My oversight. I thought I had followed your directions to the letter. I have gone back and verified the switch is not set.
Removed the noted items. She uses Yahoo! E-mail services through a browser.
Attached Logitech camera 720. The camera was the issue that she called me over to assist and while I was there, mess up the machine. Ihe camera software connected and I could see video through the app. When I went to the MS camera app, I received a warning the camera error. This was the same error when I tried to switch camera's (Monitor mounted camera that came with the document, and the USB Logitech) in the beginning. She does not want to use the Monitor camera. After launching Pall Talk, I was not able to switch cameras. I was able to last year. So I disabled the Monitor camera and enabled the Logitech. That is after verifying the Logitech was up to date with its driver. I still have issue with the MS Camera app, it is slow, and an extremely long time to cycle, I had to restart the equipment with the power switch as the keyboard stopped and the mouse moved but the clicks did not respond.
Pal Talk had to restart (on its own) three or four times before it became stable to use. I had trouble getting the video to run is rooms after the main lobby. I think it is now working. Correctly with the Monitor camera disabled.
It is nice to have stopped the ads from popping up on the right corner, and it appears to run okay.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-06-2020
Ran by HP Pavilion (administrator) on HPPAVILION (Hewlett-Packard 20-b010) (27-06-2020 16:56:14)
Running from C:\Users\HP Pavilion\Desktop
Loaded Profiles: HP Pavilion
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(A.V.M. SOFTWARE, INC. -> AVM Software) C:\Program Files (x86)\Paltalk\update\pt_update_service.exe
(Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <6>
(Logitech -> Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\System32\WirelessKB850NotificationService.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\Camera\Camera.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\WINDOWS\System32\atiesrxx.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2013-11-19] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942232 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\Run: [Chromium] => "c:\users\hp pavilion\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\Run: [Paltalk] => C:\Program Files (x86)\Paltalk\PALTALK.exe [27532728 2020-05-19] (A.V.M. SOFTWARE, INC. -> AVM Software)
HKU\S-1-5-18\...\Run: [Paltalk] => C:\Program Files (x86)\Paltalk\Paltalk.exe [27532728 2020-05-19] (A.V.M. SOFTWARE, INC. -> AVM Software)
HKLM\...\Print\Monitors\HP 7112 Status Monitor: C:\WINDOWS\system32\hpinksts7112LM.dll [328704 2014-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [355840 2012-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-25] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\Users\HP Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk [2019-03-21]
ShortcutTarget: PalTalk.lnk -> C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (No File)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {145EF7F4-ECD0-4CD6-B44D-E92EFEB7BDDB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {426C84D3-5DF0-4CC8-9486-251CC5F877B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {69A9BED9-2695-4FA6-ABEF-DB9C7F40DC6B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {7604A2BD-B1C7-4591-A0BB-AFA960B6026A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {8447F5E5-2A40-44ED-869F-2FD08F7AF3E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8CA68387-B3CC-41B5-88D5-240C7A3E7715} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN49ADX0R9_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9B50E759-DC50-4D5E-9238-094637C3F75D} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\HP Pavilion\Desktop\esetonlinescanner.exe [14827616 2020-06-25] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {BD0AA599-1290-4C17-8F27-F39B7AED26EB} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\HP Pavilion\Desktop\esetonlinescanner.exe [14827616 2020-06-25] (ESET, spol. s r.o. -> ESET spol. s r.o.)
Task: {C2D92648-7FFA-4B4E-BE32-ABCB7F598804} - System32\Tasks\{A7827154-50C7-4867-ADFD-1E8E30D0C7A2} => "c:\program files\internet explorer\iexplore.exe" hxxps://ui.skype.com/ui/0/7.33.0.105/en/abandoninstall?source=lightinstaller&page=tsMain
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CA019DD0-822D-49E1-A2FF-1991CECD8F38} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {DCB2E700-2511-45D2-B218-AE8BA4967108} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968 2011-08-30] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{29B5CF79-3278-41A1-86F5-B3673D2C956F}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CBC4812E-DD0B-4C8B-9F7F-46C2962A294B}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.msn.com/?PC=UF01
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK13/1
SearchScopes: HKU\S-1-5-21-176138252-3860332429-2761773572-1018 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc. -> Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
Chrome:
=======
CHR Profile: C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default [2020-06-27]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Slides) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-19]
CHR Extension: (Docs) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-19]
CHR Extension: (Google Drive) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-27]
CHR Extension: (YouTube) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-27]
CHR Extension: (Google Search) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-27]
CHR Extension: (Sheets) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-19]
CHR Extension: (Google Docs Offline) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-06-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-05]
CHR Extension: (Gmail) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29]
CHR Extension: (Chrome Media Router) - C:\Users\HP Pavilion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-06-16]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [239616 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed] [File is in use]
S2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard Company -> Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2468496 2013-11-19] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech -> Logitech, Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4477576 2018-06-18] (Logitech Inc -> Logitech)
R2 paltalk_update_service; C:\Program Files (x86)\Paltalk\update\pt_update_service.exe [1229688 2019-08-25] (A.V.M. SOFTWARE, INC. -> AVM Software)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WirelessKB850NotificationService; C:\WINDOWS\system32\WirelessKB850NotificationService.exe [176632 2018-05-14] (Microsoft Corporation -> Microsoft Corporation)
S2 HP Support Assistant Service; "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [13209088 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [626688 2014-07-21] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink -> CyberLink)
R3 dc3d; C:\WINDOWS\System32\drivers\dc3d.sys [47616 2011-05-18] (Hardware Group Test Cert -> Microsoft Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [196456 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73368 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-06-16] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [131728 2020-06-27] (Malwarebytes Inc -> Malwarebytes)
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2505904 2013-12-04] (Mediatek Inc. -> Ralink Technology, Corp.)
R3 usbfilter; C:\WINDOWS\System32\drivers\usbfilter.sys [56448 2012-03-30] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49336 2018-03-11] (Microsoft Corporation -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-27 16:56 - 2020-06-27 16:57 - 000015826 _____ C:\Users\HP Pavilion\Desktop\FRST.txt
2020-06-27 16:45 - 2020-06-27 16:45 - 000196456 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-06-27 16:45 - 2020-06-27 16:45 - 000131728 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-06-27 16:45 - 2020-06-27 16:45 - 000073368 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-06-25 16:49 - 2020-06-25 16:50 - 000003732 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onLogOn
2020-06-25 16:49 - 2020-06-25 16:50 - 000003292 _____ C:\WINDOWS\system32\Tasks\EOSv3 Scheduler onTime
2020-06-25 16:49 - 2020-06-25 16:49 - 000006872 _____ C:\Users\HP Pavilion\Desktop\eset.txt
2020-06-25 11:53 - 2020-06-27 16:13 - 000000000 ____D C:\Users\HP Pavilion\AppData\Local\ESET
2020-06-25 11:53 - 2020-06-25 11:53 - 000000565 _____ C:\Users\HP Pavilion\Desktop\ESET Online Scanner.lnk
2020-06-25 11:51 - 2020-06-25 11:52 - 014827616 _____ (ESET spol. s r.o.) C:\Users\HP Pavilion\Desktop\esetonlinescanner.exe
2020-06-22 07:49 - 2020-06-25 11:42 - 000000000 ____D C:\AdwCleaner
2020-06-22 07:47 - 2020-06-22 07:48 - 008402608 _____ (Malwarebytes) C:\Users\HP Pavilion\Desktop\AdwCleaner.exe
2020-06-21 22:44 - 2020-06-21 23:01 - 000019112 _____ C:\Users\HP Pavilion\Desktop\Fixlog.txt
2020-06-20 11:33 - 2020-06-27 16:55 - 000000000 ____D C:\Users\HP Pavilion\Desktop\FRST-OlderVersion
2020-06-20 11:03 - 2020-06-20 11:04 - 012770472 _____ (Symantec Corporation) C:\Users\HP Pavilion\Desktop\NRnR.exe
2020-06-20 09:13 - 2020-06-20 09:13 - 000001093 _____ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2020-06-20 09:13 - 2020-06-20 09:13 - 000001093 _____ C:\ProgramData\Desktop\Revo Uninstaller Pro.lnk
2020-06-20 09:13 - 2020-06-20 09:13 - 000000000 ____D C:\Users\HP Pavilion\AppData\Local\VS Revo Group
2020-06-20 09:13 - 2020-06-20 09:13 - 000000000 ____D C:\ProgramData\VS Revo Group
2020-06-20 09:13 - 2020-06-20 09:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2020-06-20 09:13 - 2020-06-20 09:13 - 000000000 ____D C:\Program Files\VS Revo Group
2020-06-20 09:13 - 2016-12-21 14:52 - 000040240 _____ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2020-06-20 09:11 - 2020-06-20 09:11 - 016926296 _____ (VS Revo Group ) C:\Users\HP Pavilion\Desktop\RevoUninProSetup.exe
2020-06-16 15:03 - 2020-06-27 16:57 - 000000000 ____D C:\FRST
2020-06-16 14:48 - 2020-06-27 16:55 - 002291200 _____ (Farbar) C:\Users\HP Pavilion\Desktop\FRST64.exe
2020-06-16 14:25 - 2020-06-16 14:26 - 000000000 ____D C:\Users\HP Pavilion\Downloads\priortoMalware
2020-06-16 12:55 - 2020-06-01 11:03 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-06-16 12:55 - 2020-06-01 11:03 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-06-16 09:43 - 2020-06-27 16:45 - 000000000 ____D C:\Users\HP Pavilion\AppData\LocalLow\IGDump
2020-06-16 09:42 - 2020-06-16 09:42 - 000000000 ____D C:\Users\HP Pavilion\AppData\Local\mbam
2020-06-16 09:41 - 2020-06-16 09:41 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-06-16 09:41 - 2020-06-16 09:41 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-06-16 09:41 - 2020-06-16 09:41 - 000001976 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2020-06-16 09:41 - 2020-06-16 09:41 - 000001964 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-06-16 09:41 - 2020-06-16 09:41 - 000001964 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-06-16 09:41 - 2020-06-16 09:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-06-16 09:40 - 2020-06-16 09:40 - 000000000 ____D C:\Program Files\Malwarebytes
2020-06-16 09:40 - 2020-06-16 09:40 - 000000000 ____D C:\Malwarebytes
2020-06-16 09:38 - 2020-06-16 09:38 - 000000000 ____D C:\Users\HP Pavilion\AppData\Roaming\Logitech
2020-06-16 09:38 - 2020-06-16 09:38 - 000000000 ____D C:\Users\HP Pavilion\AppData\Roaming\Logishrd
2020-06-16 09:06 - 2020-06-16 09:06 - 000000000 ____D C:\Program Files\KeyboardNotification
2020-06-10 18:09 - 2020-06-10 18:09 - 000001369 _____ C:\Users\HP Pavilion\Desktop\Logitech HD Webcam C270 - Shortcut.lnk
2020-06-10 10:34 - 2020-05-27 16:06 - 022364856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-10 10:34 - 2020-05-20 05:48 - 025755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-06-10 10:34 - 2020-05-20 04:00 - 020291584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-10 10:34 - 2020-05-09 20:17 - 014533120 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-10 10:33 - 2020-06-01 22:18 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-10 10:33 - 2020-06-01 21:44 - 001489408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2020-06-10 10:33 - 2020-06-01 21:43 - 001464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2020-06-10 10:33 - 2020-06-01 21:35 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-10 10:33 - 2020-06-01 21:27 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2020-06-10 10:33 - 2020-06-01 21:25 - 001204736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2020-06-10 10:33 - 2020-06-01 20:59 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-10 10:33 - 2020-06-01 20:47 - 001684992 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-10 10:33 - 2020-05-29 19:54 - 004168192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-10 10:33 - 2020-05-29 19:30 - 000129024 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-10 10:33 - 2020-05-29 18:41 - 001368576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-10 10:33 - 2020-05-27 16:06 - 019796328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-10 10:33 - 2020-05-20 08:25 - 001384648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-10 10:33 - 2020-05-20 08:21 - 007362312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-10 10:33 - 2020-05-20 08:21 - 002170784 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-10 10:33 - 2020-05-20 08:21 - 001662512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2020-06-10 10:33 - 2020-05-20 08:21 - 001062344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-10 10:33 - 2020-05-20 08:20 - 001135696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2020-06-10 10:33 - 2020-05-20 08:20 - 000806200 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-10 10:33 - 2020-05-20 05:27 - 002911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-06-10 10:33 - 2020-05-20 05:25 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-10 10:33 - 2020-05-20 05:13 - 005499392 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-10 10:33 - 2020-05-20 05:13 - 000785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-10 10:33 - 2020-05-20 04:56 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-10 10:33 - 2020-05-20 04:52 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-10 10:33 - 2020-05-20 04:50 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-10 10:33 - 2020-05-20 04:44 - 001124800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-10 10:33 - 2020-05-20 04:40 - 001560272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-10 10:33 - 2020-05-20 04:40 - 001214720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2020-06-10 10:33 - 2020-05-20 04:40 - 000548440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-10 10:33 - 2020-05-20 04:39 - 000614056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-10 10:33 - 2020-05-20 04:37 - 015478784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-10 10:33 - 2020-05-20 04:37 - 000809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2020-06-10 10:33 - 2020-05-20 04:35 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2020-06-10 10:33 - 2020-05-20 04:34 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-10 10:33 - 2020-05-20 04:26 - 001756672 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-10 10:33 - 2020-05-20 04:23 - 004859392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-06-10 10:33 - 2020-05-20 04:12 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-06-10 10:33 - 2020-05-20 04:01 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-10 10:33 - 2020-05-20 03:53 - 000861696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2020-06-10 10:33 - 2020-05-20 03:44 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-10 10:33 - 2020-05-20 03:40 - 002304000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-06-10 10:33 - 2020-05-20 03:34 - 000653824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-10 10:33 - 2020-05-20 03:21 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-10 10:33 - 2020-05-20 03:18 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-10 10:33 - 2020-05-20 03:16 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-10 10:33 - 2020-05-20 03:11 - 004111872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-10 10:33 - 2020-05-20 03:06 - 013861888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-10 10:33 - 2020-05-20 03:06 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-10 10:33 - 2020-05-20 03:01 - 001494016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-10 10:33 - 2020-05-20 02:47 - 001341952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-06-10 10:33 - 2020-05-20 02:46 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-10 10:33 - 2020-05-13 10:49 - 001368592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2020-06-10 10:33 - 2020-05-12 18:23 - 000414624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-10 10:33 - 2020-05-12 18:23 - 000373888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-10 10:33 - 2020-05-12 16:37 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-10 10:33 - 2020-05-12 02:47 - 000466840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-10 10:33 - 2020-05-12 02:46 - 000415240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-10 10:33 - 2020-05-11 23:42 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-10 10:33 - 2020-05-10 02:24 - 001311768 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-10 10:33 - 2020-05-09 21:36 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-06-10 10:33 - 2020-05-09 21:23 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-10 10:33 - 2020-05-09 21:15 - 003331584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-10 10:33 - 2020-05-09 21:03 - 001040384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-10 10:33 - 2020-05-09 20:56 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-10 10:33 - 2020-05-09 20:53 - 003640320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-10 10:33 - 2020-05-09 20:47 - 000936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-10 10:33 - 2020-05-09 20:25 - 001085952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2020-06-10 10:33 - 2020-05-09 20:23 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2020-06-10 10:33 - 2020-05-09 20:09 - 012880384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-10 10:33 - 2020-05-09 18:10 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-10 10:33 - 2020-05-09 18:10 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-10 10:33 - 2020-05-01 07:17 - 001097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-10 10:33 - 2020-05-01 07:15 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-10 10:32 - 2020-06-01 21:50 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-10 10:32 - 2020-05-29 18:23 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-10 10:32 - 2020-05-20 04:46 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2020-06-10 10:32 - 2020-05-20 04:39 - 000262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2020-06-10 10:32 - 2020-05-20 03:14 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2020-06-10 10:32 - 2020-05-20 03:09 - 000696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2020-06-10 10:32 - 2020-05-20 03:09 - 000333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2020-06-10 10:32 - 2020-05-20 03:08 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2020-06-10 10:32 - 2020-05-20 02:50 - 004387328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-06-10 10:32 - 2020-05-09 21:20 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-10 10:32 - 2020-05-09 20:53 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-06-27 16:53 - 2014-09-24 00:15 - 000006636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-27 16:50 - 2016-01-27 10:12 - 000003596 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-176138252-3860332429-2761773572-1018
2020-06-27 16:44 - 2013-08-22 07:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-27 16:44 - 2013-08-22 06:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2020-06-27 16:43 - 2016-01-25 16:06 - 000000000 ____D C:\Users\HP Pavilion
2020-06-27 16:16 - 2012-09-11 06:21 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2020-06-27 15:49 - 2017-04-06 19:56 - 000000000 ____D C:\Users\HP Pavilion\AppData\Local\CrashDumps
2020-06-27 14:59 - 2016-02-19 13:55 - 000003814 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{2B2239C5-296B-46AF-9192-8557E01C177E}
2020-06-25 11:43 - 2012-09-11 06:18 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2020-06-25 11:43 - 2012-08-16 20:14 - 000000000 _RSHD C:\hp
2020-06-25 11:42 - 2016-01-25 16:08 - 000000000 ____D C:\Users\HP Pavilion\AppData\Roaming\Hewlett-Packard
2020-06-25 11:42 - 2013-11-05 17:57 - 000000000 ____D C:\Users\Joanne Endevoets\AppData\Local\Hewlett-Packard
2020-06-25 11:42 - 2013-11-05 15:11 - 000000000 ____D C:\Users\Joanne Endevoets\AppData\Roaming\Hewlett-Packard
2020-06-25 11:42 - 2012-09-11 06:33 - 000000000 ____D C:\Program Files (x86)\CyberLink
2020-06-25 06:35 - 2013-11-24 22:54 - 000002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-25 06:35 - 2013-11-24 22:54 - 000002163 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-25 06:35 - 2013-11-24 22:54 - 000002163 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-21 22:46 - 2018-11-13 17:12 - 000000000 ____D C:\WINDOWS\system32\Tasks\Remediation
2020-06-21 22:46 - 2017-04-13 16:40 - 000000000 ____D C:\Program Files\Common Files\AV
2020-06-21 22:39 - 2013-08-22 06:36 - 000000000 ____D C:\WINDOWS\Inf
2020-06-21 22:37 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-06-20 11:09 - 2013-08-22 08:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-06-16 13:21 - 2012-07-26 01:12 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-16 12:40 - 2013-08-22 07:44 - 000346744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-16 12:22 - 2013-08-22 08:36 - 000000000 ___RD C:\WINDOWS\ToastData
2020-06-16 12:06 - 2012-07-26 00:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-16 11:18 - 2014-11-01 10:29 - 000000000 ____D C:\Users\Joanne Endevoets
2020-06-16 11:15 - 2016-01-26 11:34 - 000000000 ____D C:\ProgramData\iolo
2020-06-16 11:15 - 2016-01-26 11:31 - 000000000 ____D C:\Program Files (x86)\iolo
2020-06-16 09:41 - 2016-01-25 16:25 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-06-16 09:39 - 2020-02-12 18:23 - 000000000 ____D C:\Program Files\Logitech
2020-06-16 09:39 - 2014-11-01 10:19 - 000000000 ____D C:\Program Files\Common Files\logishrd
2020-06-16 09:39 - 2014-02-20 18:51 - 000000000 ____D C:\ProgramData\LogiShrd
2020-06-16 09:39 - 2014-02-20 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2020-06-10 18:31 - 2018-11-13 19:14 - 000000000 ____D C:\Users\HP Pavilion\AppData\Local\ElevatedDiagnostics
2020-06-10 14:48 - 2018-06-09 22:26 - 000000175 _____ C:\Users\HP Pavilion\AppData\Roaming\WB.CFG
2020-06-01 23:10 - 2014-09-24 00:06 - 002476032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2020-05-29 17:28 - 2019-04-25 19:44 - 000000000 ____D C:\ProgramData\Paltalk Update
2020-05-29 13:37 - 2018-07-16 19:16 - 000000000 ____D C:\Program Files (x86)\Paltalk
==================== Files in the root of some directories ========
2018-06-09 22:26 - 2020-06-10 14:48 - 000000175 _____ () C:\Users\HP Pavilion\AppData\Roaming\WB.CFG
2016-01-27 10:21 - 2016-01-27 10:21 - 000007601 _____ () C:\Users\HP Pavilion\AppData\Local\Resmon.ResmonCfg
2018-01-30 13:25 - 2019-04-16 12:51 - 000001376 _____ () C:\Users\HP Pavilion\AppData\Local\Temptoast_image.png
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2016-05-28 12:50
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-06-2020
Ran by HP Pavilion (27-06-2020 16:59:40)
Running from C:\Users\HP Pavilion\Desktop
Windows 8.1 (Update) (X64) (2014-11-01 18:42:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-176138252-3860332429-2761773572-500 - Administrator - Disabled)
Guest (S-1-5-21-176138252-3860332429-2761773572-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-176138252-3860332429-2761773572-1003 - Limited - Enabled)
HP Pavilion (S-1-5-21-176138252-3860332429-2761773572-1018 - Administrator - Enabled) => C:\Users\HP Pavilion
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 83.0.4103.116 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Quick Start (HKLM-x32\...\{574F0207-8E98-46CD-8F79-318348C98C46}) (Version: 1.0.4660.30220 - Hewlett-Packard)
Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 2.5.17.0 - Logitech Europe S.A.)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Paltalk (HKLM-x32\...\Paltalk) (Version: - )
Paltalk Messenger 11.8 (HKLM-x32\...\Paltalk Messenger) (Version: 11.8.673.18112 - AVM Software Inc.)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28137 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Revo Uninstaller Pro 4.3.3 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.3.3 - VS Revo Group, Ltd.)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)
Packages:
=========
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2014-11-07] (eBay, Inc)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2014-09-24] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-03] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2014-11-27] (Hewlett-Packard Company)
HP+ -> C:\Program Files\WindowsApps\AD2F1837.HP_1.2.0.93_neutral__v10z8vjag6ke6 [2014-11-02] (Hewlett-Packard Company)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_4.5.1.0_x64__a76a11dkgb644 [2016-04-15] (iHeartMedia.)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-27] (AMZN Mobile LLC)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-02] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-30] (Microsoft Studios) [MS Ad]
MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-13] (Microsoft Corporation) [MS Ad]
MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-13] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-13] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-14] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-11-02] (Netflix, Inc.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-27] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-03] (HP Inc.)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> No File
ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> No File
ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => -> No File
ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => -> No File
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.) [File not signed] [File is in use]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-06-16] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2019-03-29] (VS Revo Group Ltd. -> VS Revo Group)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.i420] => C:\WINDOWS\system32\lvcod64.dll [175392 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [305000 2012-10-26] (Logitech, Inc. -> Logitech Inc.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\HP Pavilion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paltalk\Remove settings.lnk -> C:\Program Files (x86)\Paltalk\ng_clean_settings.bat (No File)
==================== Loaded Modules (Whitelisted) =============
2014-07-04 21:33 - 2014-07-04 21:33 - 000127488 _____ () [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2020-06-21 22:46 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\Control Panel\Desktop\\Wallpaper -> C:\Users\HP Pavilion\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 0) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_803D2E04332962AFAC352F92C208E650"
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\StartupApproved\Run: => "Paltalk"
HKU\S-1-5-21-176138252-3860332429-2761773572-1018\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{E442E7B3-7B13-4BDA-B26D-0F28D846A538}C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe => No File
FirewallRules: [TCP Query User{EE175E9E-556D-4C29-8E52-992A95F9A6CE}C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe] => (Block) C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe => No File
FirewallRules: [{1DA563F9-8F28-4085-9D23-2E0A03D8EC26}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [UDP Query User{D48F9F75-6B2E-4094-9051-3EEF62A29FE1}C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe => No File
FirewallRules: [TCP Query User{C668418F-047A-4B32-84B0-E819D88A70E0}C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk messenger\paltalk.exe => No File
FirewallRules: [{14852894-E754-4D88-B410-E365CBD58788}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [{63569EEC-DC52-4EED-8DB2-E83112C70753}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc. -> Yahoo! Inc.)
FirewallRules: [UDP Query User{0326EAFC-8940-43FE-9164-E4A21A402C98}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe => No File
FirewallRules: [TCP Query User{5A430BC0-D3BD-4121-8016-8EA23C276F90}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe => No File
FirewallRules: [UDP Query User{29A929DE-9870-4957-A906-14B5642012FB}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{7DE345DD-8CFC-418A-B491-BB60FC69B658}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{87010DB7-297E-435E-AB81-7C0757767CAC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE (CyberLink -> CyberLink Corp.)
FirewallRules: [{B6D693E7-D84F-46D9-A816-DE973D437AF7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{261379EE-DACD-4B61-9F8A-BF6F93F7DF35}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{27F4866A-85A9-4CBE-B396-6FD538FC22F3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5F0B061F-74AB-46A7-AA55-5DA60E86BD74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C19F3984-3DF2-4505-B50E-E2623874F167}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe => No File
FirewallRules: [TCP Query User{AC84FE58-503E-4351-8C1D-1B3550F0000F}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe => No File
FirewallRules: [UDP Query User{A8FCFB61-3A9B-49D7-B998-60FB27AE20BB}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe => No File
FirewallRules: [TCP Query User{B0241114-BEDC-46F5-BBAF-324BF2D6F0B4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{40E28967-F448-403E-B197-C27ECC80F3A9}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FBA5429D-8BA2-4085-BDD5-F7E2BDB1C1B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4DCC8EA3-E53D-425B-B571-7F85CA7079B4}] => (Allow) LPort=53000
FirewallRules: [{379C625C-D6CE-4EFE-B73F-7D50D6787976}] => (Allow) LPort=52000
==================== Restore Points =========================
14-03-2020 14:22:36 Windows Update
17-04-2020 11:03:33 Windows Update
15-05-2020 11:36:32 Windows Update
16-06-2020 11:49:07 Windows Update
20-06-2020 08:46:08 Removed Java 7 Update 45
20-06-2020 09:21:59 Revo Uninstaller Pro's restore point - Sophos Anti-Virus
20-06-2020 09:24:02 Removed Sophos Anti-Virus
20-06-2020 10:02:29 Revo Uninstaller Pro's restore point - Sophos AutoUpdate
20-06-2020 10:16:28 Revo Uninstaller Pro's restore point - Sophos Network Threat Protection
20-06-2020 10:33:44 Revo Uninstaller Pro's restore point - Sophos AutoUpdate
20-06-2020 10:42:48 Revo Uninstaller Pro's restore point - Sophos Remote Management System
20-06-2020 10:46:21 Removed Sophos Remote Management System
20-06-2020 10:51:41 Revo Uninstaller Pro's restore point - Sophos System Protection
20-06-2020 10:52:19 Removed Sophos System Protection
21-06-2020 22:44:51 Restore Point Created by FRST
25-06-2020 11:41:37 AdwCleaner_BeforeCleaning_25/06/2020_11:41:29
27-06-2020 15:26:31 Windows Live Essentials
27-06-2020 15:27:34 WLSetup
==================== Faulty Device Manager Devices ============
Name: Wireless Device
Description: Wireless Device
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Surface
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: HP High Definition 1MP Webcam
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (06/27/2020 04:53:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (06/27/2020 04:53:31 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (06/27/2020 04:49:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (06/27/2020 04:23:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (06/27/2020 04:23:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (06/27/2020 03:48:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Camera.exe, version: 6.3.9600.17418, time stamp: 0x545821bf
Faulting module name: WindowsInternal.Inbox.Media.Viewer.dll, version: 6.3.9600.17418, time stamp: 0x54582177
Exception code: 0x80000003
Fault offset: 0x000000000008d81c
Faulting process id: 0x17ac
Faulting application start time: 0x01d64cd5207976cd
Faulting application path: C:\Windows\Camera\Camera.exe
Faulting module path: C:\Windows\MediaViewer\WindowsInternal.Inbox.Media.Viewer.dll
Report Id: 62acbb90-b8c8-11ea-bf98-4c72b9b3dc92
Faulting package full name: Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: Microsoft.Camera
Error: (06/27/2020 03:47:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Camera.exe, version: 6.3.9600.17418, time stamp: 0x545821bf
Faulting module name: WindowsInternal.Inbox.Media.Viewer.dll, version: 6.3.9600.17418, time stamp: 0x54582177
Exception code: 0x80000003
Fault offset: 0x000000000008d81c
Faulting process id: 0x148
Faulting application start time: 0x01d64cd4ece1c7e4
Faulting application path: C:\Windows\Camera\Camera.exe
Faulting module path: C:\Windows\MediaViewer\WindowsInternal.Inbox.Media.Viewer.dll
Report Id: 31ab7869-b8c8-11ea-bf98-4c72b9b3dc92
Faulting package full name: Microsoft.MoCamera_6.3.9600.16384_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: Microsoft.Camera
Error: (06/27/2020 03:45:20 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
System errors:
=============
Error: (06/27/2020 04:50:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/27/2020 04:50:19 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.
Error: (06/27/2020 04:49:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AppX Deployment Service (AppXSVC) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/27/2020 04:49:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AppX Deployment Service (AppXSVC) service to connect.
Error: (06/27/2020 04:48:56 PM) (Source: DCOM) (EventID: 10010) (User: HPPavilion)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (06/27/2020 04:48:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Software Protection service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (06/27/2020 04:48:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
Error: (06/27/2020 04:47:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Connected Remote Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Windows Defender:
===================================
Date: 2014-02-04 17:15:55.337
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {9460D5A7-484E-4AD5-A8F8-E2957D93B006}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2018-05-01 12:46:46.126
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.267.643.0
Previous Signature Version: 1.261.1097.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version: 1.1.14800.3
Previous Engine Version: 1.1.14500.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2018-05-01 12:46:46.126
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.267.643.0
Previous Signature Version: 1.261.1097.0
Update Source: User
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 1.1.14800.3
Previous Engine Version: 1.1.14500.5
Error code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2018-05-01 12:46:46.125
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version: 1.1.14800.3
Previous Engine Version: 1.1.14500.5
Error Code: 0x80509004
Error description: An unexpected problem occurred. Install any available updates, and then try to start the program again. For information on installing updates, see Help and Support.
Date: 2018-02-12 15:30:23.776
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 118.2.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14202.0
Error code: 0x80070652
Error description: Another installation is already in progress. Complete that installation before proceeding with this install.
Date: 2018-02-12 15:30:22.001
Description:
Windows Defender has encountered an error trying to update the engine.
New Engine Version:
Previous Engine Version: 2.1.14202.0
Error Code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel.
CodeIntegrity:
===================================
Date: 2018-08-24 20:29:22.725
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-08-24 20:15:47.586
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-08-24 20:15:13.418
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2018-08-24 20:14:23.690
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
BIOS: AMI 8.06 09/07/2012
Motherboard: PEGATRON CORPORATION 2AF0
Processor: AMD E1-1200 APU with Radeon HD Graphics
Percentage of memory in use: 51%
Total physical RAM: 3665.86 MB
Available physical RAM: 1774.06 MB
Total Virtual: 4065.86 MB
Available Virtual: 2237.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:443.06 GB) (Free:370.43 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.78 GB) (Free:2.47 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{d1de863d-cf84-4d64-8ee1-9cebae5d4872}\ () (Fixed) (Total:1 GB) (Free:0.66 GB) NTFS
\\?\Volume{02f74654-436d-45c5-a86d-fd54f1779603}\ (Windows RE tools) (Fixed) (Total:1 GB) (Free:0.65 GB) NTFS
\\?\Volume{6ec74e69-4ea4-4586-9114-4ec0583318ed}\ () (Fixed) (Total:0.44 GB) (Free:0.18 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 4A1F8D9C)
Partition: GPT.
==================== End of Addition.txt =======================