Hello, Today before I logged onto the computer I could hear it running as though it was working on something already. The log in process did not work properly and once I did log in the computer was running slow. Just opening a window or web page was sluggish and online video game screens did not fully render. The mouse pointer locks in place on the screen and it appears to move about erratically.
Ran by Steve (administrator) on STEVE-PC (Dell Inc. Studio XPS 8100) (14-05-2020 08:14:52)
Running from C:\Users\Steve\Desktop
Loaded Profiles: Steve
Platform: Windows 10 Home Version 1909 18363.778 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
(Alcor Micro Corp.) [File not signed] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
(CyberLink -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Dell Inc. -> SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Facebook, Inc. -> Facebook) C:\Users\Steve\AppData\Local\Facebook\Games\FacebookGameroom.exe
(Facebook, Inc. -> The CefSharp Authors) C:\Users\Steve\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\HPNetworkCommunicatorCom.exe
(HP Inc -> HP Inc.) C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\ScanToPCActivationApp.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee Security Scan\3.11.1719\SSScheduler.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(McAfee, LLC -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_1\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ChromiumContainer\delegate.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\CoreUI\Launch.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MAT\McPvTray.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\MQS\QcShm.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Steve\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe <5>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SrTasks.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.18362.772_none_5f13f94c58ff41d3\TiWorker.exe
(NETGEAR -> Realtek Semiconductor Corp.) C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe <2>
(Piriform Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCUpdate.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TEFINCOM S.A. -> ) C:\Program Files (x86)\NordVPN\nordvpn-service.exe
(TEFINCOM S.A. -> NordVPN) C:\Program Files (x86)\NordVPN\NordVPN.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <6>
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
HKLM\...\Run: [RunDLLEntry_THXCfg] => C:\Windows\system32\THXCfg64.dll [17920 2009-10-15] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [RunDLLEntry_EptMon] => C:\Windows\system32\EptMon64.dll [21504 2009-10-15] (Creative Technology Ltd.) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-02-20] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2009-07-17] (Alcor Micro Corp.) [File not signed]
HKLM-x32\...\Run: [PDVDDXSrv] => C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe [140520 2009-12-29] (CyberLink -> CyberLink Corp.)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.) [File not signed]
HKLM-x32\...\Run: [DellSupportCenter] => C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (Dell Inc. -> SupportSoft, Inc.)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\...\Run: [HP ENVY Photo 7100 (NET)] => C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-21] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\...\Run: [HP ENVY Photo 7100 (NET)] => C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\ScanToPCActivationApp.exe [4064160 2019-03-18] (HP Inc -> HP Inc.)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3372832 2020-04-27] (Valve -> Valve Corporation)
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\...\Run: [NordVPN] => C:\Program Files (x86)\NordVPN\NordVPN.exe [1825744 2020-04-21] (TEFINCOM S.A. -> NordVPN)
HKU\S-1-5-21-2126779717-1312616141-414031349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064217782\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-2126779717-1312616141-414031349-1012-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064218485\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064214689\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\81.0.4044.138\Installer\chrmstp.exe [2020-05-07] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2020-03-21]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.1719\SSScheduler.exe (McAfee, LLC -> McAfee, LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR A6100 Genie.lnk [2018-11-01]
ShortcutTarget: NETGEAR A6100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe (NETGEAR -> Realtek Semiconductor Corp.)
Startup: C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-05]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\Steve\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
Task: {08F2FB35-75CE-4327-90AD-18DD9D11591F} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {108191A9-B81B-4A89-8324-CBAE19F79526} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {19A7AACA-5CB8-498E-9C2F-96B660D3564D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {22F96D1B-D540-4FC5-B9D8-BB45E274D728} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {276CB943-0FC2-464C-AFF1-972EA15DFF0D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {2C362EB4-8053-43A6-BA72-BD6420FBE056} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2D76A2B7-61A8-4001-91BD-2403A210CFAC} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2E1FE781-73BB-413D-BC10-71EF4660F186} - System32\Tasks\HPCustParticipation HP ENVY Photo 7100 series => C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\HPCustPartic.exe [6659488 2019-03-18] (HP Inc -> HP Inc.)
Task: {2F71164D-1181-41C0-A09E-5B4AA1220707} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe)
Task: {32F4050D-2881-4AEE-87DE-152266044E8C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {34E08A51-7865-467F-BD01-B14F897CD923} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {367B7261-251B-4B7C-92C1-DB533D14F1AC} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {39E05497-F332-4E00-8E4B-060E1803FC1F} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {3A79D6E2-FA26-4257-99E0-10274054C3F4} - System32\Tasks\{F669A1E0-0F2E-47AF-B532-88847F1F8A68} => C:\Windows\system32\pcalua.exe -a "C:\Users\Steve\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T9L9IH5A\JavaSetup8u45.exe" -d C:\Users\Steve\Desktop
Task: {43194335-EBB5-4561-B6E4-AE9F151D822B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems)
Task: {45001587-1E69-46DA-ADDA-8E61A3DEFAFB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {45C6C4AE-AC7B-4BE1-9633-3921946D5788} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2019-12-12] (McAfee, Inc. -> McAfee, LLC.)
Task: {460D5FE4-DCD8-40FB-B850-0B6D8962B2AF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-18] (Adobe Inc. -> Adobe)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4C9C1653-252B-4082-8DE0-E7DD7263BF86} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {5043BBDD-FB4B-43EA-B98D-465C92741B4C} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {52BAD8ED-E58A-4EE9-9DC6-B78D25B2BC74} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [761424 2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Task: {5594358D-B7FE-4280-8C55-27F2288EABF4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C}
Task: {55CB7007-C249-4BC7-A1FF-03A82008C1CA} - \McAfee\McAfee Idle Detection Task -> No File <==== ATTENTION
Task: {5990458A-69B8-46EF-B2B4-3926EFFC52FC} - System32\Tasks\HPCeeScheduleForSteve => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [97656 2018-09-11] (HP Inc. -> HP Inc.)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {633E6906-1388-4235-A404-90CEBA38C54C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {63C7A0E5-B90B-4913-BB15-A4623643A6AD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {674E761A-1C56-4639-9114-EC815ED10FCB} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {6901E460-B81D-4BFA-847C-256B9A9D294C} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.4.134\DADUpdater.exe [4147336 2020-03-20] (McAfee, Inc. -> McAfee, LLC)
Task: {693998BB-504B-49C9-B060-265204087637} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [550848 2018-09-19] (Piriform Ltd -> Piriform Ltd)
Task: {6C876844-9496-4246-A984-9516F1186740} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6DD71C20-833A-447E-B542-3F5261EE0DB7} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {71437354-E985-401A-AC82-7F07E9AC448E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {743E044B-DE63-47F6-9DA8-E9B817066376} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A2EE8C6-D82D-48B9-AA59-C54A3E8F5491} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {81C91F2C-A058-4B59-9AA8-352C6ED6FA35} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {829A157E-CAA9-4751-AC4D-5F5A042A72C8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83CFE42F-9ECC-4A65-B3BD-549ADC39767C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {84084A39-63CC-4C24-81B1-0D09EBB720A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-07-10] (Google Inc -> Google Inc.)
Task: {87879C5E-84AE-4340-8EEB-B6FC8FD89F0E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {949A672C-21D2-4831-85B0-4E3312AE3190} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {95D44650-B512-4F7E-8937-EA100CB2CB3C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {9721E916-859D-401D-BE52-CBB64FFB45C6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1117048 2020-03-26] (HP Inc. -> HP Inc.)
Task: {997C9B59-4132-4E53-9997-E3878B6BA018} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A0AFC522-E575-47FA-9685-9C11A3F91258} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A0C47F00-3581-4FC0-AB65-05AE3DF924B0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2016-11-07] (HP Inc. -> HP Inc.)
Task: {A145FB7A-F343-4AC2-96A2-B0135FFBF36F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AE0EDA73-6C12-4FAF-87C1-AFE365E863F1} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {AE1E62D9-3944-465E-90E6-F836B2B3BC08} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B85E8E50-04A3-4D32-8211-C4C3A1134671} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB7E869E-194C-454F-9CBB-D4F06A4C0041} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {BC70B943-ACFF-4605-AD8E-572DAA02BA15} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BD682918-AECB-411E-99C7-AF0558419E97} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {C02DCCEC-FA7B-44A5-959A-DABA9DA9A921} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {C95F6FC2-F48F-4300-9B31-ECAD0E79ECFB} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CBB900A1-CD8A-48E2-91D0-04018C8F4428} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC4FE8CA-1E3D-4F3B-ACCD-425E6CBE06F8} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC6C8F9B-EDB0-4EA1-AD07-35CBBF27B95B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.)
Task: {D049FA15-366A-4936-BE98-30BA1F5F1755} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [320856 2020-04-23] (HP Inc. -> HP Inc.)
Task: {D1937180-37B5-4FC7-8D5B-D62364DAD431} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {D1AFFD06-5FE9-47FC-9609-AB85AAA9F4FD} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {DCFD5C37-A6F5-474B-8DBB-5DD0A250C23F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DFCDBB11-B59A-4668-843B-FBBCED4427EE} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {DFD2F50F-27EF-4C9C-A0FC-46FDC7C39B1E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {E38C46BD-59CC-4520-A98D-17E0E9CBF3DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [286088 2019-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7D394DF-55C8-419F-98F0-3685095EBE5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Task: {EB2D6327-6E2B-4201-AC21-944C68564E6E} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F04B9BF4-B65B-4FA9-AC76-D262D7C31D2B} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {FB552AA2-8C66-49D0-A958-EBF4A79A4FB2} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-06] (McAfee, LLC -> McAfee, LLC.)
Task: {FBCFF9A8-AED7-457E-BCCA-EB216366D720} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-07-10] (Google Inc -> Google Inc.)
Task: {FC698D1C-8FBC-4100-8686-D6116D44CC6D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {FEDB12BA-C593-49E2-B5E1-CC57D459171D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506680 2019-06-14] (HP Inc. -> HP Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{0e3da44d-f79e-4abb-9a53-e4c1dcef5001}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{5c81cd94-64ff-43fc-ba2c-ad444fc8324c}: [DhcpNameServer] 192.168.1.1
==================
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll No File
URLSearchHook: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll No File
URLSearchHook: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll No File
URLSearchHook: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll No File
SearchScopes: HKLM -> DefaultScope {D16712B1-06E5-40C6-BE20-6F6D92D9B613} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {D16712B1-06E5-40C6-BE20-6F6D92D9B613} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {7A9F991B-3D8A-4AC1-8BA8-BC302CA21DED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {7A9F991B-3D8A-4AC1-8BA8-BC302CA21DED} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> DefaultScope {3BD6259F-67D1-4B56-80DF-4A2959E88953} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {3BD6259F-67D1-4B56-80DF-4A2959E88953} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {7A9F991B-3D8A-4AC1-8BA8-BC302CA21DED} URL =
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {9DF20BFE-9C9A-4470-BD31-CD34778F77A3} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_us_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_58129979_1201_1401_20160723_US_ie_ds_&tag=bds-p10-serp-us-ie-20&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {D16712B1-06E5-40C6-BE20-6F6D92D9B613} URL =
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> {D8009B4E-5E8B-43E8-A566-9ABF0B745A8F} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D19700101&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> DefaultScope {3BD6259F-67D1-4B56-80DF-4A2959E88953} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {3BD6259F-67D1-4B56-80DF-4A2959E88953} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {7A9F991B-3D8A-4AC1-8BA8-BC302CA21DED} URL =
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {9DF20BFE-9C9A-4470-BD31-CD34778F77A3} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US105D20110717&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p10_serp_ie_us_display?ie=UTF8&tagbase=bds-p10&tbrId=v1_abb-channel-10_58129979_1201_1401_20160723_US_ie_ds_&tag=bds-p10-serp-us-ie-20&query={searchTerms}
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {D16712B1-06E5-40C6-BE20-6F6D92D9B613} URL =
SearchScopes: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> {D8009B4E-5E8B-43E8-A566-9ABF0B745A8F} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C011US0D19700101&p={searchTerms}
BHO: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2017-06-14] (Amazon Services LLC -> )
BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files\McAfee\MSK\MSKAPB~1.DLL => No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-04-20] (McAfee, LLC -> McAfee, LLC)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2019-04-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2019-10-15] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: Amazon Assistant -> {0ddcea2a-7b00-4349-8acb-af7ba6da251f} -> C:\Program Files (x86)\Amazon\Amazon Assistant\aaMessenger.dll [2017-06-14] (Amazon Services LLC -> )
BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> C:\Program Files\McAfee\MSK\mskapbho.dll => No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2009-11-27] (Skype Technologies SA -> Skype Technologies S.A.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-04-20] (McAfee, LLC -> McAfee, LLC)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2019-10-15] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2009-11-27] (Skype Technologies SA -> Skype Technologies S.A.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
======
DownloadDir: C:\Users\Steve\Downloads
Edge Notifications: HKU\S-1-5-21-2126779717-1312616141-414031349-1003 -> hxxps://www.facebook.com; hxxps://yourbittorrent2.com
========
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-04-20] [UpdateUrl:hxxps://www.siteadvisor.com/waffinstall/update.json]
FF HKLM\...\Thunderbird\Extensions: [msktbi[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-03-06] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-02-05] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-12] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-05-03] (Adobe Inc. -> Adobe Systems Inc.)
=======
CHR Profile: C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default [2020-04-16]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Extension: (Docs) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-12]
CHR Extension: (YouTube) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-12]
CHR Extension: (Yahoo Partner) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\commhkacjheiacaopdonmodahaoadoln [2020-03-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2020-03-21]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-04-16]
CHR Extension: (Google Docs Offline) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-04-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-04]
CHR Extension: (Gmail) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-16]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [commhkacjheiacaopdonmodahaoadoln]
CHR HKLM-x32\...\Chrome\Extension: [dofoafnmdocgkdphpkdooahjkhpmakjd]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
S4 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [378744 2020-03-31] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6933272 2020-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [916712 2020-04-20] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_1\McApExe.exe [758864 2020-02-05] (McAfee, LLC. -> McAfee, LLC)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.1719\McCHSvc.exe [407088 2020-03-11] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.4.105.0\\McCSPServiceHost.exe [2687856 2020-01-25] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [639048 2020-01-09] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1737992 2020-02-06] (McAfee, LLC -> McAfee, LLC.)
S3 MSSQL$MSSMLBIZ; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation -> Microsoft Corporation)
R2 nordvpn-service; C:\Program Files (x86)\NordVPN\nordvpn-service.exe [237520 2020-04-21] (TEFINCOM S.A. -> )
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1373912 2020-02-04] (McAfee, LLC. -> McAfee, LLC.)
R2 Realtek8723AU; C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe [45784 2013-07-02] (NETGEAR -> Realtek Semiconductor Corp.)
S4 SftService; C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE [1692480 2011-08-18] (Dell Inc -> SoftThinks SAS)
S4 sprtsvc_DellSupportCenter; C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe [206064 2009-05-21] (Dell Inc. -> SupportSoft, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 aftap0901; C:\WINDOWS\System32\drivers\aftap0901.sys [48624 2018-03-06] (AnchorFree Inc -> The OpenVPN Project)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-09-12] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [75896 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-04-17] (Malwarebytes Corporation -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [217912 2019-06-04] (McAfee, LLC -> McAfee, Inc.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [125088 2020-05-09] (Malwarebytes Inc -> Malwarebytes)
R2 McPvDrv; C:\WINDOWS\system32\drivers\McPvDrv.sys [85080 2019-06-04] (McAfee, LLC -> McAfee, LLC.)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [527272 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380840 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85920 2020-01-15] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [521128 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [997800 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [594360 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107960 2019-12-23] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [116856 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252328 2020-01-15] (McAfee, Inc. -> McAfee, LLC)
R3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2020-04-20] (TEFINCOM S.A. -> WireGuard LLC)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2017-10-10] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2018-07-24] (TEFINCOM S.A. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
S3 mfeavfk01; \Device\mfeavfk01.sys [X]
S3 mfeplk01; \Device\mfeplk01.sys [X]
==================== One month (created) ===================
2020-05-14 08:13 - 2020-05-14 08:20 - 000000000 ____D C:\FRST
2020-05-14 08:03 - 2020-05-14 08:03 - 002286080 _____ (Farbar) C:\Users\Steve\Desktop\FRST64.exe
2020-05-12 18:11 - 2020-05-12 18:11 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2020-05-12 18:11 - 2020-05-12 18:11 - 000002285 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2020-05-12 18:11 - 2020-05-12 18:11 - 000002285 _____ C:\ProgramData\Desktop\Google Earth Pro.lnk
2020-05-09 07:31 - 2020-05-09 15:00 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-05-09 07:30 - 2020-05-09 07:30 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-05-09 07:30 - 2020-05-09 07:30 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-05-09 07:30 - 2020-05-09 07:30 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-05-09 07:30 - 2020-05-09 07:30 - 000125088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-04-27 06:42 - 2020-04-27 06:42 - 000002041 _____ C:\Users\Public\Desktop\NordVPN.lnk
2020-04-27 06:42 - 2020-04-27 06:42 - 000002041 _____ C:\ProgramData\Desktop\NordVPN.lnk
2020-04-27 06:42 - 2020-04-27 06:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NordVPN
2020-04-27 06:42 - 2020-04-27 06:42 - 000000000 ____D C:\Program Files (x86)\NordVPN
2020-04-27 06:41 - 2020-04-27 06:41 - 000000000 ____D C:\Program Files\NordVPN network TUN
2020-04-27 06:23 - 2020-04-27 06:23 - 000000000 ____D C:\Users\Steve\AppData\Local\IsolatedStorage
2020-04-24 21:28 - 2020-05-03 18:54 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\Mozilla
2020-04-24 21:28 - 2020-04-24 21:28 - 000000952 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2020-04-24 21:28 - 2020-04-24 21:28 - 000000904 _____ C:\Users\Steve\Desktop\Start Tor Browser.lnk
2020-04-24 21:28 - 2020-04-24 21:28 - 000000000 ____D C:\Users\Steve\Desktop\Tor Browser
2020-04-24 07:27 - 2020-04-24 07:27 - 000000000 ___RD C:\Users\Steve\Downloads\325289AEDD75.TorrentRTFREE_qtx9tqphctw9r!App
2020-04-23 17:58 - 2020-04-27 06:42 - 000000000 ____D C:\Users\Steve\AppData\Local\NordVPN
2020-04-23 17:58 - 2020-04-23 17:58 - 000000000 ____D C:\ProgramData\NordVPN
2020-04-23 17:58 - 2020-04-23 17:58 - 000000000 ____D C:\ProgramData\Caphyon
2020-04-23 17:57 - 2020-04-23 17:57 - 000000000 ____D C:\Program Files (x86)\NordVPN network TAP
2020-04-21 10:30 - 2020-04-21 10:30 - 000000000 ___HD C:\OneDriveTemp
2020-04-20 06:00 - 2020-04-20 06:00 - 000039360 _____ (WireGuard LLC) C:\WINDOWS\system32\Drivers\nlwt.sys
2020-04-16 18:59 - 2020-04-16 18:59 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 022636544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 019850240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 018027520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 007756800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 006523048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 005910016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 004611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 004538880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 004129624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 003512320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 002951832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 002800640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 002800128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-04-16 18:59 - 2020-04-16 18:59 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 002180408 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001870408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001729024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001665216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001484384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001413840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001397576 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 001310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001151816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001077064 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 001013000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001009152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000783480 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 000775696 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 000768528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000673464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000628616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000420152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-04-16 18:59 - 2020-04-16 18:59 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000268008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-04-16 18:59 - 2020-04-16 18:59 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3api.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3msm.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumapi.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumapi.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimg32.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-04-16 18:59 - 2020-04-16 18:59 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-04-16 18:58 - 2020-04-16 18:58 - 009930552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 007604584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 005040640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 004563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 003802624 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 003729408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 003587384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 003109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 002767928 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 002717184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 002453504 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 002131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 002086656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001999960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001764336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001656904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001646048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001612800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001603584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000982840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 000822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000510792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000441144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-04-16 18:58 - 2020-04-16 18:58 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000339304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3svc.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateDeploymentProvider.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcDecoderHost.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000127280 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3msm.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3api.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000058880 _____ C:\WINDOWS\system32\runexehelper.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiredNetworkCSP.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicPS.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsunattend.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\pacjsworker.exe
2020-04-16 18:58 - 2020-04-16 18:58 - 000008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimg32.dll
2020-04-16 18:58 - 2020-04-16 18:58 - 000003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2020-04-16 18:13 - 2020-04-16 18:14 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-04-16 18:13 - 2020-04-16 18:14 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2020-05-14 08:11 - 2019-03-18 22:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-05-14 08:04 - 2019-03-18 22:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-05-14 07:02 - 2019-08-10 01:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-05-14 06:58 - 2019-03-18 22:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-05-14 06:44 - 2019-08-10 02:02 - 000004152 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{8B40685A-D79D-4276-AA7C-A6D93E75798D}
2020-05-14 06:41 - 2018-10-25 15:12 - 000000000 ____D C:\Program Files (x86)\Steam
2020-05-14 06:39 - 2016-07-07 07:08 - 000000000 ___RD C:\Users\Steve\OneDrive
2020-05-14 06:38 - 2018-09-18 19:24 - 000000000 __RSD C:\Users\Steve\Documents\McAfee Vaults
2020-05-13 12:56 - 2019-08-10 02:02 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2020-05-12 19:59 - 2017-03-02 16:20 - 000002138 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-05-12 18:11 - 2015-07-10 19:20 - 000000000 ____D C:\Program Files (x86)\Google
2020-05-11 15:09 - 2019-03-18 22:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-05-11 08:39 - 2019-12-21 09:18 - 000003242 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForSteve
2020-05-11 08:39 - 2019-12-21 09:18 - 000000350 _____ C:\WINDOWS\Tasks\HPCeeScheduleForSteve.job
2020-05-09 15:39 - 2019-08-10 01:41 - 000000000 ____D C:\Users\Steve
2020-05-09 15:00 - 2019-08-10 02:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-05-09 07:31 - 2020-03-11 18:14 - 000000000 ____D C:\Users\Steve\AppData\LocalLow\IGDump
2020-05-08 19:09 - 2019-03-18 22:37 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2020-05-07 19:35 - 2017-03-02 16:21 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-05-07 19:35 - 2017-03-02 16:21 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-05-07 19:35 - 2017-03-02 16:21 - 000002262 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-05-05 12:48 - 2020-01-28 00:29 - 000001281 _____ C:\Users\Steve\Desktop\Facebook Gameroom.lnk
2020-05-05 12:48 - 2020-01-28 00:29 - 000000000 ____D C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2020-05-05 12:45 - 2016-11-28 12:32 - 000000000 ____D C:\Users\Steve\AppData\Local\Facebook
2020-05-01 08:37 - 2019-08-10 02:02 - 000003364 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2126779717-1312616141-414031349-1003
2020-05-01 08:37 - 2019-08-10 01:41 - 000002405 _____ C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-04-29 19:47 - 2019-08-10 02:02 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2020-04-27 06:43 - 2019-03-18 22:50 - 000000000 ____D C:\WINDOWS\INF
2020-04-24 07:26 - 2018-09-20 18:14 - 000000000 ____D C:\Users\Steve\AppData\Local\PlaceholderTileLogoFolder
2020-04-24 07:26 - 2017-12-09 13:39 - 000000000 ____D C:\Users\Steve\AppData\Local\Packages
2020-04-18 06:41 - 2019-08-10 02:02 - 000004586 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player PPAPI Notifier
2020-04-18 06:41 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-04-18 06:41 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-04-18 06:40 - 2015-06-11 20:53 - 000000000 ____D C:\Users\Steve\AppData\Local\Adobe
2020-04-17 07:34 - 2019-07-17 21:04 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-04-17 06:29 - 2019-08-10 01:52 - 000972220 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-04-17 06:21 - 2019-08-10 01:30 - 000502944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-04-16 23:46 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-04-16 23:46 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\system32\migwiz
2020-04-16 23:46 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-04-16 23:46 - 2019-03-18 22:52 - 000000000 ____D C:\WINDOWS\bcastdvr
Ran by Steve (14-05-2020 08:23:29)
Running from C:\Users\Steve\Desktop
Windows 10 Home Version 1909 18363.778 (X64) (2019-08-10 08:03:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
DefaultAccount (S-1-5-21-2126779717-1312616141-414031349-503 - Limited - Disabled)
Guest (S-1-5-21-2126779717-1312616141-414031349-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2126779717-1312616141-414031349-1005 - Limited - Enabled)
Steve (S-1-5-21-2126779717-1312616141-414031349-1003 - Administrator - Enabled) => C:\Users\Steve
WDAGUtilityAccount (S-1-5-21-2126779717-1312616141-414031349-504 - Limited - Disabled)
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}
FW: McAfee Firewall (Enabled) {CEB92439-04C2-6B62-DF3F-10F42A719C72}
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.009.20063 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe)
Amazon Assistant (HKLM-x32\...\{3BBC4F87-1F46-431F-A5DB-AFB28F692775}) (Version: 10.17.0612 - Amazon) <==== ATTENTION
Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM-x32\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM\...\{C73A3942-84C8-4597-9F9B-EE227DCBA758}) (Version: 2.0 - Stardock Corporation) Hidden
Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
DirectXInstallService (HKLM-x32\...\{098122AB-C605-4853-B441-C0A4EB359B75}) (Version: 9.0.2 - Roxio) Hidden
EMC 10 Content (HKLM-x32\...\{FDB46DE7-9045-47BB-970A-3E4ED5369E03}) (Version: 1.0.035 - Roxo, Inc.) Hidden
EMCGadgets64 (HKLM\...\{02AD9D20-03D2-4DE0-8793-E8253026AD86}) (Version: 1.0.302 - Sonic) Hidden
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 81.0.4044.138 - Google LLC)
Google Earth Pro (HKLM-x32\...\{7A3374DE-3D99-4BD9-9FE8-A76498632D98}) (Version: 7.3.3.7699 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
GoTo Opener (HKLM-x32\...\{665DF231-32BE-46BA-ABD2-B0D69F8314FF}) (Version: 1.0.494 - LogMeIn, Inc.)
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 9.1.0.615 - Citrix Online, a division of Citrix Systems, Inc.)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
HP Dropbox Plugin (HKLM-x32\...\{EF65265C-816D-4992-A8CC-C91CDEC9ED33}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{858E7C53-B406-4798-B4CA-761420FF2B5F}) (Version: 43.0.0.0 - HP)
HP ENVY Photo 7100 series Basic Device Software (HKLM\...\{16D8C168-238A-4BEB-9A76-B82EEF4E0D51}) (Version: 44.4.2678.1977 - HP Inc.)
HP ENVY Photo 7100 series Help (HKLM-x32\...\{044AF040-9AF7-4B0A-ABB5-302B9D6A8155}) (Version: 44.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{07DA4F28-63FA-43F7-A554-B159E9A7E649}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF634681-E024-430C-AFF2-B9EE43A7E452}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{1E191DFB-7B91-4B11-AB95-884D59ECE599}) (Version: 36.0.0.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP SharePoint Plugin (HKLM-x32\...\{1ED7BE66-39E7-4A65-8EEF-68CE80F3416C}) (Version: 43.0.0.0 - HP)
HP Support Assistant (HKLM-x32\...\{4AAC4B07-77EF-4BCF-88DC-D24E4DE683E8}) (Version: 8.8.24.33 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{3D16A9C5-8107-4EBB-B988-08CD363A9D0F}) (Version: 12.15.14.3 - HP Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.0.1006 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R24 - McAfee, LLC.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.1719.1 - McAfee, LLC)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.92 - McAfee, LLC.)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90A40409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Professional Plus 2013 - en-us (HKLM\...\ProPlusRetail - en-us) (Version: 15.0.5207.1000 - Microsoft Corporation)
Microsoft Office Small Business 2007 (HKLM-x32\...\SMALLBUSINESSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM-x32\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2126779717-1312616141-414031349-1003\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\...\OneDriveSetup.exe) (Version: 20.052.0311.0011 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower) Hidden
Multimedia Card Reader (HKLM-x32\...\InstallShield_{9F0A32A5-4EBF-4B9D-A3CD-31579F2E1400}) (Version: 1.4.915.1 - Fitipower)
NETGEAR A6100 Genie (HKLM-x32\...\{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.36 - NETGEAR) Hidden
NETGEAR A6100 Genie (HKLM-x32\...\InstallShield_{15D27BA3-6CCD-4848-8925-07EF083492AD}) (Version: 1.0.0.36 - NETGEAR)
NordVPN (HKLM-x32\...\{A87972CF-28AE-43DD-ACB5-16EBD1ED70C3}) (Version: 6.29.7 - NordVPN) Hidden
NordVPN (HKLM-x32\...\NordVPN 6.29.7) (Version: 6.29.7 - NordVPN)
NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN)
NordVPN network TUN (HKLM\...\{77DA107A-7AE4-497D-A84A-B143C3A21676}) (Version: 1.0.0 - NordVPN)
NVIDIA PhysX (HKLM-x32\...\{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}) (Version: 9.09.0814 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.5207.1000 - Microsoft Corporation) Hidden
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.6029 - CyberLink Corp.)
Product Improvement Study for HP ENVY Photo 7100 series (HKLM\...\{F10CFC4B-5353-43C0-9953-ABC58D0F9FDE}) (Version: 44.4.2678.1977 - HP Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5953 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\{08B3869E-D282-424C-9AFC-870E04A4BA14}) (Version: 1.00.0000 - Rockstar Games)
Roxio Easy CD and DVD Burning (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Roxio File Backup (HKLM\...\{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}) (Version: 1.3.0 - Roxio) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4036 - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (HKLM-x32\...\{8D337F77-BE7F-41A2-A7CB-D5A63FD7049B}) (Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
VD64Inst (HKLM\...\{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
=========
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.167.200.0_x86__kgqvnymyfvs32 [2020-05-06] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_110.1.728.0_x64__v10z8vjag6ke6 [2020-04-15] (HP Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-16] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.5012.0_x64__8wekyb3d8bbwe [2020-05-02] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.36.20714.0_x64__8wekyb3d8bbwe [2020-03-25] (Microsoft Corporation) [MS Ad]
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-20] (Microsoft Corporation)
Torrent RT FREE -> C:\Program Files\WindowsApps\325289AEDD75.TorrentRTFREE_1.1.12.0_x64__qtx9tqphctw9r [2020-04-24] (Vlasenko Bros.) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-20] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2016-07-08] (Microsoft Corporation)
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2019-08-15] (Microsoft Corporation)
ContextMenuHandlers1: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions -> Sonic Solutions)
ContextMenuHandlers2: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions -> Sonic Solutions)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2020-02-05] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers6: [RXDCExtSvr] -> {0FB82570-BB2D-23D3-8D3B-AC2F34F1FA3C} => c:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt64.dll [2009-06-26] (Sonic Solutions -> Sonic Solutions)
2020-05-01 10:23 - 2020-05-01 10:23 - 001184256 _____ ( () [File not signed]) [File is in use ] C:\Users\Steve\AppData\Local\Facebook\Games\CefSharp.Core.dll
2009-05-21 07:59 - 2009-05-21 07:59 - 000024464 _____ ( (SupportSoft, Inc. -> SupportSoft, Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.dll
2009-05-21 07:59 - 2009-05-21 07:59 - 000040848 _____ ( (SupportSoft, Inc. -> SupportSoft, Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\Dell Support Center\bin\SupportSoft.Agent.Sprocket.SupportMessage.dll
2009-05-21 07:59 - 2009-05-21 07:59 - 000073728 _____ ( (SupportSoft, Inc.) [File not signed]) [File is in use ] C:\Program Files (x86)\Dell Support Center\bin\sprtmessage.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 071641088 _____ () [File not signed] C:\Users\Steve\AppData\Local\Facebook\Games\libcef.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000078848 _____ () [File not signed] C:\Users\Steve\AppData\Local\Facebook\Games\libegl.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 003149824 _____ () [File not signed] C:\Users\Steve\AppData\Local\Facebook\Games\libglesv2.dll
2010-05-06 09:16 - 2009-10-15 12:32 - 000021504 _____ (Creative Technology Ltd.) [File not signed] C:\Windows\system32\EptMon64.dll
2010-05-06 09:16 - 2009-10-15 12:38 - 000017920 _____ (Creative Technology Ltd.) [File not signed] C:\Windows\system32\THXCfg64.dll
2010-05-06 09:07 - 2009-12-29 15:35 - 001060864 ____N (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\PowerDVD DX\MFC71.DLL
2010-05-06 09:07 - 2009-12-29 15:35 - 000499712 ____N (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\PowerDVD DX\MSVCP71.dll
2010-05-06 09:07 - 2009-12-29 15:35 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files (x86)\CyberLink\PowerDVD DX\MSVCR71.dll
2009-05-21 07:59 - 2009-05-21 07:59 - 001069056 _____ (SupportSoft, Inc.) [File not signed] C:\Program Files (x86)\Dell Support Center\bin\LIBEAY32.dll
2020-05-01 10:23 - 2020-05-01 10:23 - 000433664 _____ (The Chromium Authors) [File not signed] C:\Users\Steve\AppData\Local\Facebook\Games\chrome_elf.dll
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
0.0.0.1 mssplus.mcafee.com
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064214314\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064214501\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2126779717-1312616141-414031349-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2126779717-1312616141-414031349-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064215017\Control Panel\Desktop\\Wallpaper -> C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2126779717-1312616141-414031349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064217782\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2126779717-1312616141-414031349-1012-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064218485\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05142020064214689\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Amazon Assistant Service => 2
MSCONFIG\Services: ClientAnalyticsService => 3
MSCONFIG\Services: DockLoginService => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: GoToAssist => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: mcbootdelaystartsvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 3
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: RoxMediaDB10 => 3
MSCONFIG\Services: SftService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: sprtsvc_DellSupportCenter => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: stllssvr => 3
MSCONFIG\startupfolder: C:^Users^Steve^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
FirewallRules: [{048E09C7-5FF0-489B-BAF8-862694153206}] => (Allow) C:\Users\Steve\AppData\Local\Temp\7zS354B\HPDiagnosticCoreUI.exe => No File
FirewallRules: [{7B67A2A7-E1B2-43E3-B04F-EA6866EB6FE4}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\HPNetworkCommunicatorCom.exe (HP Inc -> HP Inc.)
FirewallRules: [{7E309907-1D23-45D4-AAA6-AF4A8F59F173}] => (Allow) LPort=5357
FirewallRules: [{9AE51D12-511C-48A9-86B5-5437AA81EACE}] => (Allow) C:\Program Files\HP\HP ENVY Photo 7100 series\Bin\DeviceSetup.exe (HP Inc -> HP Inc.)
FirewallRules: [{3A04430D-0EFC-4329-8CDA-E2E0D76BCADB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{D7BAC63E-96A9-4C19-8581-DEA233266485}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto San Andreas\gta-sa.exe () [File not signed]
FirewallRules: [{9303D8F9-DF2A-4F1C-AE27-E2729012B5F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{6DAA56C1-277E-4BE3-8FAF-6209D3C59443}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe (Bethesda Softworks -> Bethesda Softworks, Obsidian Entertainment)
FirewallRules: [{1B8C8418-7092-4A17-9E8A-0519D2F1DFFD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6AF5DD61-3A29-49A6-8BE7-6383ED0CF426}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{058AC763-BA7E-4D70-BE32-895F21015C21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{3D0A9E24-8A38-4041-85FB-6D28D19C5900}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Return to Castle Wolfenstein\WolfMP.exe () [File not signed]
FirewallRules: [{A719F3A2-F23D-4540-AF4D-5196BCC3B785}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{36BDD945-20C2-4DFE-9BBB-D12A1C89C46C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Return to Castle Wolfenstein\WolfSP.exe () [File not signed]
FirewallRules: [{2E841706-E345-43DB-8945-A75AAE8F0F3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe => No File
FirewallRules: [{ABBF6AA7-936B-4A8E-AA77-E5FD3A8DFD69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis 2 Game of the Year\bin32\Crysis2Launcher.exe => No File
FirewallRules: [{EF884D64-CB4D-493F-9202-8636C5FED3EA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{9E69E0B7-9551-4F0A-8B5B-9DAC57AD90A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe (Valve -> )
FirewallRules: [{5F043165-204D-45AF-90EF-8BE8DBAE4AAD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{EDF65F4E-F146-4F2C-A2FF-C5921C3043AD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe => No File
FirewallRules: [{1ECDDE05-B09C-411B-8287-A41CADACD4D9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A0CC7100-6542-4392-987A-09BB1CDBDFFE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{6D62E83E-5D3D-4DD8-998C-7A9A9BAFA153}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{D93AF924-9EF3-4F25-914A-38B88701C160}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd -> Piriform Ltd)
FirewallRules: [{FB9EDA76-53EA-4C1B-B8AC-5B87CB558736}] => (Allow) C:\Users\Steve\AppData\Local\Temp\7zS428A\HP.EasyStart.exe => No File
FirewallRules: [{D80D20DE-E26C-4C53-9B1E-1F6AA03F0F80}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{7B91679E-A0B3-441B-B79F-85F67B003DC0}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [UDP Query User{ECB6991E-C966-4E8F-9A2B-CA963C36326C}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [TCP Query User{7E337C97-2529-4F5D-948A-49E83712CA18}C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\rockstar games\grand theft auto iv\gtaiv.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{D09492D7-8790-4B64-8E3A-AAE29ECD8AAA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0717CA3B-45BB-46DA-92EF-C22A25764015}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{47FD41E5-C370-4E0A-99FD-01CC339CD7C1}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{A62F5D17-6035-4A90-890E-C69EFD12EE87}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{8CBCB993-B44E-4D5C-9509-BA197A8556A0}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{DC66297B-F748-4457-B8AB-D0B6E181E16F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{05FD4A43-2A69-4CFF-892A-6628172EF025}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.)
FirewallRules: [{84EBCE59-E8C2-4C36-AE73-BAAD296CE789}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG -> Sony DADC Austria AG) [File not signed]
FirewallRules: [{68D60C25-04C7-49DC-B08C-06BD91BEDCD8}] => (Allow) C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (Sony DADC Austria AG -> Sony DADC Austria AG) [File not signed]
FirewallRules: [{D780303B-4D77-4303-839A-F4DA8511FA99}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{1D1BD262-6155-4BD1-A217-32350A3A77A6}] => (Allow) C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.)
FirewallRules: [{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe => No File
FirewallRules: [{91B40DB7-D83C-4029-B7BF-A058BC59C1D0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE7EE797-1903-4AEA-9E5E-CE3A078DE523}] => (Allow) C:\WINDOWS\system32\svchost.exe (Microsoft Windows Publisher -> Microsoft Corporation)
FirewallRules: [{3CB4AEE4-9EFC-495B-AE6E-302F5555CABA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{3E7D93D7-5119-4EE5-BCC2-7D674CA5801C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BEA8B30F-A285-4C2B-A0AA-EB77F954C4C1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{2F641C97-940F-4A69-88D9-CCA7A2E0336B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{97DB2482-2176-48D0-911E-269EE1FD4EAA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25700504-E82F-4049-A074-B29F5B88DC7F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9837606A-315A-4E6E-9D6A-A8D57C82CEED}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF5F9CD4-351F-469F-A579-A66BA218A56B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{58A85BD9-4790-485A-96FC-4D131B40CE7D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
10-05-2020 19:02:28 Windows Backup
14-05-2020 06:57:02 Windows Update
Description: Unknown USB Device (Port Reset Failed)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: ========================
==================
Error: (05/14/2020 08:24:38 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (9204,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: The program SystemSettings.exe version 10.0.18362.628 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: The program MicrosoftEdge.exe version 11.0.18362.752 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: The program MicrosoftEdgeCP.exe version 11.0.18362.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Description: Faulting application name: A6100.exe, version: 1.0.0.36, time stamp: 0x5a9f54e3
Faulting module name: RtlIhvOid.dll, version: 1.1033.704.2013, time stamp: 0x51d4df6c
Exception code: 0xc000000d
Fault offset: 0x0001966d
Faulting process id: 0x4b08
Faulting application start time: 0x01d629ec84b4174f
Faulting application path: C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
Faulting module path: C:\Program Files (x86)\NETGEAR\A6100\RtlIhvOid.dll
Report Id: 6f067ce3-26cb-4ec1-8607-3ee54152b241
Faulting package full name:
Faulting package-relative application ID:
Description: Faulting application name: svchost.exe_WpnUserService, version: 10.0.18362.1, time stamp: 0x32d6c210
Faulting module name: wpnuserservice.dll, version: 10.0.18362.1, time stamp: 0xea13e855
Exception code: 0xc0000409
Fault offset: 0x0000000000008596
Faulting process id: 0x3b78
Faulting application start time: 0x01d62959a8866957
Faulting application path: C:\WINDOWS\system32\svchost.exe
Faulting module path: c:\windows\system32\wpnuserservice.dll
Report Id: 36ed5c4d-05bc-4a7d-96f8-64533c204497
Faulting package full name:
Faulting package-relative application ID:
Description: svchost (22044,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
System errors:
=============
Error: (05/13/2020 10:21:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek8723AU service.
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_3368612a with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
Description: The GameDVR and Broadcast User Service_3368612a service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Description: A timeout was reached (30000 milliseconds) while waiting for the GameDVR and Broadcast User Service_3368612a service to connect.
Description: The IPv6 TCP/IP interface with index 14 failed to bind to its provider.
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjxtspbn4351hrtx8tc95e89kaz3h2f1f.mca did not register with DCOM within the required timeout.
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Realtek8723AU service.
Description: DCOM got error "1053" attempting to start the service BcastDVRUserService_30c479fe with arguments "Unavailable" in order to run the server:
Windows.Media.Capture.Internal.AppCaptureShell
CodeIntegrity:
===================================
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Motherboard: Dell Inc. 0T568R
Processor: Intel® Core i5 CPU 650 @ 3.20GHz
Percentage of memory in use: 77%
Total physical RAM: 3959.07 MB
Available physical RAM: 873.28 MB
Total Virtual: 10273.86 MB
Available Virtual: 3465.87 MB
Drive k: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:201.16 GB) NTFS
Disk: 0 (Size: 596.2 GB) (Disk ID: C796C701)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=10.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=586 GB) - (Type=07 NTFS)
Disk: 2 (Size: 931.5 GB) (Disk ID: 05B730D7)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)