA197-A1F1-4BD9-A900-492A5589F2A1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3EE068E8-FB6F-4C4A-BBAE-83D88ADD8BDF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A39E471C-69E2-4450-A4A7-3D2F22335499}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{DF13A479-CB9C-4BAC-926D-E2D8F9E4540A}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.84.344.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
==================== Restore Points =========================
30-06-2018 19:31:16 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2018 03:51:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\WINDOWS\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (07/03/2018 03:51:14 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (07/03/2018 03:51:14 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "MSDTC" in DLL "C:\WINDOWS\system32\msdtcuiu.DLL" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (07/03/2018 03:51:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (07/03/2018 03:51:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\WINDOWS\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (07/02/2018 04:10:59 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (07/01/2018 03:35:43 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (06/30/2018 11:39:17 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
System errors:
=============
Error: (07/04/2018 04:58:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/04/2018 03:58:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/03/2018 04:14:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/03/2018 03:58:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/03/2018 03:53:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/03/2018 03:49:02 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Delivery Optimization service hung on starting.
Error: (07/03/2018 03:46:48 PM) (Source: DCOM) (EventID: 10016) (User: PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user PC\Owner SID (S-1-5-21-3571816096-2060556278-31395193-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/03/2018 03:43:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2018-06-28 12:20:09.511
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.247.704.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13903.0
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2018-06-28 12:20:09.511
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.247.704.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13903.0
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2018-06-28 12:20:09.510
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.247.704.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13903.0
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2018-06-28 12:00:06.400
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.247.704.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13903.0
Error code: 0x80072ee2
Error description: The operation timed out
Date: 2018-06-28 12:00:06.399
Description:
Windows Defender Antivirus has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.247.704.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.13903.0
Error code: 0x80072ee2
Error description: The operation timed out
CodeIntegrity:
===================================
Date: 2018-07-04 09:34:14.615
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:34:14.611
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:20:47.245
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:20:47.240
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:09:26.917
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:09:26.913
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:05:47.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-07-04 09:05:47.173
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: AMD A10-5745M APU with Radeon HD Graphics
Percentage of memory in use: 55%
Total physical RAM: 5336.26 MB
Available physical RAM: 2372.95 MB
Total Virtual: 6232.26 MB
Available Virtual: 2972.99 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:667.83 GB) (Free:490.45 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (RECOVERY) (Fixed) (Total:28.33 GB) (Free:2.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: () (Removable) (Total:14.83 GB) (Free:14.74 GB) FAT32
\\?\Volume{d97b525b-7a5d-437e-893c-9c5d4d441855}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.13 GB) NTFS
\\?\Volume{17aec459-3ed0-4961-bb44-098682a07aaa}\ () (Fixed) (Total:0.25 GB) (Free:0.14 GB) FAT32
\\?\Volume{50f53de4-8d16-4edb-b6fc-3dcb950c07ce}\ () (Fixed) (Total:1.7 GB) (Free:1.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 44766419)
Partition: GPT.
========================================================
Disk: 1 (Protective MBR) (Size: 14.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================