Hello, My daughter bought herself a new notebook, and gave me her old one.
It runs slow, and I can hear the fan working hard from time to time during normal use, i.e., word processing, checking emails. There are no high-demand games or programs installed on the notebook.
I wonder if someone can check for any malware or other problems. Thank you.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-11-2021
Ran by Amanda (administrator) on AMANDA-HP (Hewlett-Packard HP Pavilion g6 Notebook PC) (12-11-2021 12:19:41)
Running from C:\Users\Amanda\Desktop
Loaded Profiles: Amanda
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel® Identity Protection Technology Software -> Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectMonitor.exe
(Paramount Software UK Ltd -> Paramount Software UK Ltd) C:\Program Files\Macrium\Common\ReflectUI.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
(Raxco Software, Inc. -> Raxco Software, Inc.) C:\Program Files\Raxco\PerfectDisk\PDAgentS1.exe
(Realtek Semiconductor Corp -> Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2832168 2011-10-01] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1424896 2011-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499920 2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3956403641-1016103790-1991301254-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31019504 2020-06-09] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [55432 2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series XPS: C:\Windows\system32\CNMXLMCS.DLL [409088 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJNP Port: C:\Windows\system32\CNMN6PPM.DLL [375296 2015-03-17] (CANON INC.) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}] -> msiexec /fu {F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1} /qn
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2011-09-20] (Broadcom Corporation -> Broadcom Corporation.)
HKLM\Software\...\Authentication\Credential Providers: [{D28973E5-8630-41af-8831-50A15FEB396B}] -> C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll [2011-09-20] (Broadcom Corporation -> Broadcom Corporation.)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
BootExecute: PDBoot.exeautocheck autochk *
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03941A70-4158-4900-8D36-8F597CD87A6C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.)
Task: {20FCFF64-00DD-401D-B1AE-BB1FD97DC929} - System32\Tasks\klcp_update => CodecTweakTool.exe /verysilent /update /freq=90 (No File)
Task: {3295C7FC-3908-4C0A-935D-F48D09EDC2D4} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {430E6E3F-AD4A-4913-83CD-C2BE5A226333} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {4499D604-0F97-4510-B778-73FB4EBB6759} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134008 2020-03-31] (HP Inc. -> HP Inc.)
Task: {460C6D7D-8B5A-4F51-86B0-35BCBC536FC6} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {54D1192B-C6C8-4241-941C-70EF8518242D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506136 2020-07-01] (HP Inc. -> HP Inc.)
Task: {58FD8687-A1F3-4CED-BFDE-DD71224F3616} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel® Software Asset Manager -> Intel Corporation)
Task: {6F10E98C-4ADB-47F6-ADD8-9A8F41025F79} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {75F28C26-5AF7-4734-BA75-7B3F7262A840} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2020-06-09] (Garmin International, Inc. -> )
Task: {79FA81FE-1D64-4D93-B0D9-54E850E73E87} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {83CEB22E-798A-4557-8061-95A29A644057} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {91C1CAB6-F32C-4F23-B4F0-07D151F8D8AE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {950B8750-DF2C-4F2D-AB8B-9E9E8678095D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-07-01] (HP Inc. -> HP Inc.)
Task: {A53D8E94-59D0-4D15-801D-7AB40FAF2992} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {A5AA4715-C292-4388-AB2B-A11D02F1C156} - System32\Tasks\{4B8DC4A1-C6A7-4116-9ED3-552D789BC408} => C:\Windows\system32\pcalua.exe -a C:\Users\Amanda\Desktop\HPSupportSolutionsFramework-12.15.14.3.exe -d C:\Users\Amanda\Desktop
Task: {B22AF7EA-67F5-45E8-84D4-8AAE462B59D6} - System32\Tasks\{B2859790-1CBC-48FC-B2DF-BED06E883DB7} => C:\Windows\system32\pcalua.exe -a C:\Downloads\installer_x86-x64_89006\Installer_x86-x64_89006.exe -d C:\Downloads\installer_x86-x64_89006
Task: {B8B57C90-1D22-4548-BD2E-5A85B60A89BA} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {BE307D0C-1B08-4818-8D4B-3835554BD269} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {C6876885-D0C3-46F6-8F4D-7F606B05B959} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {CCAD9F13-C37C-4216-AAC0-1E01C64F5999} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [682936 2021-11-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {D05C7DE2-BB37-46E7-84ED-87F1C21905A5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1053760 2016-04-22] (Hewlett-Packard Company -> HP Inc.)
Task: {DA92ED9A-F28D-4472-A96B-59809B015955} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-12-08] (Google Inc -> Google Inc.)
Task: {E1965C9E-3865-4D70-8D4E-5C7C11653368} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe --automatic (No File)
Task: {E62C9B41-00FA-48DF-A3DF-47F32E9ACCF4} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {EB99145D-B11F-46BD-AEF6-6ED40D03CF47} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {ED31D45D-DB50-4CE5-8F2C-4CF65114CD0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
Task: {EF7E3A68-0503-43D8-BDFD-383FA0AD4A2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1053760 2016-04-22] (Hewlett-Packard Company -> HP Inc.)
Task: {F5B4B7C4-6F65-4F92-B404-B135D8A21FCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [664920 2020-06-29] (HP Inc. -> HP Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{9955086B-673D-4CF2-9BDF-346645A0F1B5}: [DhcpNameServer] 192.168.2.1 207.164.234.193
FireFox:
========
FF DefaultProfile: cjf2nppd.default-1547470643528
FF ProfilePath: C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\cjf2nppd.default-1547470643528 [2021-11-12]
FF Notifications: Mozilla\Firefox\Profiles\cjf2nppd.default-1547470643528 -> hxxps://www.facebook.com
FF Extension: (AVG Online Security) - C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\cjf2nppd.default-1547470643528\Extensions\[email protected] [2021-07-22]
FF Extension: (uBlock Origin) - C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\cjf2nppd.default-1547470643528\Extensions\[email protected] [2021-10-30]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat - Create PDF) - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2018-03-15] [Legacy] [not signed]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems Incorporated -> Adobe Systems)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\eset_security_config_overlay.js [2020-08-14]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-09-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [387928 2020-06-30] (HP Inc. -> HP Inc.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2424424 2011-08-29] (Realtek Semiconductor Corp -> Realsil Microelectronics Inc.)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3987152 2017-05-27] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [305152 2011-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S3 ekrnEpfw; "C:\Program Files\ESET\ESET Security\ekrn.exe" [X]
S3 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-09-20] (Broadcom Corporation -> Broadcom Corporation.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation -> Malwarebytes Corporation)
R0 mrcbt; C:\Windows\System32\drivers\mrcbt.sys [73928 2018-03-28] (Paramount Software UK Ltd -> Windows ® Win 7 DDK provider)
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt64.sys [535040 2011-09-08] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-12 12:19 - 2021-11-12 12:20 - 000019558 _____ C:\Users\Amanda\Desktop\FRST.txt
2021-11-12 12:18 - 2021-11-12 12:19 - 002312192 _____ (Farbar) C:\Users\Amanda\Desktop\FRST64.exe
2021-11-12 10:29 - 2021-11-12 12:20 - 000000000 ____D C:\FRST
2021-11-12 10:15 - 2021-11-12 10:26 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-10-30 18:01 - 2021-10-30 18:01 - 000003288 ____N C:\bootsqm.dat
2021-10-30 09:59 - 2018-07-15 14:33 - 000150796 _____ C:\HPHWDiag_log.txt
2021-10-30 09:09 - 2021-11-12 10:18 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-11-12 12:19 - 2018-03-14 21:02 - 000000000 ____D C:\Users\Amanda\AppData\LocalLow\Mozilla
2021-11-12 12:16 - 2019-03-28 21:32 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-12 12:08 - 2018-03-14 21:11 - 000000000 ____D C:\Users\Amanda\AppData\Local\ClassicShell
2021-11-12 12:04 - 2018-10-20 13:37 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-12 10:52 - 2009-07-14 00:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-12 10:52 - 2009-07-13 22:20 - 000000000 ____D C:\Windows\inf
2021-11-12 10:45 - 2009-07-13 23:45 - 000035600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-11-12 10:45 - 2009-07-13 23:45 - 000035600 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-11-12 10:27 - 2018-04-09 13:43 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2021-11-12 10:26 - 2018-03-14 21:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-12 10:26 - 2009-07-14 00:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-12 10:10 - 2018-03-14 20:29 - 000003934 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{F52EBCF6-B655-4260-897D-6C56F659BD58}
2021-10-30 10:00 - 2011-10-31 19:24 - 000000000 ____D C:\Windows\system32\Tasks\Hewlett-Packard
2021-10-30 09:59 - 2011-10-31 18:58 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2021-10-30 09:58 - 2011-02-10 14:23 - 000000000 ____D C:\SWSetup
2021-10-30 09:43 - 2018-03-15 09:39 - 000000000 ____D C:\Windows\system32\MRT
2021-10-30 09:39 - 2018-03-15 09:39 - 139806512 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-10-30 09:17 - 2020-02-18 12:46 - 000000000 ____D C:\Users\Amanda\Documents\Website Info
2021-10-30 09:10 - 2018-05-06 19:50 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-10-30 08:59 - 2018-12-08 21:18 - 000003334 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-30 08:59 - 2018-12-08 21:18 - 000003206 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2018-09-14 14:25 - 2018-09-14 14:44 - 044858529 _____ () C:\Program Files (x86)\MahJong.Suite.2015.v12.0.rar
2018-04-18 11:24 - 2018-04-18 11:24 - 000000000 _____ () C:\Users\Amanda\AppData\Roaming\log_041818_122435.txt
2018-04-18 11:28 - 2018-04-18 11:28 - 000000000 _____ () C:\Users\Amanda\AppData\Roaming\log_041818_122827.txt
2018-04-18 14:03 - 2018-04-18 14:03 - 000000000 _____ () C:\Users\Amanda\AppData\Roaming\log_041818_150359.txt
2018-04-18 14:09 - 2018-04-18 14:09 - 000000000 _____ () C:\Users\Amanda\AppData\Roaming\log_041818_150955.txt
2018-04-10 08:19 - 2018-04-10 08:19 - 000007667 _____ () C:\Users\Amanda\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-10-30 11:51
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-11-2021
Ran by Amanda (12-11-2021 12:20:59)
Running from C:\Users\Amanda\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X64) (2018-03-15 01:26:12)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3956403641-1016103790-1991301254-500 - Administrator - Disabled)
Amanda (S-1-5-21-3956403641-1016103790-1991301254-1000 - Administrator - Enabled) => C:\Users\Amanda
Guest (S-1-5-21-3956403641-1016103790-1991301254-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3956403641-1016103790-1991301254-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.)
ANT Drivers Installer x64 (HKLM\...\{C31D139A-5A4A-44A7-9B85-7775CEA60121}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2300 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.5.2300 - Broadcom Corporation)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Elevated Installer (HKLM-x32\...\{BC4FF911-2F33-4A79-9D59-7E21866C8A09}) (Version: 7.0.1.0 - Garmin Ltd or its subsidiaries) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{414a0118-9b7e-484e-8079-a01bc6d069f8}) (Version: 7.0.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{630919DC-A490-4AFF-B2C9-C5FA69D3D742}) (Version: 7.0.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Earth Pro (HKLM\...\{9BFB06CD-3925-49E2-BAB7-EA695821CE4C}) (Version: 7.3.4.8248 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Hope Lake 1.00 (HKLM-x32\...\Hope Lake 1.00) (Version: 1.00 - Games)
HP Documentation (HKLM-x32\...\{3D5C7E0E-AEC0-40EB-99D3-C40469738040}) (Version: 1.1.0.0 - Hewlett-Packard)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{ECCFEFB0-A6EB-4BB3-9C9D-690370ED0C6D}) (Version: 1.7.0.0 - HP Inc.)
HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{90201F91-CF46-41DC-8AF7-2756A2492A72}) (Version: 8.8.28.13 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{EA6A1ABF-8D4C-432A-AF6C-84738319C2D7}) (Version: 12.17.27.5 - HP Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.5.0 - LIGHTNING UK!)
Intel® Computing Improvement Program (HKLM\...\{F6B5BD59-21F0-47F8-A6C6-63BAEB1A6569}) (Version: 2.1.03720 - Intel Corporation)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2476 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
K-Lite Mega Codec Pack 14.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.3.0 - KLCP)
Macrium Reflect Server Edition (HKLM\...\{49157BD6-B5D3-4DBB-98C8-A604D4332D9B}) (Version: 7.0.2187 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Server Edition (HKLM\...\MacriumReflect) (Version: 7.0 - Paramount Software (UK) Ltd.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 94.0.1 (x64 en-US)) (Version: 94.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PerfectDisk Professional Business (HKLM\...\{682B22AB-EAAA-4B1C-83AF-B26E7D4ED01E}) (Version: 13.0.842 - Raxco Software Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.84 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Sudoku Works (HKLM-x32\...\{5B10C186-C6CF-45D8-9E2D-4F18247A5C63}) (Version: 1.0 - Oak Systems)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.27.1 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3956403641-1016103790-1991301254-1000\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3956403641-1016103790-1991301254-1000_Classes\CLSID\{994DDB09-5EF2-4b68-9599-29BB1A2A6944}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-05-27] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2017-05-27] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat Elements\ContextMenuShim64.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284672 2018-01-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2019-09-09 07:13 - 2019-09-09 07:13 - 001364992 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2020-06-09 10:37 - 2020-06-09 10:37 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2018-03-14 21:19 - 2011-05-20 12:05 - 000059904 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2019-07-27 08:57 - 2019-07-27 08:57 - 096071680 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2019-06-06 12:32 - 2019-06-06 12:32 - 000172544 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae5e4617a0a8018308c37b0d47e74d26\IsdiInterop.ni.dll
2020-06-09 10:37 - 2020-06-09 10:37 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2018-03-14 21:19 - 2010-12-22 14:50 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\xerces-c_2_7.dll
2018-03-19 13:14 - 2015-03-17 07:51 - 000375296 _____ (CANON INC.) [File not signed] C:\Windows\System32\CNMN6PPM.DLL
2020-06-09 10:41 - 2020-06-09 10:41 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2020-06-09 10:37 - 2020-06-09 10:37 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 09:35 - 2017-05-08 09:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2020-06-09 10:37 - 2020-06-09 10:37 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2019-06-06 12:32 - 2019-06-06 12:32 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1ee5bbe67e0d1b85eb1b125cf57cba91\IAStorCommon.ni.dll
2018-03-14 21:19 - 2010-12-22 14:45 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\StatusStrings.dll
2018-03-14 21:19 - 2011-05-20 11:54 - 000278528 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
2020-02-18 15:58 - 2020-02-18 15:58 - 000225792 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\b5259b9020de24e4a8286949afdab665\IAStorDataMgr.ni.dll
2020-02-18 15:58 - 2020-02-18 15:58 - 000491520 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\45a77d07d6fa9e5a23c26adc0d0e2aee\IAStorUtil.ni.dll
2017-08-13 07:49 - 2017-08-13 07:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2017-08-13 07:49 - 2017-08-13 07:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2017-08-13 07:49 - 2017-08-13 07:49 - 000291128 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2018-03-16 14:49 - 2018-03-16 14:49 - 000225280 _____ (Microsoft Corporation) [File not signed] [File is in use] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2020-06-09 10:39 - 2020-06-09 10:39 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-07-27 08:57 - 2019-07-27 08:57 - 000762368 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
HKU\S-1-5-21-3956403641-1016103790-1991301254-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON/4
HKU\S-1-5-21-3956403641-1016103790-1991301254-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON/4
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {25E212C1-69E6-4924-90D3-CD7783E644F9} URL = hxxp://www.amazon.ca/s/ref=azs_osd_ieaca?ie=UTF-8&tag=hp-ca2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-3956403641-1016103790-1991301254-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3956403641-1016103790-1991301254-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3956403641-1016103790-1991301254-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-09-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-09 13:42 - 2018-04-09 13:42 - 000000143 ____R C:\Windows\system32\drivers\etc\hosts
127.0.0.1 keystone.mwbsys.com
127.0.0.1 sirius.mwbsys.com
127.0.0.1 bactem.mwbsys.com
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Broadcom\Broadcom 802.11\Driver;;;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;C:\Program Files\Broadcom\WHL\;C:\Program Files\Broadcom\WHL\syswow64;C:\Program Files\Broadcom\WHL\SysWow64\;C:\Program Files\Broadcom\WHL\SysWow64\syswow64;C:\Program Files (x86)\Intel\Services\IPT\
HKU\S-1-5-21-3956403641-1016103790-1991301254-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Amanda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^KMService.lnk => C:\Windows\pss\KMService.lnk.CommonStartup
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: IJNetworkScannerSelectorEX => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
MSCONFIG\startupreg: Reflect UI => C:\Program Files\Macrium\Common\ReflectUI.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{98B44A3A-A17A-47E5-ABDB-F1798C77AD44}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5943820C-A840-4247-8DD5-5142C5020FF5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5989919C-1183-43C8-88B8-0A1A33B2BA2A}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{5BFE4BC2-21AB-47BE-922A-041ED5B9C7F7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{54F25319-BBFB-485D-A61A-1C5A08980F0C}] => (Allow) C:\Users\Amanda\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{83753B62-EEEE-46F3-AFBA-570B8F8E1ACB}] => (Allow) C:\Users\Amanda\AppData\Roaming\Zoom\bin\airhost.exe => No File
==================== Restore Points =========================
14-08-2020 12:26:47 Windows Update
14-08-2020 12:48:07 Device Driver Package Install: AVG Technologies Network Service
14-08-2020 15:05:15 Installed HP Support Solutions Framework
14-08-2020 15:08:18 Installed HP Support Assistant
14-08-2020 15:12:26 Windows Modules Installer
17-08-2020 07:14:02 Windows Modules Installer
17-08-2020 07:15:52 Windows Modules Installer
30-09-2020 15:28:30 Revo Uninstaller Pro's restore point - CCleaner
07-12-2020 15:41:32 Scheduled Checkpoint
07-12-2020 16:05:55 Windows Update
07-12-2020 16:22:24 Revo Uninstaller Pro's restore point - Malwarebytes Anti-Malware version 2.2.1.1043
22-07-2021 12:09:57 Revo Uninstaller Pro's restore point - AVG AntiVirus FREE
22-07-2021 12:28:48 Windows Update
20-08-2021 21:06:51 Windows Update
30-10-2021 09:38:33 Windows Update
30-10-2021 09:59:13 Installed HP PC Hardware Diagnostics Windows
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (11/12/2021 10:45:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:45:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:45:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:45:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:30:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:30:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:30:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
Error: (11/12/2021 10:30:21 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4110) (User: )
Description: Failed to add certificate to Third-Party Root Certification Authorities store with error: Access is denied.
System errors:
=============
Error: (11/12/2021 12:23:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
Error: (11/12/2021 10:28:47 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because the registry could not be updated due to error '0x80070006'. If possible, reinstall Windows Media Player.
Error: (11/12/2021 10:27:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (11/12/2021 10:25:32 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (11/12/2021 10:24:55 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
Error: (11/12/2021 10:06:26 AM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because the registry could not be updated due to error '0x80070006'. If possible, reinstall Windows Media Player.
Error: (11/12/2021 10:05:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
and APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
Error: (10/30/2021 06:04:50 PM) (Source: WMPNetworkSvc) (EventID: 14329) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because the registry could not be updated due to error '0x80070006'. If possible, reinstall Windows Media Player.
==================== Memory info ===========================
BIOS: Hewlett-Packard F.34 06/14/2012
Motherboard: Hewlett-Packard 1695
Processor: Intel® Core i3-2350M CPU @ 2.30GHz
Percentage of memory in use: 52%
Total physical RAM: 6091.86 MB
Available physical RAM: 2864.62 MB
Total Virtual: 12181.86 MB
Available Virtual: 8935.28 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:905.46 GB) (Free:749.38 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:21.89 GB) (Free:2.33 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:3.95 GB) FAT32
\\?\Volume{84515f44-27fb-11e8-9f78-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A65C9874)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=905.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
==================== End of Addition.txt =======================
Edited by Jackpine, 12 November 2021 - 11:29 AM.