I've been having issues with Windows Defender and McAfee not updating.
Windows Defender update issue started a month or so before the McAfee issue of not updating began. I ran command prompt sfc/scannow and 'Windows Resourse Protections did not find integrity violations'.
I have Windows Vista 32 bit operating system. I also ran FRST.exe and these are the results.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17.01.2018 01
Ran by Tipper (administrator) on TIPPER-PC (08-01-2021 19:45:24)
Running from C:\Users\Tipper\Downloads
Loaded Profiles: Tipper (Available Profiles: Tipper & Chris & Boyz & Mcx1)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Opera)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\SLsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Dropbox, Inc.) C:\WINDOWS\System32\DbxSvc.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Logitech Inc.) C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\WINDOWS\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Conexant Systems, Inc.) C:\WINDOWS\System32\drivers\XAudio.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\WINDOWS\System32\wpcumi.exe
(Realtek Semiconductor) C:\WINDOWS\RtHDVCpl.exe
(Research In Motion Limited) C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehmsas.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Hewlett-Packard Company) C:\hp\KBD\kbd.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\WINDOWS\System32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80\opera.exe
(Opera Software) C:\Program Files\Opera\36.0.2130.80\opera.exe
(Microsoft Corporation) C:\WINDOWS\System32\conime.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [WPCUMI] => C:\Windows\system32\WpcUmi.exe [176128 2006-11-02] (Microsoft Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [79192 2011-02-18] (Research In Motion Limited)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [57393 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [NvMediaCenter] => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [KBD] => C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [40960 2005-03-17] (ScanSoft, Inc.)
HKLM\...\Run: [hpsysdrv] => c:\hp\support\hpsysdrv.exe [65536 2007-04-18] (Hewlett-Packard Company)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [HP Health Check Scheduler] => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [65536 2006-07-19] (Brother Industries, Ltd.)
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [622592 2007-02-06] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-17] (Adobe Systems Incorporated)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [3643712 2018-05-14] (Dropbox, Inc.)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Run: [HPAdvisor] => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Run: [L08AXLRD_45457240] => C:\Program Files\Microsoft Student\Microsoft Student with Encarta Premium 2008 DVD\EDICT.EXE [351000 2007-05-21] (Microsoft Corporation)
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
Startup: C:\Users\Tipper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk [2021-01-08]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 1050 J410 series.lnk -> C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Tipper\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-05-29]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Boyz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2011-06-26]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2013-05-13]
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-3938486149-3048756490-4017228027-1003\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-3938486149-3048756490-4017228027-1001\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer]
Tcpip\..\Interfaces\{2328FD5C-20DF-441B-BA4C-12384E9C94FB}: [DhcpNameServer]
Internet Explorer:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_ca&c=83&bd=Pavilion&pf=cndt
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ca.msn.com/?lang=en-ca&OCID=iehp
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp-consumer.my.aol.ca/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {380854A7-BB12-4473-A1C0-F6272ABD0A35} URL = hxxp://www.ask.com/web?q={searchTerms}&l=dis&o=cahpd
SearchScopes: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000 -> DefaultScope {2CD89589-7B83-4AC9-B00C-F73BDD29665A} URL = hxxps://ca.search.yahoo.com/search?fr=mcafee&type=B011CA0D20200308&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000 -> {2CD89589-7B83-4AC9-B00C-F73BDD29665A} URL = hxxps://ca.search.yahoo.com/search?fr=mcafee&type=B011CA0D20200308&p={searchTerms}
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Toolbar: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000 -> No Name - {093F479D-712E-46CD-9E06-62E734A05F68} - No File
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll [2011-06-28] (Logitech Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2016-02-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-04-20] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2020-03-08] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-03-08] [Legacy] [not signed]
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2011-05-26] ()
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-04-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3938486149-3048756490-4017228027-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Tipper\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-03-12] (RocketLife, LLP)
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2020-03-08]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe) [File not signed]
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-28] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-10-28] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [43344 2018-05-14] (Dropbox, Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208 2008-03-14] (Hewlett-Packard) [File not signed]
R2 LightScribeService; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728 2008-03-17] (Hewlett-Packard Company) [File not signed]
R2 McAfee SiteAdvisor Service; c:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2016-02-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-02-24] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
S3 CoachUsb; C:\Windows\System32\DRIVERS\CoachUsb.sys [41184 2003-06-26] (Accapella Ltd.)
S3 CoachVc; C:\Windows\System32\DRIVERS\CoachVc.sys [45664 2003-06-26] (Accapella Ltd.) [File not signed]
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2007-10-11] (Logitech Inc.)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [67800 2015-02-28] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-15] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
R3 PID_0928; C:\Windows\System32\DRIVERS\LV561AV.SYS [495768 2009-04-30] (Logitech Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-08 19:45 - 2021-01-08 19:45 - 000018210 _____ C:\Users\Tipper\Downloads\FRST.txt
2021-01-02 03:48 - 2021-01-02 03:48 - 000145104 _____ C:\Windows\Minidump\Mini010221-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-08 19:45 - 2018-01-11 02:09 - 000000000 ____D C:\FRST
2021-01-08 19:40 - 2006-11-02 07:47 - 000005184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2021-01-08 19:40 - 2006-11-02 07:47 - 000005184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2021-01-08 19:06 - 2016-10-28 16:22 - 000000894 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2021-01-08 18:33 - 2020-03-08 05:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2021-01-08 18:28 - 2006-11-02 05:33 - 000006580 _____ C:\Windows\system32\PerfStringBackup.INI
2021-01-08 18:27 - 2019-01-10 18:21 - 000000000 __RSD C:\Users\Tipper\Documents\McAfee Vaults
2021-01-08 18:24 - 2019-02-13 19:55 - 000000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore1d4c3fff0366b20.job
2021-01-08 18:23 - 2020-03-08 05:18 - 000000000 ____D C:\Program Files\McAfee
2021-01-08 18:23 - 2006-11-02 08:01 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-01-08 18:21 - 2006-11-02 08:01 - 000032526 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-01-02 03:48 - 2011-07-09 00:25 - 000000000 ____D C:\Windows\Minidump
2021-01-02 03:47 - 2019-10-18 18:25 - 306827898 _____ C:\Windows\MEMORY.DMP
2020-12-18 14:51 - 2012-01-17 16:49 - 000074240 _____ C:\Users\Tipper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2020-12-12 11:45 - 2019-01-10 23:18 - 000000000 __RSD C:\Users\Boyz\Documents\McAfee Vaults
==================== Files in the root of some directories =======
2011-06-01 12:07 - 2015-12-22 05:35 - 000044759 _____ () C:\Users\Tipper\AppData\Roaming\Rim.Desktop.Exception.log
2011-06-01 12:06 - 2011-08-16 15:03 - 000003392 _____ () C:\Users\Arlie\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2011-08-16 15:27 - 2015-12-22 05:35 - 000002849 _____ () C:\Users\Arlie\AppData\Roaming\Rim.DesktopHelper.Exception.log
2014-03-25 16:13 - 2014-03-25 16:13 - 000000045 _____ () C:\Users\Tipper\AppData\Roaming\WB.CFG
2011-05-18 14:19 - 2011-05-18 14:19 - 000000000 _____ () C:\Users\Tipper\AppData\Roaming\wklnhst.dat
2012-11-01 06:46 - 2016-11-02 05:56 - 000001356 _____ () C:\Users\Tipper\AppData\Local\d3d9caps.dat
2012-01-17 16:49 - 2020-12-18 14:51 - 000074240 _____ () C:\Users\Tipper\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-10-23 03:26 - 2012-10-23 03:26 - 000017408 _____ () C:\Users\Tipper\AppData\Local\WebpageIcons.db
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2021-01-08 18:29
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17.01.2018 01
Ran by Tipper (08-01-2021 19:46:07)
Running from C:\Users\Tipper\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2011-04-20 16:49:56)
Boot Mode: Normal
==================== Accounts: =============================
Administrator (S-1-5-21-3938486149-3048756490-4017228027-500 - Administrator - Disabled)
Tipper (S-1-5-21-3938486149-3048756490-4017228027-1000 - Administrator - Enabled) => C:\Users\Arlie
Boyz (S-1-5-21-3938486149-3048756490-4017228027-1003 - Limited - Enabled) => C:\Users\Boyz
Chris (S-1-5-21-3938486149-3048756490-4017228027-1001 - Limited - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3938486149-3048756490-4017228027-501 - Limited - Enabled)
Mcx1 (S-1-5-21-3938486149-3048756490-4017228027-1004 - Administrator - Enabled) => C:\Users\Mcx1
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Out of date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Out of date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should
be uninstalled manually.)
ActiveCheck component for HP Active Support Library (HKLM\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: - Hewlett-Packard) Hidden
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: - Adobe)
Adobe Reader XI (11.0.23) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems
Adobe Shockwave Player 12.3 (HKLM\...\Adobe Shockwave Player) (Version: - Adobe Systems, Inc.)
BlackBerry Desktop Software 6.1 (HKLM\...\{75157F34-02C6-4831-BD66-3BC49E7A8394}) (Version: - Research In
Motion Ltd.) Hidden
BlackBerry Desktop Software 6.1 (HKLM\...\BlackBerry_Desktop) (Version: - Research In Motion Ltd.)
Brother MFL-Pro Suite (HKLM\...\{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}) (Version: 1.00 - Brother Industries, Ltd.)
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1329 - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2726 -
CyberLink Corp.)
Digital Camera (2320) (HKLM\...\Digital Camera (2320)) (Version: - )
Dropbox (HKLM\...\Dropbox) (Version: 49.4.69 - Dropbox, Inc.)
Dropbox Update Helper (HKLM\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: - Dropbox, Inc.) Hidden
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version: - Hewlett-Packard)
H.264 Player version 2.4 (HKLM\...\{FC7E8DA6-5C97-407A-B11F-E3DDA6BCC878}_is1) (Version: 2.4 - )
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.1.4748.24 - PC-Doctor, Inc.)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{C111B73A-93EA-4A12-80E2-0460F11D431F}) (Version:
28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: - Hewlett
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5E83AB6E-2284-4468-BF97-A451904F186C}) (Version:
28.0.1313.0 - Hewlett-Packard Co.)
HP Photo Creations (HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\...\HP Photo Creations) (Version:
- HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: -
Hewlett-Packard) Hidden
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.2.2529 - CyberLink Corp.)
Learning Essentials for Microsoft Office (HKLM\...\{75F3A4B2-F6E8-434D-A2EF-DBBC016C6CB2}) (Version: 2.0 - Microsoft)
LightScribe System Software (HKLM\...\{004C5DA2-2051-4D25-94BA-51CF810C91EB}) (Version: -
LightScribeTemplateLabeler (HKLM\...\{305D4B08-5807-4475-B1C8-D54685534864}) (Version: - LightScribe)
Logitech Desktop Messenger (HKLM\...\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}) (Version: 2.52.18 - Logitech, Inc.)
Logitech Legacy USB Camera Driver Package (HKLM\...\legacyqcam_11.10) (Version: - )
Logitech Vid HD (HKLM\...\Logitech Vid) (Version: 7.2 (7259) - Logitech Inc..)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
McAfee SecurityCenter (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.290 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 -
Microsoft Corporation)
Microsoft Math (HKLM\...\{07043840-959A-4B0D-8825-2C533F0DDB19}) (Version: 2007 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-
8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 -
Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version:
12.0.6612.1000 - Microsoft Corporation)
Microsoft Student 2007 for Learning Essentials (HKLM\...\{Microsoft Student 2007_54A0E938-8390-489F-8F1A-
563673334DFE}) (Version: - )
Microsoft Student with Encarta Premium 2008 (HKLM\...\{08041881-FCA5-44A7-B863-D66037A16AAF}) (Version: 2008 -
Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118})
(Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 -
Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 -
Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C})
(Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version:
9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F})
(Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5})
(Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}) (Version: 6.10.050 - muvee Technologies)
NirSoft BlueScreenView (HKLM\...\NirSoft BlueScreenView) (Version: - )
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: - )
Opera Stable 36.0.2130.80 (HKLM\...\Opera 36.0.2130.80) (Version: 36.0.2130.80 - Opera Software)
PaperPort (HKLM\...\{71C97545-E547-4A8B-B0C8-61FF853270AC}) (Version: 9.02.0827 - ScanSoft, Inc.)
Parker Brothers Classic Card Games (HKLM\...\ClassicCard) (Version: - )
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3917 - CyberLink Corp.)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - Realtek
Semiconductor Corp.)
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 -
Conexant Systems)
Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: - Adobe Systems, Inc) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 4.0.12 - Tweaking.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_
{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.10 - VideoLAN)
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless
listed separately.)
CustomCLSID: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000_Classes\CLSID\{9356e2bb-6c9a-43c0-a771-5cacbdab6afe}
\InprocServer32 -> C:\Users\Tipper\AppData\Roaming\HP Photo Creations\RLPNUpload.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000_Classes\CLSID\{A10E0335-AFCA-4E7E-975F-CA30235FB29A}
\InprocServer32 -> C:\Users\Tipper\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CustomCLSID: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000_Classes\CLSID\{cc05a616-ddb3-4cc0-9a21-dc0e9962b444}
\InprocServer32 -> C:\Users\Tipper\AppData\Roaming\HP Photo Creations\ContentMan.dll (RocketLife)
CustomCLSID: HKU\S-1-5-21-3938486149-3048756490-4017228027-1000_Classes\CLSID\{ff280b55-14f1-49ae-b40f-15f5294ce630}
\InprocServer32 -> C:\Users\Tipper\AppData\Roaming\HP Photo Creations\RocketEngine.dll (Visan inc.)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program
Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2015-03-03] (McAfee, Inc.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program
Files\Dropbox\Client\DropboxExt.21.0.dll [2018-05-14] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32
\nvcpl.dll [2008-05-22] (NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program
Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2015-03-03] (McAfee, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless
listed separately.)
Task: {09DA987E-5384-44C4-9359-F80E0CE55A8C} - System32\Tasks\{402A8835-4A03-4627-8446-8BCF151CF753} => "C:\Program
Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/
Task: {2C6865C5-1B4D-4998-BABD-CB45D4B027C9} - System32\Tasks\PC-Doctor\Scheduled Maintenance Swap => C:\Program
Files\PC-Doctor 5 for Windows\task_swap.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {3D69489E-4E92-49CF-8D12-7ABF6CDDF41F} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program
Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)
Task: {62723A29-FD3B-4F5F-B7D5-B9F1BFD4E640} - System32\Tasks\{E999EE8A-B462-4D2F-8C6F-0AEC7FF1E3EF} =>
C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {890419E0-EAE5-4F12-8544-8E5E5BEEAA2C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program
Files\Dropbox\Update\DropboxUpdate.exe [2016-10-28] (Dropbox, Inc.)
Task: {964DAA7E-EFC5-456C-833F-3F439598E230} - System32\Tasks\PC-Doctor\Scheduled Maintenance => C:\Program Files\PC
-Doctor 5 for Windows\RunProfiler.exe [2008-03-13] (PC-Doctor, Inc.)
Task: {B137EFA8-D405-42FE-8963-8C9C47D9798E} - System32\Tasks\Opera scheduled Autoupdate 1517288033 => C:\Program
Files\Opera\launcher.exe [2016-08-05] (Opera Software)
Task: {DF894B9C-6CB6-4C71-BE6E-D4746B6A9FC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32
\Macromed\Flash\FlashPlayerUpdateService.exe [2020-12-08] (Adobe)
Task: {EFB4C4CE-A029-4FAC-AFC0-7C92C9750A50} - System32\Tasks\DropboxUpdateTaskMachineCore1d4c3fff0366b20 =>
C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2016-10-28] (Dropbox, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task
will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore1d4c3fff0366b20.job => C:\Program
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-05-14 22:41 - 2018-05-14 06:45 - 000863048 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2018-05-14 22:41 - 2018-05-14 06:45 - 002079048 _____ () C:\Program Files\Dropbox\Client\dropbox_crashpad.dll
2018-03-29 17:42 - 2018-05-14 06:44 - 000100312 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000018896 _____ () C:\Program Files\Dropbox\Client\select.pyd
2018-03-29 17:42 - 2018-05-14 06:47 - 000020808 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000035808 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000694232 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2018-05-14 22:41 - 2018-05-14 06:46 - 000021856 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:44 - 000130520 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2018-05-14 22:41 - 2018-05-14 06:46 - 001845600 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000022880 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:44 - 000145880 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2018-05-14 22:41 - 2018-05-14 06:45 - 000116696 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2018-03-29 17:42 - 2018-05-14 06:44 - 000105944 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000022872 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000063312 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000024536 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2018-05-14 22:41 - 2018-05-14 06:46 - 000077120 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2018-05-14 22:41 - 2018-05-14 06:45 - 000392664 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2018-03-29 17:42 - 2018-05-14 06:44 - 000043480 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2018-05-14 22:41 - 2018-05-14 06:44 - 000020952 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000124888 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000114136 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2018-03-29 17:42 - 2018-05-14 06:47 - 000392520 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000028000 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:44 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000175576 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000030168 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000026072 _____ () C:\Program Files\Dropbox\Client\win32job.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000048600 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000057816 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2018-05-14 22:41 - 2018-05-14 06:46 - 000021840 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000023376 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000022864 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:48 - 000066400 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:47 - 003863880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000084944 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2018-05-14 22:41 - 2018-05-14 06:46 - 001798464 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 001959232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2018-03-29 17:42 - 2018-05-14 06:44 - 000028632 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000155472 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000521544 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000051024 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000043336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000131400 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000219984 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-14 22:41 - 2018-05-14 06:47 - 000204104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000025440 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:44 - 000060888 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000054616 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:44 - 000024024 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000022880 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:48 - 000022368 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:48 - 000021856 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:48 - 000022368 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000027496 _____ () C:\Program
2018-03-29 17:42 - 2018-05-14 06:44 - 000349144 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2018-03-29 17:42 - 2018-05-14 06:48 - 000023904 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000025432 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:45 - 000036312 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2018-03-29 17:42 - 2018-05-14 06:48 - 000021856 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000181064 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.dll
2018-03-29 17:42 - 2018-05-14 06:47 - 000030544 _____ () C:\Program
2018-05-14 22:41 - 2018-05-14 06:46 - 000024384 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2018-05-14 22:41 - 2018-05-14 06:46 - 001638208 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2018-03-29 17:42 - 2018-05-14 06:48 - 000026464 _____ () C:\Program
2007-05-21 06:02 - 2007-05-21 06:02 - 000269080 _____ () C:\Program Files\Common Files\Microsoft Shared\Reference
2007-05-21 06:02 - 2007-05-21 06:02 - 000228120 _____ () C:\Program Files\Common Files\Microsoft Shared\Reference
2007-05-21 06:02 - 2007-05-21 06:02 - 000178968 _____ () C:\Program Files\Common Files\Microsoft Shared\Reference
2007-05-21 06:02 - 2007-05-21 06:02 - 000351000 _____ () C:\Program Files\Common Files\Microsoft Shared\Reference
2007-05-21 06:00 - 2007-05-21 06:00 - 000068376 _____ () C:\Program Files\Microsoft Student\Microsoft Student with
Encarta Premium 2008 DVD\EDICTEIT.EBK
2018-01-29 23:53 - 2016-08-05 07:29 - 063846920 _____ () C:\Program Files\Opera\36.0.2130.80\opera.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 05:23 - 2006-09-18 16:41 - 000000761 _____ C:\Windows\system32\Drivers\etc\hosts localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3938486149-3048756490-4017228027-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tipper\Pictures\Me
DNS Servers:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2)
(ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless
listed separately.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{D92D6C79-4E3E-4C55-B270-3772F9D2657C}] => (Allow) c:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{770D80FE-2DB7-4C60-B911-024311024AB0}] => (Allow) LPort=80
FirewallRules: [{5BFA165D-98D1-42B9-8DBB-C23123DA7500}] => (Allow) LPort=80
FirewallRules: [{85C1740F-00A1-4ADE-828A-5DE3DC90AF6D}] => (Allow) LPort=80
FirewallRules: [{20EE2C88-D71B-4B05-9581-0F4D1EB4E7FF}] => (Allow) LPort=4481
FirewallRules: [{3343A644-DA33-45C0-B6F8-75703D1A4C08}] => (Allow) LPort=4481
FirewallRules: [{9699F66B-E3AE-49DD-A0AE-DA2E373C485F}] => (Allow) LPort=4482
FirewallRules: [{C395807F-9F94-4FC8-B806-FF47F0DAD3DA}] => (Allow) LPort=4482
FirewallRules: [{1253EA7A-883E-4F2D-878B-0D89088B081B}] => (Allow) C:\Program Files\Logitech\Desktop
FirewallRules: [{3F9BC9C6-4BF0-4DF9-B7F9-F0D72354923C}] => (Allow) C:\Program Files\Logitech\Desktop
FirewallRules: [TCP Query User{E61E14B6-2B7B-4B9A-A8EC-94FCBDCD789E}C:\program files\logitech\desktop
messenger\8876480\program\logitechdesktopmessenger.exe] => (Block) C:\program files\logitech\desktop
FirewallRules: [UDP Query User{A6668CB7-25D3-4515-9533-E3F19AC2076B}C:\program files\logitech\desktop
messenger\8876480\program\logitechdesktopmessenger.exe] => (Block) C:\program files\logitech\desktop
FirewallRules: [{85C8AE78-3F41-4823-A11B-40C4AA4FC9F8}] => (Allow) C:\Program Files\Logitech\Desktop
FirewallRules: [{1995A3E9-CF49-4029-84CE-3D6F151D2101}] => (Allow) C:\Program Files\Logitech\Desktop
FirewallRules: [TCP Query User{08546204-51B4-4295-BC11-5733FB70F911}C:\program files\limewire plus+\limewire.exe] =>
(Allow) C:\program files\limewire plus+\limewire.exe
FirewallRules: [UDP Query User{D3BD81E3-322B-4ADB-B9AA-C101BA735424}C:\program files\limewire plus+\limewire.exe] =>
(Allow) C:\program files\limewire plus+\limewire.exe
FirewallRules: [{472C2A7C-9E89-43FA-8922-9A792DCE6728}] => (Allow) C:\Program Files\Research In Motion\BlackBerry
FirewallRules: [{C0FE80F8-6DB0-403A-82A8-7473952BDD19}] => (Allow) C:\Program Files\Research In Motion\BlackBerry
FirewallRules: [{0544882A-BB01-4012-B621-7BF0EA635474}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{03A57C7B-C4EB-4EEA-9E5D-C103F4B51706}] => (Allow) C:\Program Files\Logitech\Vid HD\Vid.exe
FirewallRules: [{2C18A20C-6338-4CA6-889D-61F7A076066E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319
FirewallRules: [{F93B05B1-C570-4C0F-AF9C-46AFBA2B20E1}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410
FirewallRules: [TCP Query User{C93416B8-BA29-49F9-BA5A-AC531D041DD7}E:\setup.exe] => (Allow) E:\setup.exe
FirewallRules: [UDP Query User{53A6C86A-EB12-41E1-A38A-6D03F0F4A96E}E:\setup.exe] => (Allow) E:\setup.exe
FirewallRules: [{14B65C26-C247-42BD-9717-EDD839B7247F}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{BD446FB5-B07B-47C4-99F0-8A930875C22C}] => (Allow) C:\Program Files\Common
==================== Restore Points =========================
10-12-2020 00:00:15 Scheduled Checkpoint
11-12-2020 00:00:15 Scheduled Checkpoint
12-12-2020 00:00:10 Scheduled Checkpoint
13-12-2020 00:00:20 Scheduled Checkpoint
13-12-2020 15:36:19 Scheduled Checkpoint
15-12-2020 00:00:04 Scheduled Checkpoint
16-12-2020 00:00:17 Scheduled Checkpoint
17-12-2020 00:00:14 Scheduled Checkpoint
18-12-2020 00:00:13 Scheduled Checkpoint
19-12-2020 00:00:14 Scheduled Checkpoint
20-12-2020 00:00:04 Scheduled Checkpoint
21-12-2020 00:00:13 Scheduled Checkpoint
22-12-2020 00:00:13 Scheduled Checkpoint
23-12-2020 00:00:14 Scheduled Checkpoint
24-12-2020 00:00:13 Scheduled Checkpoint
25-12-2020 00:00:15 Scheduled Checkpoint
26-12-2020 00:00:14 Scheduled Checkpoint
27-12-2020 00:00:14 Scheduled Checkpoint
28-12-2020 00:00:16 Scheduled Checkpoint
29-12-2020 00:00:15 Scheduled Checkpoint
30-12-2020 00:00:15 Scheduled Checkpoint
31-12-2020 00:00:17 Scheduled Checkpoint
02-01-2021 06:13:35 McAfee Vulnerability Scanner
03-01-2021 00:00:05 Scheduled Checkpoint
04-01-2021 00:00:18 Scheduled Checkpoint
05-01-2021 00:00:14 Scheduled Checkpoint
06-01-2021 00:00:17 Scheduled Checkpoint
07-01-2021 00:00:19 Scheduled Checkpoint
08-01-2021 00:00:15 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
Error: (01/08/2021 07:00:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
Error: (01/08/2021 07:00:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at:
chain processed, but terminated in a root certificate which is not trusted by the trust provider.
System errors:
Error: (01/08/2021 06:26:06 PM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (01/05/2021 03:34:30 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease for the Network Card with network address 001E9034E132 has been denied
by the DHCP server (The DHCP Server sent a DHCPNACK message).
Error: (01/02/2021 05:03:32 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {211EBA3A-EA5A-496B-A021-5C6BEB365E4C} did not register with DCOM within the required
Error: (01/02/2021 05:03:02 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {209500FC-6B45-4693-8871-6296C4843751} did not register with DCOM within the required
Error: (01/02/2021 03:50:59 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (01/02/2021 03:48:07 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:46:32 PM on 31/12/2020 was unexpected.
Error: (12/29/2020 03:34:25 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease for the Network Card with network address 001E9034E132 has been denied
by the DHCP server (The DHCP Server sent a DHCPNACK message).
Error: (12/22/2020 03:34:31 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease for the Network Card with network address 001E9034E132 has been denied
by the DHCP server (The DHCP Server sent a DHCPNACK message).
Error: (12/19/2020 12:59:56 AM) (Source: Microsoft-Windows-LanguagePackSetup) (EventID: 1001) (User: NT AUTHORITY)
Description: Event-ID 1001
Error: (12/19/2020 01:00:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Health Check Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Date: 2021-01-02 03:56:32.628
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2021-01-02 03:56:31.746
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2021-01-02 03:56:30.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2021-01-02 03:56:29.890
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-10-19 01:55:58.112
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-10-19 01:55:57.145
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-10-19 01:55:56.223
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-10-19 01:55:55.300
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-08-14 06:35:23.008
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
Date: 2019-08-14 06:35:18.623
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1
\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the
==================== Memory info ===========================
Processor: AMD Athlon 64 X2 Dual Core Processor 5400+
Percentage of memory in use: 64%
Total physical RAM: 3005.76 MB
Available physical RAM: 1079.31 MB
Total Virtual: 6219.75 MB
Available Virtual: 4443.29 MB
==================== Drives ================================
Drive c: (HP) (Fixed) (Total:455.44 GB) (Free:56.31 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.32 GB) (Free:0.96 GB) NTFS ==>[system with boot components (obtained from
==================== MBR & Partition Table ==================
Disk: 0 (Size: 465.8 GB) (Disk ID: F451C310)
Partition 1: (Active) - (Size=455.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=10.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================