Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Laptop Getting more Sluggish

Started by Beatriceswiss , Jul 31 2023 10:39 AM

  • Please log in to reply

#1
Beatriceswiss
Posted 31 July 2023 - 10:39 AM

Beatriceswiss

    Member

  • Member
  • PipPip
  • 80 posts

Hello,

My laptop which I have had for a number of years and which was given to me by my work, has been getting more and more sluggish.  Programs open slowly and they respond slowly as well.

 

Any help in fixing this is greatly appreciated.

 

Thank you.

 

My logs are provided below.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-07-2023
Ran by Beatrice (administrator) on BEATRICE (Hewlett-Packard HP Pavilion 17 Notebook PC) (31-07-2023 12:09:25)
Running from C:\Users\Beatrice\Desktop\FRST64 (1).exe
Loaded Profiles: Beatrice
Platform: Microsoft Windows 8.1 (Update) (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Systems, Incorporated -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe <4>
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(C:\Program Files\AVG\Antivirus\AVGSvc.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswEngSrv.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <21>
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(explorer.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
(explorer.exe ->) (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(explorer.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.272\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(services.exe ->) () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(services.exe ->) (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\avgToolsSvc.exe
(services.exe ->) (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\wsc_proxy.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(services.exe ->) (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(services.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(svchost.exe ->) (Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [333784 2021-03-31] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe" (No File)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [256952 2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-19] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare Software Co., Ltd.  -> Wondershare)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw (No File)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Beatrice\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=866453ef907a47d2a1e59913f05f23cd-7b0c96f9aa992d7393c82dd82ae949bc32978813 /CMPID=0214c (No File)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [153136 2007-03-12] (Nero AG -> Nero AG)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [uTorrent] => "C:\Users\Beatrice\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED (No File)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [BlackBerryLink.exe] => "C:\Program Files (x86)\Research In Motion\BlackBerry Link\BlackBerryLink.exe" /minimize (No File)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [RIMDeviceManager] => C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe" -RunServer (No File)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (No File)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [123262344 2023-06-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31325464 2023-06-14] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\...\Windows x64\Print Processors\Canon MG5700 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDCS.DLL [30208 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Windows x64\Print Processors\hpfpp083: C:\Windows\System32\spool\prtprocs\x64\hpfpp083.dll [254464 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Windows x64\Print Processors\LMACGL4C: C:\Windows\System32\spool\prtprocs\x64\LMACGL4C.DLL [81920 2011-06-02] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\Windows\system32\AdobePDF.dll [51032 2008-04-07] (Adobe Systems, Incorporated -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MG5700 series: C:\Windows\system32\CNMLMCS.DLL [406528 2015-03-15] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\HP 6412 Status Monitor: C:\Windows\system32\hpinksts6412LM.dll [331664 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP C611 Status Monitor: C:\Windows\system32\hpinkstsC611LM.dll [333344 2013-05-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Discovery Port Monitor (HP Officejet 4620 series): C:\Windows\system32\HPDiscoPM6412.dll [741480 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\Windows\system32\hpbprtmon.dll [404992 2013-08-10] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\hpf3l083.dll: C:\Windows\system32\hpf3l083.dll [134144 2008-10-06] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\109.0.5414.149\Installer\chrmstp.exe [2023-06-14] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
AppInit_DLLs: acaptuser64.dll => C:\Windows\system32\acaptuser64.dll [119160 2008-06-12] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2021-01-08]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {A3BE46D2-2373-42DC-891B-9F3E315317EA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564152 2023-04-03] (Adobe Inc. -> Adobe Inc.)
Task: {C1BB4AD9-42BC-4028-9756-99E7BACEAECB} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [4977592 2023-07-12] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
Task: {1B19C810-13C3-4EF7-823B-BD17E1F76D93} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {30DAE366-7B0A-46D7-B841-DED6EDB41F60} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2172344 2023-04-12] (AVG Technologies USA, LLC -> AVG Technologies)
Task: {41D3515E-BCA9-4F9F-825D-D32EE3EA102C} - System32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupdate.exe [33456 2022-04-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {58B040EB-6780-459B-82DE-8AE267E10B50} - System32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002 => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupload.exe [33456 2022-04-24] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {E6972DA0-CA78-44C2-BD44-BD114237CD28} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [31000 2023-06-14] (Garmin International, Inc. -> )
Task: {AEE99C6E-BE10-4C77-9879-423F5B78679C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {3A918669-731A-4E2F-9697-B7F16E6AC905} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-03-23] (Google Inc -> Google Inc.)
Task: {BBF4AC2F-7854-45DB-85D7-B7A22AA481D8} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1343904 2013-06-07] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
Task: {1F48120B-7199-4856-864F-7C6EDD81E6A7} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {727DDE06-14C8-478D-BEB9-A062B678A67F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {EE2A569C-E438-4413-9326-3277AF5EF8AC} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {C27A502D-B201-4500-B7E1-80165CAC8733} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {58B56674-1BEB-4B07-A3C5-4677192C687F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {A0DC4F03-C927-4745-BDE6-EA278DAB338B} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {B0F0631E-2207-475B-84FA-B0252B64EBF3} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {985682FA-6F10-4A9E-8ECC-84780168E985} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {CE338E22-89C8-416B-8FD9-222E42EA9734} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {38BFC73B-B113-4E35-AB28-4F278C239D72} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckTest => C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe [104719784 2021-07-01] (HP Inc. -> HP Inc.)
Task: {752D6386-AA93-4101-A4DA-13945C0CF152} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {AB63B974-B43B-4076-B589-9EF6F182DF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [134768 2021-04-01] (HP Inc. -> HP Inc.)
Task: {13BF1262-359A-4C1D-B006-3A1C479191B6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {9D234D2A-19FB-4931-8C12-EDF88D15FD30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {FD931883-2736-4D6A-874C-D058E7DEEF1E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2021-04-01] (HP Inc. -> HP Inc.)
Task: {56F2C949-779D-44D6-B5AD-B00460D675D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [57176 2020-08-20] (HP Inc. -> HP Inc.)
Task: {5B018BBE-B5C2-4BFF-BDDE-7E3D0A961433} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {40A9B515-E11E-467C-A581-B9039C8AA596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [324952 2020-08-20] (HP Inc. -> HP Inc.)
Task: {52402E40-0599-4C9A-A41E-199DC7B9F7E0} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {5DA8520C-8C9E-4F90-BAC2-03C92A80859C} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated -> Synaptics Incorporated)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002.job => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002.job => C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\g2mupload.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{486B1D7C-1E02-42D5-B6AA-A45F73E675F1}: [DhcpNameServer] 192.168.2.1 207.164.234.193
Tcpip\..\Interfaces\{7C57A303-A069-4AAA-A050-8A4F276FEC6D}: [DhcpNameServer] 192.168.3.5 192.168.3.1
 
Edge: 
=======
Edge Profile: C:\Users\Beatrice\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-14]
 
FireFox:
========
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2023-07-03] (Adobe Inc. -> Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default [2023-07-31]
CHR Notifications: Default -> hxxps://app.gotowebinar.com; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://hmsd.edsby.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://newtonsgrove.edsby.com; hxxps://nowtoronto.com; hxxps://web.skype.com; hxxps://www.680news.com; hxxps://www.explore-mag.com; hxxps://www.facebook.com; hxxps://www.horizonwebref.com; hxxps://www.messenger.com; hxxps://www.myswitzerland.com; hxxps://www.pinterest.ca; hxxps://www.point2homes.com; hxxps://www.reddit.com; hxxps://www.shutterflycanada.ca; hxxps://www.thestar.com; hxxps://www0.123movieshub.sc
CHR Extension: (uBlock Origin) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2023-07-29]
CHR Extension: (Google Docs Offline) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-05-24]
CHR Extension: (Skype) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2022-05-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-28]
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-08-20]
CHR Profile: C:\Users\Beatrice\AppData\Local\Google\Chrome\User Data\System Profile [2023-03-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [99328 2013-08-19] () [File not signed]
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [173040 2023-04-03] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-03-16] (Apple Inc. -> Apple Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [619448 2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AVG Tools; C:\Program Files\AVG\Antivirus\avgToolsSvc.exe [620472 2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [8851384 2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
R2 AvgWscReporter; C:\Program Files\AVG\Antivirus\wsc_proxy.exe [109480 2021-10-14] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2014-02-26] (Macrovision Corporation -> Macrovision Europe Ltd.) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [403576 2021-04-01] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-03-12] (Nero AG -> Nero AG)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [112144 2021-05-18] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avgArDisk; C:\Windows\System32\drivers\avgArDisk.sys [31408 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgArPot; C:\Windows\System32\drivers\avgArPot.sys [237512 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\System32\drivers\avgbidsdriver.sys [392872 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\System32\drivers\avgbidsh.sys [297912 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\System32\drivers\avgbuniv.sys [96512 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgKbd; C:\Windows\System32\drivers\avgKbd.sys [39688 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgMonFlt; C:\Windows\System32\drivers\avgMonFlt.sys [272096 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\System32\drivers\avgRdr2.sys [105288 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\System32\drivers\avgRvrt.sys [80456 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\System32\drivers\avgSnx.sys [943496 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\System32\drivers\avgSP.sys [704352 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\Windows\System32\drivers\avgStm.sys [212672 2023-06-08] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\System32\drivers\avgVmm.sys [319600 2023-07-12] (Microsoft Windows Hardware Compatibility Publisher -> AVG Technologies CZ, s.r.o.)
S3 blackberryncm; C:\Windows\system32\DRIVERS\blackberryncm6_AMD64.sys [36360 2016-04-06] (Microsoft Windows Hardware Compatibility Publisher -> BlackBerry)
S3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2013-09-23] (Akeo Consulting -> hxxp://libusb-win32.sourceforge.net)
S3 Netaapl; C:\Windows\system32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
S3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [18432 2015-05-26] (BlackBerry Limited) [File not signed]
S3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Microsoft Windows Hardware Compatibility Publisher -> Research in Motion Ltd)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [290008 2013-07-05] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [27744 2021-03-09] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Mediatek Inc. -> Ralink Technology, Corp.)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [174112 2022-09-30] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [31840 2016-03-23] (Hewlett-Packard Company -> HP)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-07-31 12:09 - 2023-07-31 12:12 - 000030491 _____ C:\Users\Beatrice\Desktop\FRST.txt
2023-07-31 12:09 - 2023-07-31 12:09 - 000000000 ____D C:\Users\Beatrice\Desktop\FRST-OlderVersion
2023-07-31 12:08 - 2023-07-31 12:11 - 000000000 ____D C:\FRST
2023-07-31 12:07 - 2023-07-31 12:09 - 002384384 _____ (Farbar) C:\Users\Beatrice\Desktop\FRST64 (1).exe
2023-07-31 12:00 - 2023-07-31 12:00 - 002299904 _____ (Farbar) C:\Users\Beatrice\Downloads\FRST64 (1).exe
2023-07-30 21:39 - 2023-07-30 21:39 - 000066108 _____ C:\Users\Beatrice\Downloads\Proposed Peewee Playoffs.pdf
2023-07-29 13:52 - 2023-07-29 13:52 - 000849011 _____ C:\Users\Beatrice\Downloads\PDF_104742096_2023-07-26_232.pdf
2023-07-29 13:10 - 2023-07-29 13:10 - 000778020 _____ C:\Users\Beatrice\Downloads\statement (39).pdf
2023-07-25 16:14 - 2023-07-25 16:14 - 001670043 _____ C:\Users\Beatrice\Downloads\407ETRStatement (4).pdf
2023-07-25 15:47 - 2023-07-25 15:47 - 000012891 _____ C:\Users\Beatrice\Desktop\Scottish Country Dance books.xlsx
2023-07-24 16:01 - 2023-07-24 16:01 - 000185469 _____ C:\Users\Beatrice\Downloads\20867597.pdf
2023-07-23 07:58 - 2023-07-23 07:58 - 000743717 _____ C:\Users\Beatrice\Downloads\Alpine European Imports Meat Orderlow (3).pdf
2023-07-23 07:57 - 2023-07-23 07:57 - 000625254 _____ C:\Users\Beatrice\Downloads\alpinecheeselow (3).pdf
2023-07-23 07:57 - 2023-07-23 07:57 - 000076750 _____ C:\Users\Beatrice\Downloads\alpinewinter2023otherpricelist (3).pdf
2023-07-21 13:32 - 2023-07-21 13:33 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023 (2).xlsx
2023-07-21 13:32 - 2023-07-21 13:32 - 000194454 _____ C:\Users\Beatrice\Downloads\J-23LO02A - July 23_Le Meraviglie Del San Lorenzo - Italian (1).pdf
2023-07-21 08:06 - 2023-07-21 08:06 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023 (2).xlsx
2023-07-21 07:44 - 2023-07-21 07:44 - 001325456 _____ C:\Users\Beatrice\Downloads\Database - Test 1.xlsx
2023-07-21 07:25 - 2023-07-21 07:25 - 000044032 _____ C:\Users\Beatrice\Downloads\Template Receipts (1).xls
2023-07-21 07:24 - 2023-07-21 07:24 - 000414915 _____ C:\Users\Beatrice\Downloads\Aerofleet - Example (1).pdf
2023-07-21 07:22 - 2023-07-21 07:22 - 000587546 _____ C:\Users\Beatrice\Downloads\EXAMPLE - M&G TD Schedule_Completed 2023 (1).xlsx
2023-07-21 07:20 - 2023-07-21 07:20 - 000056320 _____ C:\Users\Beatrice\Downloads\EXPENSE REPORT 2023 NEW (4).xls
2023-07-21 07:07 - 2023-07-21 07:07 - 002787615 _____ C:\Users\Beatrice\Downloads\TH_5941780000_2023_07_19.pdf
2023-07-20 15:40 - 2023-07-20 15:40 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023 (1).xlsx
2023-07-20 07:23 - 2023-07-20 07:23 - 000587546 _____ C:\Users\Beatrice\Downloads\EXAMPLE - M&G TD Schedule_Completed 2023.xlsx
2023-07-20 07:23 - 2023-07-20 07:23 - 000056320 _____ C:\Users\Beatrice\Downloads\EXPENSE REPORT 2023 NEW (3).xls
2023-07-20 07:22 - 2023-07-20 07:22 - 000414915 _____ C:\Users\Beatrice\Downloads\Aerofleet - Example.pdf
2023-07-20 07:21 - 2023-07-20 07:21 - 000044032 _____ C:\Users\Beatrice\Downloads\Template Receipts.xls
2023-07-20 07:00 - 2023-07-20 07:00 - 000585817 _____ C:\Users\Beatrice\Downloads\Beatrice C. - M&G - Schedule -July 2023.xlsx
2023-07-20 06:25 - 2023-07-20 06:25 - 000194454 _____ C:\Users\Beatrice\Downloads\J-23LO02A - July 23_Le Meraviglie Del San Lorenzo - Italian.pdf
2023-07-19 08:13 - 2023-07-19 08:13 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023 (1).xlsx
2023-07-19 08:11 - 2023-07-19 08:11 - 000020959 _____ C:\Users\Beatrice\Downloads\Beatrice HorizonWebRef RB 2023.xlsx
2023-07-17 22:01 - 2023-07-17 22:01 - 000097703 _____ C:\Users\Beatrice\Downloads\EBill_230717.pdf
2023-07-16 21:25 - 2023-07-16 21:25 - 000759632 _____ C:\Users\Beatrice\Downloads\2017 Rider brochure.pdf
2023-07-16 20:08 - 2023-07-16 20:08 - 004123253 _____ C:\Users\Beatrice\Downloads\DeBTO 2023 Volunteer Info Session (1).pdf
2023-07-15 07:55 - 2023-07-15 07:55 - 000141530 _____ C:\Users\Beatrice\Downloads\Chachel - Deposit Receipt.pdf
2023-07-12 20:38 - 2023-07-12 20:38 - 000117790 _____ C:\Users\Beatrice\Downloads\CostanzoReg.PDF
2023-07-12 10:48 - 2023-07-12 10:48 - 000712833 _____ C:\Users\Beatrice\Downloads\Air_Canada_Booking_Confirmation_3Y9Y4V (1).pdf
2023-07-12 10:07 - 2023-07-12 10:07 - 000076000 _____ C:\Users\Beatrice\Downloads\2023 Schedule- Varsity revised July 11th.xlsx
2023-07-12 10:00 - 2023-07-12 09:58 - 000313272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2023-07-11 21:37 - 2023-07-11 21:37 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124 (2).pdf
2023-07-11 21:37 - 2023-07-11 21:37 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124 (1).pdf
2023-07-11 21:35 - 2023-07-11 21:35 - 000045831 _____ C:\Users\Beatrice\Downloads\terms-and-conditions-en.pdf
2023-07-11 21:34 - 2023-07-11 21:34 - 000021910 _____ C:\Users\Beatrice\Downloads\invoice-43124.pdf
2023-07-09 10:30 - 2023-07-09 10:30 - 002390748 _____ C:\Users\Beatrice\Downloads\reg form page 1.pdf
2023-07-07 15:10 - 2023-07-07 15:11 - 000116434 _____ C:\Users\Beatrice\Downloads\MSDC Booking Confirmation (1).pdf
2023-07-06 22:14 - 2023-07-06 22:14 - 003371052 _____ C:\Users\Beatrice\Downloads\Baseball Ontario Concussion Designated Person - Aviators 2023.pdf
2023-07-06 21:48 - 2023-07-06 21:48 - 000335087 _____ C:\Users\Beatrice\Downloads\Beatrice Chachel - 2023 - Revised July 06, 2023 (1).pdf
2023-07-06 21:42 - 2023-07-06 21:42 - 000335063 _____ C:\Users\Beatrice\Downloads\Beatrice Chachel - 2023 - Revised July 06, 2023.pdf
2023-07-05 23:25 - 2023-07-05 23:25 - 004067755 _____ C:\Users\Beatrice\Downloads\Canadian Contrasts (1).pdf
2023-07-05 23:15 - 2023-07-05 23:15 - 004067755 _____ C:\Users\Beatrice\Downloads\Canadian Contrasts.pdf
2023-07-03 17:32 - 2023-07-03 17:32 - 000332398 _____ C:\Users\Beatrice\Downloads\baseball_ontario_designated_person_policy_01-06-222022-01-21t16-15-02v001_by_292__ (1).pdf
2023-07-02 19:40 - 2023-07-02 19:40 - 000339405 _____ C:\Users\Beatrice\Downloads\CNA Personal Gear List (2).pdf
2023-07-02 19:37 - 2023-07-02 19:37 - 000339405 _____ C:\Users\Beatrice\Downloads\CNA Personal Gear List (1).pdf
2023-07-02 19:36 - 2023-07-02 19:36 - 000118785 _____ C:\Users\Beatrice\Downloads\What's Included - NWT (FS) (2).pdf
2023-07-02 19:36 - 2023-07-02 19:36 - 000118785 _____ C:\Users\Beatrice\Downloads\What's Included - NWT (FS) (1).pdf
2023-07-02 19:35 - 2023-07-02 19:35 - 000143350 _____ C:\Users\Beatrice\Downloads\Upper Nahanni 2024 - Travel Itinerary.pdf
2023-07-02 19:34 - 2023-07-02 19:34 - 000187418 _____ C:\Users\Beatrice\Downloads\Chachel - Trip Invoice (2).pdf
2023-07-02 19:30 - 2023-07-02 19:30 - 000187418 _____ C:\Users\Beatrice\Downloads\Chachel - Trip Invoice (1).pdf
2023-07-02 18:41 - 2023-07-02 18:41 - 000098461 _____ C:\Users\Beatrice\Downloads\alpinefall2023privateorderform (1).pdf
2023-07-02 18:28 - 2023-07-02 18:28 - 000068785 _____ C:\Users\Beatrice\Downloads\Chachel-Yee Invoice.pdf
2023-07-02 18:23 - 2023-07-02 18:23 - 000138586 _____ C:\Users\Beatrice\Downloads\Chachel-Yee Invoice 665089.pdf
2023-07-01 07:14 - 2023-07-01 07:14 - 000098461 _____ C:\Users\Beatrice\Downloads\alpinefall2023privateorderform.pdf
2023-07-01 07:07 - 2023-07-01 07:07 - 000014124 _____ C:\Users\Beatrice\Downloads\Copy of updated june 9 peewee  schedule.xlsx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2023-07-31 12:07 - 2014-02-24 23:10 - 000000000 ____D C:\Program Files (x86)\Google
2023-07-31 12:02 - 2014-02-24 22:57 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\ClassicShell
2023-07-31 06:23 - 2013-10-07 03:40 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2023-07-31 06:19 - 2021-05-27 16:30 - 000000670 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002.job
2023-07-31 05:49 - 2021-05-27 16:30 - 000000574 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002.job
2023-07-30 20:24 - 2022-01-18 19:07 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2023-07-30 20:24 - 2021-10-14 13:03 - 000003904 _____ C:\Windows\system32\Tasks\Antivirus Emergency Update
2023-07-30 20:24 - 2021-05-04 14:01 - 000003676 _____ C:\Windows\system32\Tasks\G2MUploadTask-S-1-5-21-3281177217-869368764-2006139627-1002
2023-07-30 20:24 - 2021-05-04 14:01 - 000003580 _____ C:\Windows\system32\Tasks\G2MUpdateTask-S-1-5-21-3281177217-869368764-2006139627-1002
2023-07-30 20:24 - 2019-03-28 22:30 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2023-07-30 20:24 - 2018-10-15 22:50 - 000000000 ____D C:\Windows\system32\Tasks\AVAST Software
2023-07-30 20:24 - 2018-03-23 10:24 - 000003628 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2023-07-30 20:24 - 2018-03-23 10:24 - 000003500 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2023-07-30 20:24 - 2017-02-23 21:49 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{A8BB549A-4BE4-455E-9E7D-0D0CF353FA4E}
2023-07-30 20:24 - 2014-02-24 22:43 - 000003938 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{E86B3FDE-7E6F-4AC9-87C7-512C4E67B12B}
2023-07-30 20:24 - 2013-10-07 03:42 - 000002990 _____ C:\Windows\system32\Tasks\Synaptics TouchPad Enhancements
2023-07-26 21:59 - 2015-03-30 20:34 - 000918960 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2023-07-25 16:29 - 2014-02-26 18:08 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Word
2023-07-25 15:52 - 2014-02-26 18:10 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Excel
2023-07-18 08:28 - 2023-01-10 10:33 - 000000000 ____D C:\Users\Beatrice\Desktop\Jonview
2023-07-15 19:47 - 2014-07-05 11:17 - 000000000 ____D C:\Users\Beatrice\Documents\ladies trips
2023-07-15 19:47 - 2014-02-26 18:21 - 000000000 ____D C:\Windows\system32\MRT
2023-07-15 19:28 - 2014-02-26 18:20 - 173351160 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2023-07-15 07:33 - 2013-08-26 02:09 - 000958016 _____ C:\Windows\system32\PerfStringBackup.INI
2023-07-15 07:33 - 2013-08-22 09:36 - 000000000 ____D C:\Windows\Inf
2023-07-12 20:33 - 2014-07-01 15:43 - 004024320 ___SH C:\Users\Beatrice\Desktop\Thumbs.db
2023-07-12 10:17 - 2014-02-24 22:49 - 000003598 _____ C:\Windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3281177217-869368764-2006139627-1002
2023-07-12 10:05 - 2021-01-08 09:09 - 000000000 ____D C:\Users\Beatrice\Desktop\Steven and Amanda's payments
2023-07-12 09:58 - 2021-10-14 13:03 - 000704352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000319600 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000297912 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsh.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000272096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000105288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000096512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbuniv.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000080456 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2023-07-12 09:58 - 2021-10-14 13:03 - 000039688 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgKbd.sys
2023-07-12 09:57 - 2021-10-14 13:03 - 000943496 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2023-07-12 09:57 - 2021-10-14 13:03 - 000392872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriver.sys
2023-07-12 09:57 - 2021-10-14 13:03 - 000237512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArPot.sys
2023-07-12 09:57 - 2021-10-14 13:03 - 000031408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgArDisk.sys
2023-07-11 22:21 - 2022-10-12 23:51 - 000002046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader.lnk
2023-07-09 10:33 - 2018-11-24 08:31 - 000000000 ____D C:\Users\Beatrice\Desktop\Baseball registrations 2013-2018
2023-07-07 08:08 - 2023-01-11 09:54 - 000000000 ____D C:\Users\Beatrice\Desktop\Alpine foods
2023-07-03 11:54 - 2021-04-29 17:24 - 000000000 ____D C:\Users\Beatrice\Desktop\Alison
2023-07-03 01:11 - 2018-01-25 23:20 - 000000000 ____D C:\Users\Beatrice\AppData\Roaming\Microsoft\Skype for Desktop
2023-07-02 13:04 - 2021-02-02 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2023-07-02 12:55 - 2015-10-24 19:58 - 000000000 ____D C:\ProgramData\Avg
2023-07-02 12:54 - 2013-08-22 10:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
 
==================== Files in the root of some directories ========
 
2014-04-06 09:24 - 2014-04-06 09:24 - 000000000 _____ () C:\Users\Beatrice\AppData\Roaming\bitlord_log.txt
2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.Exception.log
2014-09-29 23:03 - 2019-07-17 11:22 - 000003874 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2014-09-29 23:04 - 2019-07-17 11:20 - 000000539 _____ () C:\Users\Beatrice\AppData\Roaming\Rim.DesktopHelper.Exception.log
2015-01-25 19:37 - 2015-01-25 19:37 - 000003584 _____ () C:\Users\Beatrice\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2021-10-14 13:58 - 2021-10-14 13:58 - 000000017 _____ () C:\Users\Beatrice\AppData\Local\resmon.resmoncfg
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2023-07-21 07:03
==================== End of FRST.txt ========================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2023
Ran by Beatrice (31-07-2023 12:21:40)
Running from C:\Users\Beatrice\Desktop
Microsoft Windows 8.1 (Update) (X64) (2014-02-25 02:41:28)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3281177217-869368764-2006139627-500 - Administrator - Disabled)
Beatrice (S-1-5-21-3281177217-869368764-2006139627-1002 - Administrator - Enabled) => C:\Users\Beatrice
Guest (S-1-5-21-3281177217-869368764-2006139627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3281177217-869368764-2006139627-1004 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Antivirus (Enabled - Up to date) {18A975F9-A60C-37D8-E30B-4BEF31AD3411}
AS: AVG Antivirus (Enabled - Up to date) {A3C8941D-8036-3856-D9BB-709D4A2A7EAC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 23.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-2300-000001000000}) (Version: 23.00.00.0 - Igor Pavlov)
Adobe Acrobat 9 Pro Extended - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7761-000000000004}{AC76BA86-1033-F400-7761-000000000004}) (Version: 9.0.0 - Adobe Systems)
Adobe Acrobat 9 Pro Extended 64-bit Add-On (HKLM\...\{AC76BA86-1033-0000-0064-0003D0000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 23.003.20244 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\{10E33ABF-D7FB-4F47-900A-7973854AB45A}) (Version: 32.0.0.89 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601047}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\Amazon Kindle) (Version: 1.28.0.57030 - Amazon)
AMD Accelerated Video Transcoding (HKLM\...\{4A6E8B9D-68EB-08B6-F7F0-0D036A883744}) (Version: 13.15.100.30819 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E825A27F-01E0-1BB8-6A7D-DD769D57E4B0}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{024A2B3C-8BF6-4B42-A59D-5EC1D1777449}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{5C028510-A6A1-409A-A2BF-4DCB43B21EF9}) (Version: 7.6 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{5C7D4FCF-80C5-4520-9934-D50532AAC59C}) (Version: 7.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{74CC99EB-7DC0-4CB0-847A-F8C2FE39690C}) (Version: 14.5.0.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
AVG AntiVirus Free (HKLM\...\AVG Antivirus) (Version: 23.6.3290 - AVG Technologies)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center - Branding (HKLM-x32\...\{118DD9F0-49FE-498E-A2EE-F33423C1394C}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Elevated Installer (HKLM-x32\...\{D44250C2-29CB-4BE4-9DA4-3E6F9AB6A5D4}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
File Viewer Plus 4 (HKLM-x32\...\{5C61A881-C34E-405E-8C33-800821A618CF}_is1) (Version: 4.0.1 - Sharpened Productions)
Galerie de photos (HKLM-x32\...\{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{93d474a6-3469-4be9-aba9-1eea99932d12}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{C3E57AA3-A88B-4C20-91C8-1386C4993A1A}) (Version: 7.17.3.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 109.0.5414.149 - Google LLC)
GoTo Opener (HKLM-x32\...\{E69269DB-A77B-4BC1-8F39-241107B09F26}) (Version: 1.0.539 - LogMeIn, Inc.)
GoToMeeting 10.19.0.19950 (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\GoToMeeting) (Version: 10.19.0.19950 - LogMeIn, Inc.)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Battery Recall Utility (HKLM-x32\...\{26ACF49F-254F-491C-B08E-AAA0D5C982CF}) (Version: 1.3.0.5 - Hewlett-Packard) Hidden
HP Battery Recall Utility (HKLM-x32\...\{40770191-b457-4e92-9e2e-386a15408136}) (Version: 1.3.0.5 - HP Inc.)
HP CASL Framework (HKLM-x32\...\{5094249B-9542-4536-AE76-B769EE085C99}) (Version: 7.0.5.1 - HP)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Customer Experience Enhancements (HKLM-x32\...\{07FA4960-B038-49EB-891B-9F95930AA544}) (Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP PC Hardware Diagnostics Windows (HKLM-x32\...\{ECCFEFB0-A6EB-4BB3-9C9D-690370ED0C6D}) (Version: 1.7.0.0 - HP Inc.)
HP Photosmart C4600 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{FF5C86D0-09EA-43B8-A11C-7B8F7DA7FC51}) (Version: 14.0 - HP)
HP Postscript Converter (HKLM\...\{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}) (Version: 4.5.12202 - Hewlett-Packard) Hidden
HP Recovery Manager (HKLM-x32\...\{E849965E-4771-440C-936F-AF5BFD144416}) (Version: 11.00 - Hewlett-Packard) Hidden
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{54ECA61C-83AE-4EE3-A9F7-848155A33386}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{FF81F9EB-61C1-48A4-8EE5-45C5D61BC0E0}) (Version: 12.19.53.13 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}) (Version: 1.0.9 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard)
iTunes (HKLM\...\{E6FF3475-A35E-481F-8A8E-3D73CF3A30A1}) (Version: 12.10.11.2 - Apple Inc.)
K-Lite Mega Codec Pack 10.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.3.0 - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PRJPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-002A-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_PRJPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0116-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}) (Version:  - Microsoft) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0117-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (HKLM-x32\...\{90120000-00BA-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0114-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (HKLM\...\{90120000-002A-0000-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-00B4-0409-0000-0000000FF1CE}_PRJPRO_{F3CD3F3F-726C-4414-A1FE-5CD0968313EA}) (Version:  - Microsoft) Hidden
Microsoft Office Project MUI (English) 2007 (HKLM-x32\...\{90120000-00B4-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2007 (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2007 (HKLM-x32\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (HKLM-x32\...\{90120000-002C-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PRJPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_PRJPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_PRJPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (HKLM\...\{90120000-002A-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (HKLM\...\{90120000-0116-0409-1000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (HKLM-x32\...\{90120000-0115-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}) (Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSVCRT (HKLM-x32\...\{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}) (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (HKLM-x32\...\{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}) (Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (HKLM\...\{E9FA781F-3E80-4399-825A-AD3E11C28C77}) (Version: 16.4.1109.0912 - Microsoft) Hidden
Nero 7 Ultra Edition (HKLM-x32\...\{43FFE159-3199-4188-A1CD-629166AD1033}) (Version: 7.02.6445 - Nero AG)
neroxml (HKLM-x32\...\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}) (Version: 1.0.0 - Nero AG) Hidden
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Photo Common (HKLM-x32\...\{A52DB080-D445-49EB-90D2-03B9CD794511}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Common (HKLM-x32\...\{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{0F929651-F516-4956-90F2-FFBD2CD5D30E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (HKLM-x32\...\{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.29068 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype version 8.99 (HKLM-x32\...\Skype_is1) (Version: 8.99 - Skype Technologies S.A.)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live (HKLM-x32\...\{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (HKLM-x32\...\{03D562B5-C4E2-4846-A920-33178788BE00}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\{5E094C92-6288-4F43-AA9A-D452D0218F3F}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Installer (HKLM-x32\...\{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (HKLM-x32\...\{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (HKLM-x32\...\{E3445598-4424-4EE2-B71C-C23325F7FB71}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (HKLM-x32\...\{6B6923B9-8719-425B-916C-CD2908F31AAF}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (HKLM-x32\...\{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (HKLM-x32\...\{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{119A44B5-6237-4D56-8424-5DAE70ED3F4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (HKLM-x32\...\{2AC01935-3774-4981-98C8-14E93C14372C}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
Zoom (HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\ZoomUMX) (Version: 5.14.11 (17466) - Zoom Video Communications, Inc.)
Zoom Outlook Plugin (HKLM-x32\...\{1BD8B0E0-0FBF-4F56-8F11-CE09B34EAD2F}) (Version: 5.0.24936 - Zoom)
 
Packages:
=========
Box for Windows 8 -> C:\Program Files\WindowsApps\134D4F5B.Box_2.1.4.4_neutral__2qk4zy5s3qmee [2015-11-13] (Box, Inc.)
Browser Choice -> C:\Windows\BrowserChoice [2014-03-13] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.6.0.34_neutral__1618n3s9xq8tw [2015-03-30] (eBay, Inc)
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]
Getting Started with Windows 8 -> C:\Program Files\WindowsApps\AD2F1837.GettingStartedwithWindows8_1.6.0.0_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)
HP Registration -> C:\Program Files\WindowsApps\AD2F1837.HPRegistration_1.2.1.166_neutral__v10z8vjag6ke6 [2015-03-30] (Hewlett-Packard Company)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2015-06-24] (AMZN Mobile LLC)
McAfee® Central for HP -> C:\Program Files\WindowsApps\2703103D.McAfeeCentral_5.0.177.1_x64__4ehj4w4frejdr [2018-04-04] (.-McAfee Inc-.)
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_2.10.1812.2002_x86__8wekyb3d8bbwe [2019-02-03] (Microsoft Studios) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_2.11.1807.1002_x86__8wekyb3d8bbwe [2018-07-26] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2016-04-26] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2016-04-30] (Microsoft Corporation) [MS Ad]
MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-16] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2016-11-25] (Microsoft Corporation) [MS Ad]
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2015-03-30] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_2.22.0.39_x64__mcm4njqhnhss8 [2018-10-28] (Netflix, Inc.)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2015-06-24] (Skype) [MS Ad]
Snapfish -> C:\Program Files\WindowsApps\AD2F1837.HPConnectedPhotopoweredbySnapfish_5.5.0.8_x86__v10z8vjag6ke6 [2016-05-08] (HP Inc.)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2015-11-07] (Microsoft Corporation) [MS Ad]
YouCam for HP -> C:\Program Files\WindowsApps\CyberLinkCorp.hs.YouCamforHP_1.0.2.29632_x86__06qsbagp91rvg [2015-03-30] (CYBERLINKCOM CORP)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Beatrice\AppData\Local\GoToMeeting\19950\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-3281177217-869368764-2006139627-1002_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ShellIconOverlayIdentifiers: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers3: [00avg] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-08-19] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2023-05-07] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\..\Acrobat Elements\ContextMenu64.dll [] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2023-06-08] (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext64.dll [2006-12-11] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRar\rarext.dll [2007-05-05] () [File not signed]
 
==================== Codecs (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3554304 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [258560 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3649536 2013-03-17] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-02-06] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Virus, Spyware, Malware Removal - Geeks to Go Forum.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jcfpchlolkpkfbmmkepnghpcfkfpccnc
 
==================== Loaded Modules (Whitelisted) =============
 
2014-02-26 20:55 - 2006-12-11 03:14 - 000043008 _____ () [File not signed] C:\Program Files (x86)\WinRar\rarext64.dll
2013-08-19 16:48 - 2013-08-19 16:48 - 000016896 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AS4.NativeProxy.dll
2013-08-19 16:47 - 2013-08-19 16:47 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-08-19 16:47 - 2013-08-19 16:47 - 000102400 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000031232 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\A4.Foundation\62c8d4d8e4afaabf1919f9430fbf6b8a\A4.Foundation.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000022528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Actions5dc83b46#\29a1aed4d2280db33e56f4b688604384\AEM.Actions.CCAA.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.0a1309f7#\14105dff33849aa4a2d76e51a6e75715\AEM.Plugin.EEU.Shared.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.2b6a6775#\4f7f44015eeb9072ad85e5aa5336551a\AEM.Plugin.Hotkeys.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.4adf1574#\5956990156f067882e280676df6d0f95\AEM.Plugin.Audio.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000016384 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.54d8abe3#\10318a25cde13510d0626f5a030732ff\AEM.Plugin.DPPE.Shared.ni.dll
2022-12-18 10:55 - 2022-12-18 10:55 - 000281600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.5d945b6b#\facc0e83a0613dff84940efe4e4cce23\AEM.Plugin.Source.Kit.Server.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.674d2b8a#\175a0c759bd6b345492bf6bd46734c22\AEM.Plugin.WinMessages.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.88aba5d2#\ed87ff12f2f09038d750f72ffaa99139\AEM.Plugin.REG.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Plugin.GD.Shared\e96e58945896dd8a779e452635576d5a\AEM.Plugin.GD.Shared.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server.Shared\356788f4a9310d61a854d4310ea87a5b\AEM.Server.Shared.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000267776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\AEM.Server\71724dfc4b520e5a8b968890768a718c\AEM.Server.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Foundation\70f7dded96984fbed59a0f6c81ea10c7\APM.Foundation.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000122880 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ATICCCom\6fe8bd18bedf333ecb9bffd0fb627178\ATICCCom.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000204288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CCC.Implementation\f77ee4629143e53a22e4bfbb07266b98\CCC.Implementation.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.2042675f#\bddacae3b4e78402980fb5bc37931e6a\CLI.Aspect.CPUPStates.Fuel.Dashboard.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 000153088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.21d2ac78#\acd7543ffc050e41e7d3af844970d473\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000128000 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3399d0ec#\6af109c7f39d24bb623130ed0f29521e\CLI.Aspect.CustomFormats.Graphics.Shared.ni.dll
2022-09-25 18:23 - 2022-09-25 18:23 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.37d3d968#\8b15ce616a3c58f9c6e1fef69ed49b12\CLI.Aspect.AMDHome.Graphics.Shared.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000045568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.382a3def#\c3ffe1d1d555a1c8166a056b02c524c9\CLI.Aspect.AMDOverDrive.Platform.Shared.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000072192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.398e7f7a#\0cca46169ee38c08aeca78afc89593af\CLI.Aspect.A4.A4.Shared.ni.dll
2022-09-25 18:25 - 2022-09-25 18:25 - 000107008 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.3a6f1658#\e053ec35f4a81c7fb06b5afc5bfb06cc\CLI.Aspect.TransCode.Graphics.Shared.ni.dll
2022-09-25 18:23 - 2022-09-25 18:23 - 000209920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4542c692#\787ecf8565aa1f8080ca1d58f850464c\CLI.Aspect.DeviceCRT.Graphics.Shared.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000130048 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.46819220#\df9ab216f98ae6cd5b8016a326bd8645\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 000074752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4bbb0755#\bb482c51669d13a38d9215dcc1037189\CLI.Aspect.TransCode.Graphics.Dashboard.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000151040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.4ede500c#\8fa828637890a1deed2f16f505dd7f13\CLI.Aspect.DPPE.Fuel.Dashboard.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000074240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.59a12d95#\0f6ea1d0c7b7990e050d9f60d3108dee\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000111616 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.5a772e69#\b0ead6a690ab79d950179a5ea75fafe8\CLI.Aspect.Fets.Fuel.Dashboard.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.648b65fc#\c765e9c5ffce9b40b8c9d995501614b6\CLI.Aspect.WiFi.Fuel.Dashboard.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000263168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.73911eb5#\28c18c03e4a12ae1512cbc5f20893d55\CLI.Aspect.WirelessDisplay.Graphics.Shared.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.7ec2db45#\b592bd8718e328369e32b4965bfcc689\CLI.Aspect.DeviceDFP.Graphics.Shared.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 000616960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.846fa813#\dceaec2553f66211a104cb504b17d2f1\CLI.Aspect.MMVideo.Graphics.Dashboard.ni.dll
2022-09-25 18:25 - 2022-09-25 18:25 - 000741376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8d333b6b#\8bc79f38e03e594b895bcbccf1317232\CLI.Aspect.Radeon3D.Graphics.Shared.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000452608 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.8e996306#\302445170ce16194b2de52d2cb457475\CLI.Aspect.CrossDisplay.Graphics.Dashboard.ni.dll
2022-09-25 18:23 - 2022-09-25 18:23 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.a0ae52bc#\0ec1c76bf2549b90983c94a218503c49\CLI.Aspect.DeviceLCD.Graphics.Shared.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000462336 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.acb9d930#\9706b2dd5ec809a39076d535c1ff3f9c\CLI.Aspect.DeviceProperty.Graphics.Shared.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000086528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ae5e117c#\ecb6cb64d7089011ead7f9c6a2270985\CLI.Aspect.DisplaysColour2.Graphics.Shared.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000067072 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.b0a7c1fb#\e18d0b8dfc7c4b3b8f69bce4f8fafd54\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.ni.dll
2022-09-25 18:26 - 2022-09-25 18:26 - 000023552 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c2a2b491#\41d4231ba78f87c65af5dd55e3f4e7b2\CLI.Aspect.WiFi.Fuel.Shared.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000313344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c7aaa0f8#\653e0605189420589ae3290d45ab037b\CLI.Aspect.OverDrive5.Graphics.Shared.ni.dll
2022-06-20 23:59 - 2022-06-20 23:59 - 000017920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.c854b457#\005c141b7e017ea1168c2a14c99bda70\CLI.Aspect.HotkeysHandling.Graphics.Shared.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000081408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.caa5cc64#\9b6ca5a0c021d7addf0a2d566fa17829\CLI.Aspect.Fets.Fuel.Shared.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 001315840 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.d7e090dc#\fc82f0f2c724236aa4308e08e9fbab5b\CLI.Aspect.User.Fuel.Dashboard.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 000091136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e76f4137#\46b113e7a458a17fab56b6daa3f90347\CLI.Aspect.A4.A4.Dashboard.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000273408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e8635fc7#\f7bd2a46a0fd6a6401b808b441b6765b\CLI.Aspect.InfoCentre.Graphics.Dashboard.ni.dll
2022-12-18 10:58 - 2022-12-18 10:58 - 003358720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e9fd7406#\febf897d698115e8dcd0defc466527ab\CLI.Aspect.Radeon3D.Graphics.Dashboard.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000240128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.eda8935e#\1362348e15858d3705b43fcf39ae0379\CLI.Aspect.MMVideo.Graphics.Shared.ni.dll
2022-09-25 18:25 - 2022-09-25 18:25 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ef3eaa4d#\17472af431bbb7fb640565b59ffaa8ae\CLI.Aspect.TransCode.Graphics.Runtime.ni.dll
2022-09-25 18:23 - 2022-09-25 18:23 - 000070656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.efd83192#\8ac164b5670501aeebcdaf274e5f376c\CLI.Aspect.CPUPStates.Fuel.Shared.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f38af62f#\fb9f0d776e6fa4ef0752a6012c96f4d2\CLI.Aspect.A4.A4.Runtime.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000057856 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.f45bd021#\86a1b53c32583df232de1c2bf2aa7f17\CLI.Aspect.DPPE.Fuel.Shared.ni.dll
2022-09-25 18:29 - 2022-09-25 18:29 - 000051200 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Runtime\9f8e02711dd838686b926909182fd2df\CLI.Caste.A4.Runtime.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000044544 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.A4.Shared\7e9d312d672b5cb859f3e48b3269e886\CLI.Caste.A4.Shared.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Af820fedc#\3f390896132d58a6ba5a9d0442dbd869\CLI.Caste.A4.Dashboard.ni.dll
2022-09-25 18:23 - 2022-09-25 18:23 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F24de14fe#\5c2a5e74da0f4928dd70db459d86a30a\CLI.Caste.Fuel.Shared.ni.dll
2022-09-25 18:29 - 2022-09-25 18:29 - 000311296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.F36b07a2b#\f1a0a28f1fa22cad5c867fc2c2743c3d\CLI.Caste.Fuel.Runtime.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000027136 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Ff3085433#\98c55a15b717ba95b1292b2091966ad2\CLI.Caste.Fuel.Dashboard.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60338cc0#\82e85cdef48c466d641b5d0c98f5e84e\CLI.Caste.Graphics.Runtime.Shared.Private.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 001548800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gd9d9b43b#\acd9ff8dd0381b95c6f97ba3f9cc9e1c\CLI.Caste.Graphics.Dashboard.Shared.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000472576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Gee7d2dbc#\42caa77b9372e5cd50fcb4c010b50f45\CLI.Caste.Graphics.Dashboard.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H18c99613#\1d15cee787dc1e546bc019dbb2543d85\CLI.Caste.HydraVision.Runtime.ni.dll
2022-09-25 18:29 - 2022-09-25 18:29 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.H92ba4e46#\5ff00af6ac49b0d6d7980f771cf87b38\CLI.Caste.HydraVision.Shared.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000025600 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Hbb906c0b#\24e1519e8ea19719be2929ac9522973f\CLI.Caste.HydraVision.Dashboard.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000030720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pac40511b#\361489a75293c3b954b1027252af04a7\CLI.Caste.Platform.Shared.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pdb36d56e#\9b1071a2e455619be82f8c3a9be8a4a8\CLI.Caste.Platform.Runtime.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000024064 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.Pfeefa2b6#\cd8b23f2c12c587c09d9da62ab5601f8\CLI.Caste.Platform.Dashboard.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000350720 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combinee84f0351#\2b5a1f2978bf0b8bb165f256d9a71e2b\CLI.Combined.Fusion.Aspects.Runtime.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone1b4a8c97#\bbd0e9753c3e02ed55269a62041b5637\CLI.Component.Runtime.Shared.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000173568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone29e547cc#\1701521d831a3a64b25ce10f2e604013\CLI.Component.Dashboard.ProfileManager2.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000150528 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone59f353b4#\55639e9dfe36775aeea16f674e2a29a7\CLI.Component.Runtime.Shared.Private.ni.dll
2022-06-21 00:03 - 2022-06-21 00:03 - 000017408 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componeb4d0485c#\3bf95f59b9c4fa5a5a05009a0afa03d7\CLI.Component.Runtime.Extension.EEU.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 001603584 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componec89c3bec#\7bb28ff8d751600ee3a6b082fe509a05\CLI.Component.Dashboard.Shared.Private.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef1fd67b2#\a25229a214b7d64bf195d30c2620e337\CLI.Component.Client.Shared.ni.dll
2022-09-25 18:22 - 2022-09-25 18:22 - 000084480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Componef4cf054f#\8461635a62d4bc44abb0c8fbfb4dc906\CLI.Component.Dashboard.Shared.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat3d5d3945#\4e248765231973f8997a159d267207ed\CLI.Foundation.Private.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat60cdf5df#\dc2b828bcaec25ced111adbe1d53ff0e\CLI.Foundation.XManifest.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000089088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundat619559bd#\c029263646673592df8681dccd1a7d54\CLI.Foundation.CoreAudioAPI.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 000934400 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundatd3771151#\07678e41c77f7238078829d8fcca5a81\CLI.Foundation.Client.ni.dll
2022-12-18 10:55 - 2022-12-18 10:55 - 000301568 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Foundation\afef149278dcb553e2e37565b08138d4\CLI.Foundation.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics\47398db92a4f31a2b5ad19bd9533df82\DEM.Graphics.ni.dll
2022-09-25 18:29 - 2022-09-25 18:29 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Fuel.Foundation\1b1b9619817c01822c5fb2cffb04b3f0\Fuel.Foundation.ni.dll
2022-12-18 11:00 - 2022-12-18 11:00 - 000292864 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat03490438#\6194e953b2635d719f3738445c28859b\LOG.Foundation.Implementation.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000149504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundat5023f8e7#\ffaf28785234fa12465305925b5e5fb1\LOG.Foundation.Private.ni.dll
2022-08-19 20:20 - 2022-08-19 20:20 - 000087040 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundatcaafa75b#\56032dac22fc3f33995e79ca61c15e08\LOG.Foundation.Implementation.Private.ni.dll
2022-12-18 10:54 - 2022-12-18 10:54 - 000123392 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\LOG.Foundation\839ebf45448210d2dd20c99bd49f70fa\LOG.Foundation.ni.dll
2022-06-20 23:57 - 2022-06-20 23:57 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Foundation\8c5b0278f4656bf01c98ee5993bcc411\MOM.Foundation.ni.dll
2022-09-25 18:32 - 2022-09-25 18:32 - 000402944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\MOM.Implementation\b6f4a83b055ee46d59dbd5bef40e1ab5\MOM.Implementation.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000055296 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\NEWAEM.Foundation\2f282be24fb85db44399fea46ce0aff1\NEWAEM.Foundation.ni.dll
2013-08-19 16:38 - 2013-08-19 16:38 - 000897024 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-08-19 16:37 - 2013-08-19 16:37 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000774656 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ADL.Foundation\2df18e500bbcafb876de8a1086fb4b48\ADL.Foundation.ni.dll
2022-09-25 18:21 - 2022-09-25 18:21 - 000250880 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\APM.Server\6ea1503c826c078efd571faace078035\APM.Server.ni.dll
2022-09-25 18:24 - 2022-09-25 18:24 - 000297984 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.9b707b25#\0e44ac5900e70c78ca3039d3bdb85f6e\CLI.Aspect.DeviceProperty.Graphics.Runtime.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 001652736 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.aa59351a#\dfb119048e63c2f171878302b0ad924f\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000740864 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.e6d9f3a8#\19bc1a3352609efcfbd978a5b3227fa2\CLI.Aspect.DeviceDFP.Graphics.Dashboard.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 002559488 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine0616f305#\2ab22375378b19adcdb121590368e028\CLI.Combined.Graphics.Aspects1.Dashboard.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000989696 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Combine7332395e#\300728ace308be496d591239676cc9e9\CLI.Combined.Graphics.Aspects2.Runtime.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 000136704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone168638d1#\66ef4b8870a60ef5c1676d88499abbf6\CLI.Component.Client.Shared.Private.ni.dll
2022-09-25 18:30 - 2022-09-25 18:30 - 000233472 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6692ca50#\85dbd951e308570ff9994eea0d24b21b\CLI.Component.Runtime.ni.dll
2022-12-18 10:59 - 2022-12-18 10:59 - 000914944 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Compone6bf88b08#\e2bda54c5f0f265bf000ce4f60a3e2f7\CLI.Component.Dashboard.ni.dll
2022-06-21 00:00 - 2022-06-21 00:00 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0706\856d238b6b0bec4af466f401cf37c1ca\DEM.Graphics.I0706.ni.dll
2022-06-21 00:00 - 2022-06-21 00:00 - 000084480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0709\53e6f63e24cc454e048c210bb52a43ad\DEM.Graphics.I0709.ni.dll
2022-06-21 00:00 - 2022-06-21 00:00 - 000012288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0712\41901b2bb4be0433b2a2cbe7c6d27fb3\DEM.Graphics.I0712.ni.dll
2022-06-21 00:00 - 2022-06-21 00:00 - 000018432 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0804\fc03ddab1b5dea4214265421db9decc7\DEM.Graphics.I0804.ni.dll
2022-06-21 00:04 - 2022-06-21 00:04 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0805\ff42e597e1de8e4a1b1ef2ba1e8e99ae\DEM.Graphics.I0805.ni.dll
2022-06-21 00:04 - 2022-06-21 00:04 - 000010752 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0812\a3b31d6551fb1cc8fef01cadcfe21f7a\DEM.Graphics.I0812.ni.dll
2022-06-21 00:02 - 2022-06-21 00:02 - 000013312 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0906\7ceb7230cf67dfe268326e288c6a3b1e\DEM.Graphics.I0906.ni.dll
2022-06-21 00:00 - 2022-06-21 00:00 - 000014336 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0912\07c0a2836df04abb4a34903af8f74ef5\DEM.Graphics.I0912.ni.dll
2022-06-21 00:02 - 2022-06-21 00:02 - 000035840 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I1010\64883b5bf68387379a4bf1456f2f8d21\DEM.Graphics.I1010.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 001005568 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\Localizatio01dbc1c0#\ec126293d3e9e7bcbf621a12f41be136\Localization.Foundation.Private.ni.dll
2022-12-18 15:03 - 2022-12-18 15:03 - 000242688 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceMan446ca0e5#\37713049b76ac523ff1be41df017c0d5\ResourceManagement.Foundation.Implementation.ni.dll
2022-12-18 10:56 - 2022-12-18 10:56 - 000023552 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\ResourceManf163905a#\43c05433fe7c87b4b13639ad91ba2caa\ResourceManagement.Foundation.Private.ni.dll
2022-12-18 10:57 - 2022-12-18 10:57 - 000091648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Aspect.ec8786e5#\14d3d6b6e446af5704abf4f1b1d7f2f6\CLI.Aspect.AMDHome.Graphics.Dashboard.ni.dll
2022-12-18 10:55 - 2022-12-18 10:55 - 002286592 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G60a7b4d1#\7f228f83b5a6321fd3ccdd0dbd5ed17c\CLI.Caste.Graphics.Shared.ni.dll
2022-09-25 18:29 - 2022-09-25 18:29 - 002788864 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\CLI.Caste.G962aa464#\aa6c1b937e7f6e37f3f2ce0f90772e50\CLI.Caste.Graphics.Runtime.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000025600 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Foundation\16abffe036331c3e314c2f2efe5ee5a5\DEM.Foundation.ni.dll
2022-06-20 23:16 - 2022-06-20 23:16 - 000115200 _____ (ATI Technologies Inc.) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_64\DEM.Graphics.I0601\94e5fa1131e56cc76b4cc15a1319fe98\DEM.Graphics.I0601.ni.dll
2011-04-29 12:34 - 2011-04-29 12:34 - 000927232 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 12:34 - 2011-04-29 12:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 20:08 - 2011-04-29 20:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 12:15 - 2010-08-06 12:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 12:15 - 2010-08-06 12:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\Windows\SYSTEM32\hpzipr12.dll
2023-05-07 21:00 - 2023-05-07 21:00 - 000100352 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 000796352 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 002271424 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2014-01-18 18:12 - 2014-01-18 18:12 - 000283840 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\avgSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\avgSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPCON14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPCON14/4
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-03-30 21:28 - 2018-12-03 12:24 - 000000041 _____ C:\Windows\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Beatrice\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.2.1 - 207.164.234.193
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "BlackBerryLink.exe"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "RIMDeviceManager"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-3281177217-869368764-2006139627-1002\...\StartupApproved\Run: => "GarminExpress"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{C38017F8-E0E8-4B42-89D2-849D1FB92D12}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5114AAF1-933F-48E2-B065-8FD049CD208B}] => (Allow) LPort=2869
FirewallRules: [{8A63499F-BA73-4586-9EFD-A4E8BE6C67DA}] => (Allow) LPort=1900
FirewallRules: [{06F2CB04-A283-4B52-B8AA-229C717AFC13}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9BE17BA2-312C-4A9E-8EAD-5EEF4C17223A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1EFE606F-A8FC-4435-8FD8-765B3E043242}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{842CDB17-A5DE-4194-BA3F-443B0EE2AEE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7CADD1D8-196B-4BFA-8606-09D4A1D2DC3B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe => No File
FirewallRules: [{3CB5F53A-8944-4F29-8D84-80BDE5F50762}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B0D5AAE4-97F0-4FE8-982D-5A99C8DB57A7}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{142E4A0A-587A-4D65-BC6B-BD25D7B42F84}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{DCE51DE1-18DC-40E0-A2BB-2EC4E1264899}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{4830FFDE-4BDC-49C9-B241-280544DA7EC3}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C9B42E5F-A389-4CAE-B246-9BD01E019D3C}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{7AE58E2A-6850-48BE-A271-D3CC2B44C5CB}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [UDP Query User{D740E82B-1F84-4ADD-9F7E-EFB526EDDD03}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [TCP Query User{B1DA0F5A-40E9-403E-8D94-4B0F9FA3996B}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [UDP Query User{F56BEE0E-1B0F-4925-914C-727FF4C8E757}C:\users\beatrice\appdata\local\logmein client\logmein client.exe] => (Allow) C:\users\beatrice\appdata\local\logmein client\logmein client.exe (LogMeIn, Inc. -> LogMeIn, Inc.)
FirewallRules: [{0E6742E6-D825-48A0-9E15-9578D030152E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{64DB1C5C-FA5D-4632-972C-AFF6BDCD0DA4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{E3C51DF4-EA9A-4381-9B60-732C750E9261}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{39C5FD0D-9617-4811-96B7-6F4584EE9163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A3904ACB-D723-40B0-84FC-82CD131424AC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{96F34E72-338C-43F4-A665-A3D6DA664BE4}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FFEA73B4-26C7-4B76-B566-16B7EC746F1B}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{ED614057-4496-4D36-A24E-5BBF11F5473B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{9C7642F9-4C29-4714-9D3F-A67324DC94C3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{311DF5C6-0821-4189-9756-DEFB77C9F34B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{C863362F-668C-42B9-B273-881A20C7AF5A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{09C6ABE0-D192-4E3E-884C-CB4878B1A6BC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{CE833B81-9D44-448B-96C2-F97E034B6190}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B635B7F1-B07B-4141-B333-3E7E282E9795}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{7D467B21-A5CB-4ED0-A49E-24406CD321CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{F7814187-F802-46DD-9F33-D8B7B42C3F46}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett Packard -> Hewlett-Packard)
FirewallRules: [{92BC6056-5737-411B-B1A6-6B3964BA46D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe => No File
FirewallRules: [{81B98103-2BCB-49CB-9519-1150EAB1CEA5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe => No File
FirewallRules: [{4F9307C3-1BB3-4471-9D2F-5AE3BA04A065}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{7DBD61DD-7C62-487B-9D44-68010C8E115B}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B8D094DD-B959-4F0A-83A6-3FB354E5FFBF}] => (Allow) C:\Users\Beatrice\AppData\Roaming\TelusMeetings\bin\TelusBusinessConnectMeetings.exe => No File
FirewallRules: [{D3DDF015-B64F-4BFF-B371-36E361CC25A6}] => (Allow) C:\Users\Beatrice\AppData\Roaming\TelusMeetings\bin\airhost.exe => No File
FirewallRules: [{833353E2-2974-474B-9926-827351C5AAB9}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{26E2ED77-3683-4126-A9DD-4D70DA1466C5}] => (Allow) C:\Program Files\AVG\Antivirus\AVGUI.exe (AVG Technologies USA, LLC -> AVG Technologies CZ, s.r.o.)
FirewallRules: [{2E0A927C-3F3E-4FCB-BE36-A8E14F2ECDA1}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin_00\Zoom.exe => No File
FirewallRules: [{360B72BF-8905-4134-BB63-3B31C45C6572}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin_00\airhost.exe => No File
FirewallRules: [{ACD00D2F-D5F1-476F-92E0-6F8DAFC8EE5A}] => (Allow) C:\Users\Beatrice\AppData\Roaming\Zoom\bin_00\airhost.exe => No File
FirewallRules: [{8DD35913-4D13-4302-91A7-8F4D8EF1ACD6}] => (Allow) C:\Users\Beatrice\AppData\Local\Temp\7zS5E07\HP.EasyStart.exe (HP Inc. -> HP)
FirewallRules: [TCP Query User{CAA6E10B-1C7D-4B71-AA60-D43DDFF2DAD2}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [UDP Query User{56A1B475-7699-4161-98A3-F17A50E02D53}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{DD542D21-4F5D-4BD6-9366-2F7C5FB1D9AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{F704C7B7-79E9-4BA8-813E-AB985DE251D8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{70B0C92D-6D79-4B5C-9297-F6215E86A51B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
 
==================== Restore Points =========================
 
15-07-2023 19:25:16 Windows Update
25-07-2023 11:55:23 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/31/2023 12:03:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (07/31/2023 12:03:23 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (07/31/2023 12:03:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (07/31/2023 12:03:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "ESENT" in DLL "C:\Windows\system32\esentprf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (07/31/2023 12:03:19 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (07/31/2023 12:03:18 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service ".NETFramework" in DLL "C:\Windows\system32\mscoree.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (07/31/2023 12:02:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: HpHwDiagA.exe, version: 1.7.0.0, time stamp: 0x60de3361
Faulting module name: KERNELBASE.dll, version: 6.3.9600.20772, time stamp: 0x639ac196
Exception code: 0xe0434352
Fault offset: 0x000000000000450c
Faulting process id: 0xe00
Faulting application start time: 0x01d9c3c78df3bb19
Faulting application path: C:\Program Files (x86)\HP\HpHwDiag\HpHwDiagA.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: a4ade177-2fbb-11ee-8413-485ab6bbca3e
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (07/31/2023 12:02:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: HpHwDiagA.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.PipeException
 
Exception Info: System.ServiceModel.EndpointNotFoundException
 
Server stack trace: 
   at System.ServiceModel.Channels.PipeConnectionInitiator.GetPipeName(Uri uri, IPipeTransportFactorySettings transportFactorySettings)
   at System.ServiceModel.Channels.NamedPipeConnectionPoolRegistry.NamedPipeConnectionPool.GetPoolKey(EndpointAddress address, Uri via)
   at System.ServiceModel.Channels.CommunicationPool`2.TakeConnection(EndpointAddress address, Uri via, TimeSpan timeout, TKey& key)
   at System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
   at System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
   at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   at SureCheck.WcfService.ISessionsService.GetSessions()
   at SureCheck.WcfService.SessionsClient.Get()
   at HPSystemsTools.TestRunner.WaitForWebServerToBeReady()
   at HPSystemsTools.TestRunner.RunTests(System.Collections.Generic.IEnumerable`1<ToolFrameworkPackage.ToolStatus>)
   at HPSystemsTools.TestRunner.RunTests()
   at SureCheck.App.RunTests()
   at SureCheck.App.Application_Startup(System.Object, System.Windows.StartupEventArgs)
   at System.Windows.Application.OnStartup(System.Windows.StartupEventArgs)
   at System.Windows.Application.<.ctor>b__1_0(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at MS.Internal.CulturePreservingExecutionContext.CallbackWrapper(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at MS.Internal.CulturePreservingExecutionContext.Run(MS.Internal.CulturePreservingExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at SureCheck.App.Main()
 
 
System errors:
=============
Error: (07/31/2023 12:30:39 PM) (Source: DCOM) (EventID: 10010) (User: Beatrice)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.
 
Error: (07/31/2023 12:28:39 PM) (Source: DCOM) (EventID: 10010) (User: Beatrice)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.
 
Error: (07/31/2023 06:23:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/31/2023 06:05:25 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.393.1920.0).
 
Error: (07/31/2023 06:05:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Defender Service service failed to start due to the following error: 
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Error: (07/30/2023 10:33:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (07/30/2023 08:57:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
 
Error: (07/30/2023 07:20:45 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.22 09/27/2013
Motherboard: Hewlett-Packard 213B
Processor: AMD A6-5200 APU with Radeon™ HD Graphics 
Percentage of memory in use: 47%
Total physical RAM: 7643.95 MB
Available physical RAM: 4012.89 MB
Total Virtual: 9041.43 MB
Available Virtual: 3861.46 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:677.33 GB) (Free:509.61 GB) (Model: WDC WD7500BPVX-60JC3 SATA Disk Device) NTFS
Drive d: (RECOVERY) (Fixed) (Total:20.54 GB) (Free:2.03 GB) (Model: WDC WD7500BPVX-60JC3 SATA Disk Device) NTFS ==>[system with boot components (obtained from drive)]
 
\\?\Volume{ef62169f-32b1-4fb5-ac9c-72b6ac8ca640}\ (WINRE) (Fixed) (Total:0.39 GB) (Free:0.1 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 3A472083)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

 


  • 0

Advertisements

#2
RKinner
Posted 01 August 2023 - 07:31 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Uninstall HP PC Hardware Diagnostics Windows 

 

It's causing a lot of errors which may be the cause of your slowdown.

 

Reboot.

 

If it's still slow then:

 

Multiple replies are OK.  Best to post a log as you get it.

 
Get Process Explorer
 
 
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users 
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
 
 
CrystalDiskInfo:
 
 
 
 
 
 
Scroll down a bit and you will see a picture of a black window with Samsung SSD in it.  Underneath the black window 
is a button that says Vista+.  That's the button you need to use to download the installer.  
Save the file then go to the download folder and right click on the file and run as admin.  
The program will install and then start up.   Once it reads the drives you just hit File then Save Text.  
Save the file to your desktop and then attach it or open it then copy and paste the text to a reply.  
 
 
Latency Monitor:
 
Go to
 
 
Scroll down to
 
System Monitoring Tools
 
and then find
 
LatencyMon 7.0 (or it may be a higher number if they update)
 
Click on Download free home edition
 
Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it. 
 
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  
 
 
Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it. 

  • 0

#3
Beatriceswiss
Posted 02 August 2023 - 08:58 AM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I uninstalled HP PC Hardware Diagnostics Windows and rebooted.  The laptop is still very slow.

 

Attached is the log from Process Explorer.  I will post the other logs after I run each program you mentioned.

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer

System Idle Process 59.06 0 K 4 K 0
RdrCEF.exe 11.23 156,840 K 8,860 K 4256 Adobe RdrCEF Adobe Systems Incorporated (Verified) Adobe Inc.
procexp (1)64.exe 6.88 28,920 K 55,808 K 6668 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
AvEmUpdate.exe 5.43 7,396 K 16,484 K 4092
AVGSvc.exe 4.35 143,556 K 223,132 K 1332 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
ADNotificationManager.exe 3.99 3,820 K 12,036 K 2832 Adobe Acrobat Adobe (Verified) Adobe Inc.
dwm.exe 2.17 17,668 K 29,020 K 1012
lsass.exe 1.81 5,940 K 14,124 K 812 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
Interrupts 1.45 0 K 0 K n/a Hardware Interrupts and DPCs
csrss.exe 1.45 2,484 K 6,848 K 696
svchost.exe 0.72 16,780 K 34,260 K 552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
explorer.exe 0.72 87,288 K 143,304 K 1884 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
System 0.36 108 K 1,420 K 4
AcroRd32.exe 0.36 35,476 K 39,952 K 6788 Adobe Acrobat Reader Adobe Systems Incorporated (Verified) Adobe Inc.
aswidsagent.exe < 0.01 26,812 K 44,824 K 4884 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
SearchIndexer.exe < 0.01 29,156 K 28,112 K 4664 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
hpqtra08.exe < 0.01 4,604 K 14,548 K 6568 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe < 0.01 6,380 K 14,316 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AVGUI.exe < 0.01 56,380 K 23,684 K 6292 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
aswEngSrv.exe < 0.01 56,812 K 143,072 K 1272
chrome.exe < 0.01 124,576 K 209,460 K 3676 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 3,760 K 10,320 K 2268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 15,304 K 24,196 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 8,480 K 18,180 K 816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
MOM.exe < 0.01 27,460 K 3,512 K 6624 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
services.exe < 0.01 3,704 K 8,004 K 804
svchost.exe < 0.01 6,376 K 13,564 K 880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
CCC.exe < 0.01 87,868 K 4,284 K 5684 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
avgToolsSvc.exe < 0.01 48,740 K 79,100 K 1524 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AppleMobileDeviceService.exe < 0.01 2,760 K 10,560 K 1872 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 4,548 K 9,188 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe < 0.01 7,852 K 19,672 K 1612 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
wsc_proxy.exe < 0.01 6,436 K 12,364 K 304 AVG remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
mDNSResponder.exe < 0.01 1,388 K 5,056 K 2212 Bonjour Service Apple Inc. (Verified) Apple Inc.
chrome.exe < 0.01 11,904 K 16,620 K 3900 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 3,712 K 12,352 K 2472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
csrss.exe < 0.01 2,056 K 4,708 K 600
svchost.exe < 0.01 19,860 K 28,740 K 272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe < 0.01 2,184 K 7,132 K 4796
SynTPEnh.exe < 0.01 3,928 K 6,532 K 1900 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
chrome.exe < 0.01 17,392 K 39,336 K 3884 Google Chrome Google LLC (Verified) Google LLC
hpservice.exe < 0.01 948 K 4,036 K 1096 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
AcroRd32.exe < 0.01 1,456 K 4,416 K 4260 Adobe Acrobat Reader Adobe Systems Incorporated (Verified) Adobe Inc.
wmpnetwk.exe 6,084 K 19,468 K 4916 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,588 K 7,832 K 2608
winlogon.exe 1,440 K 11,424 K 748
wininit.exe 820 K 4,104 K 704
unsecapp.exe 1,012 K 4,740 K 5376
taskhostex.exe 3,860 K 9,716 K 1672 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,228 K 5,020 K 3428
SynTPHelper.exe 916 K 3,932 K 5884
svchost.exe 1,496 K 4,936 K 5264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,316 K 8,192 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 12,596 K 26,276 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,804 K 12,576 K 4848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 5,220 K 14,056 K 4920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 10,080 K 8,524 K 2724 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,328 K 10,444 K 2240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 744 K 3,508 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 720 K 3,504 K 2388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
smss.exe 368 K 1,140 K 376
ScanToPCActivationApp.exe 2,752 K 10,448 K 6448 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RtkNGUI64.exe 4,220 K 10,508 K 6908 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 1,516 K 5,912 K 1128 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,316 K 10,772 K 7100 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,652 K 11,124 K 1148
procexp (1).exe 4,732 K 10,064 K 5556 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
hpwuschd2.exe 1,016 K 4,236 K 6156 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,292 K 5,620 K 2312 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe 42,248 K 48,368 K 3324
hpqwmiex.exe 1,584 K 7,080 K 1620 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqste08.exe 4,044 K 11,812 K 3212 HP CUE Status Root Hewlett-Packard Co. (Verified) Hewlett Packard
hpqgpc01.exe 3,140 K 11,316 K 6708 GPCore COM object Hewlett-Packard (Verified) Hewlett Packard
hpqbam08.exe 1,592 K 6,492 K 6524 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Verified) Hewlett Packard
HPMSGSVC.exe 1,580 K 6,696 K 6364 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe 1,268 K 848 K 3580
GoogleCrashHandler.exe 1,336 K 1,156 K 1492
Fuel.Service.exe 1,752 K 7,388 K 1200 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
dllhost.exe 1,360 K 6,292 K 6592
dasHost.exe 5,236 K 14,408 K 2304
ClassicStartMenu.exe 2,528 K 8,868 K 2144 Classic Start Menu IvoSoft (Certificate expired) IvoSoft
chrome.exe 56,452 K 121,852 K 4040 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 18,320 K 52,424 K 3520 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 18,076 K 50,912 K 832 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 14,108 K 26,976 K 2792 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 22,956 K 47,200 K 3872 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 37,700 K 71,332 K 4048 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 1,980 K 6,160 K 3720 Google Chrome Google LLC (Verified) Google LLC
AVGUI.exe 39,024 K 43,748 K 1008 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe 31,876 K 33,788 K 6696 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe 33,012 K 42,356 K 5976 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
armsvc.exe 1,036 K 4,216 K 1788 Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
AERTSr64.exe 504 K 2,564 K 1080 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
AdaptiveSleepService.exe 1,144 K 4,784 K 1764 (No signature was present in the subject)
acrotray.exe 1,336 K 5,368 K 6400 AcroTray Adobe Systems Inc. (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe 1,724 K 2,224 K 7112 Hp Accelerometer System Tray Hewlett-Packard Company (Verified) Hewlett-Packard Company

  • 0

#4
Beatriceswiss
Posted 02 August 2023 - 09:07 AM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Here is the CrystalDiskInfo log.

 

----------------------------------------------------------------------------
CrystalDiskInfo 9.1.1 © 2008-2023 hiyohiyo
                                Crystal Dew World: https://crystalmark.info/
----------------------------------------------------------------------------
 
    OS : Windows 8.1  [6.3 Build 9600] (x64)
  Date : 2023/08/02 11:05:34
 
-- Controller Map ----------------------------------------------------------
 + AMD SATA Controller [ATA]
   - WDC WD7500BPVX-60JC3 SATA Disk Device
   - hp CDDVDW SU-208FB SATA CdRom Device
 - Microsoft Storage Spaces Controller [SCSI]
 
-- Disk List ---------------------------------------------------------------
 (01) WDC WD7500BPVX-60JC3T0 : 750.1 GB [0/0/0, pd1]
 
----------------------------------------------------------------------------
 (01) WDC WD7500BPVX-60JC3T0
----------------------------------------------------------------------------
           Model : WDC WD7500BPVX-60JC3T0
        Firmware : 01.01A01
   Serial Number : WD-WXQ1E93HTPZ8
       Disk Size : 750.1 GB (8.4/137.4/750.1/750.1)
     Buffer Size : 8192 KB
     Queue Depth : 32
    # of Sectors : 1465149168
   Rotation Rate : 5400 RPM
       Interface : Serial ATA
   Major Version : ACS-2
   Minor Version : ----
   Transfer Mode : SATA/600 | SATA/600
  Power On Hours : 8349 hours
  Power On Count : 6138 count
     Temperature : 35 C (95 F)
   Health Status : Good
        Features : S.M.A.R.T., APM, NCQ, GPL
       APM Level : 0080h [ON]
       AAM Level : ----
    Drive Letter : C: D:
 
-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Read Error Rate
03 181 178 _21 00000000079E Spin-Up Time
04 _94 _94 __0 00000000181F Start/Stop Count
05 200 200 140 000000000000 Reallocated Sectors Count
07 200 200 _51 000000000000 Seek Error Rate
09 _89 _89 __0 00000000209D Power-On Hours
0A 100 100 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000000 Recalibration Retries
0C _94 _94 __0 0000000017FA Power Cycle Count
B7 100 100 __0 000000000000 Vendor Specific
B8 100 100 _97 000000000000 End-to-End Error
BB 100 100 __0 000000000000 Reported Uncorrectable Errors
BC 100 100 __0 000000000000 Command Timeout
BE _65 _36 _40 000E24150023 Airflow Temperature
BF __1 __1 __0 0000000000C6 G-Sense Error Rate
C0 200 200 __0 00000000005F Power-off Retract Count
C1 173 173 __0 0000000141F3 Load/Unload Cycle Count
C2 112 _83 __0 000000000023 Temperature
C4 200 200 __0 000000000000 Reallocation Event Count
C5 200 200 __0 000000000000 Current Pending Sector Count
C6 100 253 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 253 _51 000000000000 Write Error Rate
 
-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 5131 4539 3348 5450 5A38
020: 0000 4000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3735 3030 4250 5658 2D36 304A 4333 5430 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4001 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F CD0E 0006 004C 00CC
080: 03FE 0000 706B 7C69 6123 7069 BC49 6123 407F 0047
090: 0047 0080 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 66F0 5754 0000 0000 0000 0000 6003 0000 5001 4EE6
110: AEC0 7D1C 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0003 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 703D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FCA5
 
-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 B5 B2 9E 07 00 00 00 00 00 04 32 00 5E 5E 1F
020: 18 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 59 59 9D 20 00 00 00 00 00 0A 33 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 5E 5E FA 17 00 00 00 00 00 B7 32
070: 00 64 64 00 00 00 00 00 00 00 B8 33 00 64 64 00
080: 00 00 00 00 00 00 BB 32 00 64 64 00 00 00 00 00
090: 00 00 BC 32 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 41 24 23 00 15 24 0E 00 00 BF 32 00 01 01 C6
0B0: 00 00 00 00 00 00 C0 32 00 C8 C8 5F 00 00 00 00
0C0: 00 00 C1 32 00 AD AD F3 41 01 00 00 00 00 C2 22
0D0: 00 70 53 23 00 00 00 00 00 00 C4 32 00 C8 C8 00
0E0: 00 00 00 00 00 00 C5 32 00 C8 C8 00 00 00 00 00
0F0: 00 00 C6 30 00 64 FD 00 00 00 00 00 00 00 C7 32
100: 00 C8 C8 00 00 00 00 00 00 00 C8 09 00 64 FD 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 11 80 34 01 51
170: 03 00 01 62 02 97 00 00 00 00 00 00 00 00 00 00
180: 00 00 01 03 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 E7
 
-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 00 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 33 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 B7 00
070: 00 00 00 00 00 00 00 00 00 00 B8 61 00 00 00 00
080: 00 00 00 00 00 00 BB 00 00 00 00 00 00 00 00 00
090: 00 00 BC 00 00 00 00 00 00 00 00 00 00 00 BE 28
0A0: 00 00 00 00 00 00 00 00 00 00 BF 00 00 00 00 00
0B0: 00 00 00 00 00 00 C0 00 00 00 00 00 00 00 00 00
0C0: 00 00 C1 00 00 00 00 00 00 00 00 00 00 00 C2 00
0D0: 00 00 00 00 00 00 00 00 00 00 C4 00 00 00 00 00
0E0: 00 00 00 00 00 00 C5 00 00 00 00 00 00 00 00 00
0F0: 00 00 C6 00 00 00 00 00 00 00 00 00 00 00 C7 00
100: 00 00 00 00 00 00 00 00 00 00 C8 33 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88

  • 0

#5
RKinner
Posted 02 August 2023 - 09:23 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I should have asked you to wait 5 minutes after rebooting before running Process Explorer.  IF you didn't that may explain the high CPU usage of Adobe Reader and AVG.  It looks like they were in the process of getting updates.  Please try again after the PC has been on for a while.


  • 0

#6
RKinner
Posted 02 August 2023 - 09:27 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

CrystalDiskInfo says your hard drive is in good shape so probably not the source of your slowdown.


  • 0

#7
Beatriceswiss
Posted 02 August 2023 - 11:19 AM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I rebooted and ran Process Explorer after 30 minutes.  Log is below.

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 32.95 0 K 4 K 0
avgToolsSvc.exe 24.24 86,692 K 124,628 K 1524 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
procexp (1)64.exe 21.59 28,584 K 54,944 K 1056 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 17.05 213,728 K 229,256 K 552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
dwm.exe 1.89 18,248 K 29,940 K 180
Interrupts 0.76 0 K 0 K n/a Hardware Interrupts and DPCs
System < 0.01 124 K 8,500 K 4
svchost.exe < 0.01 5,120 K 9,588 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AVGSvc.exe < 0.01 157,796 K 192,952 K 1332 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
TrustedInstaller.exe 2,740 K 6,040 K 3748 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 27,040 K 28,268 K 4664 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1.14 2,668 K 9,140 K 6920
AVGUI.exe < 0.01 48,808 K 36,588 K 4492 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
explorer.exe < 0.01 78,760 K 129,544 K 1860 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
aswEngSrv.exe 72,064 K 161,516 K 1272
chrome.exe < 0.01 121,604 K 207,544 K 5320 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 59,904 K 129,380 K 4652 Google Chrome Google LLC (Verified) Google LLC
aswidsagent.exe < 0.01 29,256 K 46,552 K 4884 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
hpqtra08.exe < 0.01 4,516 K 14,456 K 3884 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe < 0.01 8,488 K 17,864 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
lsass.exe < 0.01 6,732 K 15,088 K 812 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 11,440 K 21,688 K 816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
TiWorker.exe 2,284 K 7,512 K 3572
svchost.exe < 0.01 4,600 K 11,292 K 2268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe 19,828 K 54,548 K 7172 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 18,056 K 40,348 K 7128 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 19,320 K 27,660 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,472 K 10,564 K 2240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
services.exe 3,808 K 8,048 K 804
MOM.exe < 0.01 27,496 K 4,496 K 4360 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
svchost.exe < 0.01 19,316 K 28,856 K 272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
CCC.exe < 0.01 86,764 K 5,864 K 7156 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
hpqgpc01.exe 3,212 K 11,492 K 6216 GPCore COM object Hewlett-Packard (Verified) Hewlett Packard
AppleMobileDeviceService.exe < 0.01 2,960 K 10,896 K 1872 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 5,404 K 13,516 K 4848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 6,940 K 14,228 K 880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 2,300 K 7,388 K 4796
wsc_proxy.exe < 0.01 6,392 K 12,256 K 304 AVG remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
SynTPEnh.exe < 0.01 4,100 K 15,696 K 3988 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
csrss.exe 2,048 K 5,100 K 600
hpservice.exe < 0.01 948 K 4,132 K 1096 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
wmpnetwk.exe 6,052 K 4,636 K 4916 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,240 K 8,012 K 4500
winlogon.exe 1,488 K 11,976 K 1660
wininit.exe 960 K 4,492 K 704
unsecapp.exe 1,036 K 4,792 K 5376
taskhostex.exe < 0.01 3,788 K 9,704 K 4208 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 876 K 3,524 K 4676
svchost.exe < 0.01 14,944 K 30,504 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,860 K 14,336 K 4920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,400 K 13,044 K 2472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,316 K 8,212 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,492 K 4,940 K 5264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,840 K 16,476 K 3788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe < 0.01 9,004 K 20,908 K 1612 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 368 K 1,156 K 376
ScanToPCActivationApp.exe 2,664 K 10,464 K 6452 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RuntimeBroker.exe 1,720 K 5,932 K 7596 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 4,240 K 10,544 K 568 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 1,532 K 6,000 K 1128 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,784 K 11,380 K 5636
RAVBg64.exe 5,348 K 10,752 K 1820 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp (1).exe 4,732 K 9,900 K 3592 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe 1,516 K 5,220 K 2212 Bonjour Service Apple Inc. (Verified) Apple Inc.
hpwuschd2.exe 1,012 K 4,228 K 2424 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,340 K 5,768 K 2312 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe 42,008 K 48,024 K 3324 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 1,556 K 7,268 K 1620 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqste08.exe 4,096 K 12,028 K 5420 HP CUE Status Root Hewlett-Packard Co. (Verified) Hewlett Packard
hpqbam08.exe 1,580 K 6,500 K 4312 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Verified) Hewlett Packard
HPMSGSVC.exe 1,592 K 6,884 K 3268 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe 1,268 K 492 K 3580
GoogleCrashHandler.exe 1,336 K 564 K 1492
Fuel.Service.exe 1,724 K 7,424 K 1200 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
dllhost.exe 1,348 K 6,324 K 6592
dasHost.exe 5,856 K 15,080 K 2304
ClassicStartMenu.exe 2,664 K 9,244 K 7088 Classic Start Menu IvoSoft (Certificate expired) IvoSoft
chrome.exe 12,224 K 17,248 K 4640 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 23,472 K 48,048 K 3948 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 34,144 K 68,232 K 5512 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 14,388 K 27,512 K 7508 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 20,056 K 58,360 K 7476 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,180 K 6,500 K 5280 Google Chrome Google LLC (Verified) Google LLC
AVGUI.exe 33,704 K 36,940 K 7672 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe 0.38 31,108 K 35,276 K 7980 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
armsvc.exe 1,036 K 4,216 K 1788 Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
AERTSr64.exe 504 K 2,552 K 1080 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
AdaptiveSleepService.exe 1,156 K 4,812 K 1764 (No signature was present in the subject)
acrotray.exe 1,328 K 5,356 K 5560 AcroTray Adobe Systems Inc. (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe 1,696 K 2,492 K 4004 Hp Accelerometer System Tray Hewlett-Packard Company (Verified) Hewlett-Packard Company
 
Latency Monitor log below.
 
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 32.95 0 K 4 K 0
avgToolsSvc.exe 24.24 86,692 K 124,628 K 1524 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
procexp (1)64.exe 21.59 28,584 K 54,944 K 1056 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
svchost.exe 17.05 213,728 K 229,256 K 552 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
dwm.exe 1.89 18,248 K 29,940 K 180
Interrupts 0.76 0 K 0 K n/a Hardware Interrupts and DPCs
System < 0.01 124 K 8,500 K 4
svchost.exe < 0.01 5,120 K 9,588 K 916 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AVGSvc.exe < 0.01 157,796 K 192,952 K 1332 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
TrustedInstaller.exe 2,740 K 6,040 K 3748 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
SearchIndexer.exe 27,040 K 28,268 K 4664 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
csrss.exe 1.14 2,668 K 9,140 K 6920
AVGUI.exe < 0.01 48,808 K 36,588 K 4492 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
explorer.exe < 0.01 78,760 K 129,544 K 1860 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
aswEngSrv.exe 72,064 K 161,516 K 1272
chrome.exe < 0.01 121,604 K 207,544 K 5320 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 59,904 K 129,380 K 4652 Google Chrome Google LLC (Verified) Google LLC
aswidsagent.exe < 0.01 29,256 K 46,552 K 4884 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
hpqtra08.exe < 0.01 4,516 K 14,456 K 3884 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
svchost.exe < 0.01 8,488 K 17,864 K 1188 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
lsass.exe < 0.01 6,732 K 15,088 K 812 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 11,440 K 21,688 K 816 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
TiWorker.exe 2,284 K 7,512 K 3572
svchost.exe < 0.01 4,600 K 11,292 K 2268 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe 19,828 K 54,548 K 7172 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 18,056 K 40,348 K 7128 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 19,320 K 27,660 K 1640 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,472 K 10,564 K 2240 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
services.exe 3,808 K 8,048 K 804
MOM.exe < 0.01 27,496 K 4,496 K 4360 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
svchost.exe < 0.01 19,316 K 28,856 K 272 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
CCC.exe < 0.01 86,764 K 5,864 K 7156 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
hpqgpc01.exe 3,212 K 11,492 K 6216 GPCore COM object Hewlett-Packard (Verified) Hewlett Packard
AppleMobileDeviceService.exe < 0.01 2,960 K 10,896 K 1872 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe 5,404 K 13,516 K 4848 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 6,940 K 14,228 K 880 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
WmiPrvSE.exe 2,300 K 7,388 K 4796
wsc_proxy.exe < 0.01 6,392 K 12,256 K 304 AVG remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
SynTPEnh.exe < 0.01 4,100 K 15,696 K 3988 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
csrss.exe 2,048 K 5,100 K 600
hpservice.exe < 0.01 948 K 4,132 K 1096 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
wmpnetwk.exe 6,052 K 4,636 K 4916 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 3,240 K 8,012 K 4500
winlogon.exe 1,488 K 11,976 K 1660
wininit.exe 960 K 4,492 K 704
unsecapp.exe 1,036 K 4,792 K 5376
taskhostex.exe < 0.01 3,788 K 9,704 K 4208 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
SynTPHelper.exe 876 K 3,524 K 4676
svchost.exe < 0.01 14,944 K 30,504 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,860 K 14,336 K 4920 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,400 K 13,044 K 2472 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,316 K 8,212 K 1740 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,492 K 4,940 K 5264 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,840 K 16,476 K 3788 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe < 0.01 9,004 K 20,908 K 1612 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 368 K 1,156 K 376
ScanToPCActivationApp.exe 2,664 K 10,464 K 6452 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RuntimeBroker.exe 1,720 K 5,932 K 7596 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 4,240 K 10,544 K 568 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 1,532 K 6,000 K 1128 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,784 K 11,380 K 5636
RAVBg64.exe 5,348 K 10,752 K 1820 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp (1).exe 4,732 K 9,900 K 3592 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe 1,516 K 5,220 K 2212 Bonjour Service Apple Inc. (Verified) Apple Inc.
hpwuschd2.exe 1,012 K 4,228 K 2424 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,340 K 5,768 K 2312 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe 42,008 K 48,024 K 3324 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 1,556 K 7,268 K 1620 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqste08.exe 4,096 K 12,028 K 5420 HP CUE Status Root Hewlett-Packard Co. (Verified) Hewlett Packard
hpqbam08.exe 1,580 K 6,500 K 4312 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Verified) Hewlett Packard
HPMSGSVC.exe 1,592 K 6,884 K 3268 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe 1,268 K 492 K 3580
GoogleCrashHandler.exe 1,336 K 564 K 1492
Fuel.Service.exe 1,724 K 7,424 K 1200 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
dllhost.exe 1,348 K 6,324 K 6592
dasHost.exe 5,856 K 15,080 K 2304
ClassicStartMenu.exe 2,664 K 9,244 K 7088 Classic Start Menu IvoSoft (Certificate expired) IvoSoft
chrome.exe 12,224 K 17,248 K 4640 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 23,472 K 48,048 K 3948 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 34,144 K 68,232 K 5512 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 14,388 K 27,512 K 7508 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 20,056 K 58,360 K 7476 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,180 K 6,500 K 5280 Google Chrome Google LLC (Verified) Google LLC
AVGUI.exe 33,704 K 36,940 K 7672 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe 0.38 31,108 K 35,276 K 7980 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
armsvc.exe 1,036 K 4,216 K 1788 Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
AERTSr64.exe 504 K 2,552 K 1080 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
AdaptiveSleepService.exe 1,156 K 4,812 K 1764 (No signature was present in the subject)
acrotray.exe 1,328 K 5,356 K 5560 AcroTray Adobe Systems Inc. (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe 1,696 K 2,492 K 4004 Hp Accelerometer System Tray Hewlett-Packard Company (Verified) Hewlett-Packard Company
 
How do I attach the two screenshots for Drivers and Processes?

  • 0

#8
RKinner
Posted 02 August 2023 - 01:06 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

This time it looks like it is in the middle of a Windows update.  Go into Settings, Update & Security, Windows Update, and see if it is still doing an update.  Also make sure that AVG is not scanning for some reason.


  • 0

#9
Beatriceswiss
Posted 02 August 2023 - 02:01 PM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

AVG is not scanning.  Windows is not trying to update. (Keep in mind that I have Windows 8.1 on this machine, so there shouldn't be any updates I believe.)

How do I attach the two screenshots?

 

Here is the latest Process Explorer log.

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
procexp (1)64.exe 26.01 27,428 K 53,836 K 756 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
System Idle Process 50.89 0 K 4 K 0
lsass.exe 3.04 5,876 K 13,892 K 800 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
aswidsagent.exe 10.47 26,124 K 41,952 K 4816 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
svchost.exe 2.66 20,572 K 38,576 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
hpqste08.exe 3.72 4,292 K 11,948 K 6844 HP CUE Status Root Hewlett-Packard Co. (Verified) Hewlett Packard
aswEngSrv.exe 3.72 51,060 K 83,704 K 2768
svchost.exe 3.38 3,880 K 10,368 K 2388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AVGSvc.exe 3.04 121,240 K 183,508 K 1392 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
Interrupts 2.28 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 1.52 16,352 K 27,748 K 1000
csrss.exe 0.38 2,584 K 6,488 K 688
svchost.exe < 0.01 18,792 K 27,644 K 1020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 5,860 K 9,760 K 904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
explorer.exe 0.34 81,200 K 126,144 K 1652 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
CoolSense.exe 0.34 1,956 K 7,752 K 2952 HP CoolSense Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
acrodist.exe 0.34 10,692 K 14,200 K 6700 Acrobat  Distiller Adobe Systems Incorporated. (Verified) Adobe Systems, Incorporated
System 0.76 124 K 3,372 K 4
hpqgpc01.exe < 0.01 2,068 K 7,836 K 6944 GPCore COM object Hewlett-Packard (Verified) Hewlett Packard
services.exe < 0.01 4,976 K 7,496 K 792
svchost.exe < 0.01 6,844 K 14,620 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
hpqbam08.exe < 0.01 1,792 K 6,528 K 6888 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Verified) Hewlett Packard
chrome.exe < 0.01 100,312 K 181,228 K 3648 Google Chrome Google LLC (Verified) Google LLC
spoolsv.exe < 0.01 8,928 K 20,380 K 1680 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 16,200 K 24,468 K 1708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
avgToolsSvc.exe < 0.01 42,376 K 70,536 K 1516 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
svchost.exe < 0.01 6,216 K 10,712 K 4032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
acrobat_sl.exe < 0.01 1,240 K 4,812 K 6652 Adobe Acrobat SpeedLauncher Adobe Systems Incorporated (Verified) Adobe Systems, Incorporated
svchost.exe < 0.01 11,624 K 24,196 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
ScanToPCActivationApp.exe < 0.01 2,520 K 9,988 K 6388 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
WmiPrvSE.exe < 0.01 2,140 K 7,048 K 4860
SearchIndexer.exe < 0.01 22,764 K 20,492 K 5076
wsc_proxy.exe < 0.01 5,672 K 11,480 K 296 AVG remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AppleMobileDeviceService.exe < 0.01 2,824 K 10,588 K 1616 MobileDeviceService Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 3,932 K 12,472 K 2608 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
dasHost.exe < 0.01 5,928 K 14,860 K 2416
SynTPEnh.exe < 0.01 3,956 K 9,972 K 1764 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
chrome.exe < 0.01 36,696 K 70,860 K 3948 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 63,508 K 140,412 K 3940 Google Chrome Google LLC (Verified) Google LLC
csrss.exe < 0.01 2,228 K 4,716 K 588
hpservice.exe < 0.01 956 K 4,076 K 1072 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
WmiPrvSE.exe 3,032 K 7,904 K 6140
winlogon.exe 1,512 K 11,472 K 740
wininit.exe 852 K 4,176 K 696
unsecapp.exe 1,084 K 4,836 K 5224
taskhostex.exe 2,020 K 7,280 K 1748 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 1,336 K 5,104 K 3532
SynTPHelper.exe 876 K 3,524 K 5952
svchost.exe 4,856 K 12,600 K 5752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 6,536 K 13,336 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe < 0.01 10,636 K 19,764 K 440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 716 K 3,512 K 2568 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,464 K 4,824 K 1036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 636 K 2,676 K 3884
svchost.exe 3,364 K 10,420 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,436 K 8,304 K 1312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 736 K 3,520 K 2520 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
smss.exe 284 K 1,012 K 376
SearchProtocolHost.exe 1,664 K 5,364 K 6104
SearchFilterHost.exe 1,416 K 4,956 K 3352
RuntimeBroker.exe 3,984 K 13,420 K 4004 Runtime Broker Microsoft Corporation (Verified) Microsoft Windows
RtkNGUI64.exe 4,296 K 10,424 K 6184 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 1,556 K 5,972 K 1104 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,428 K 10,808 K 6340 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,688 K 11,120 K 1132
procexp (1).exe 4,680 K 9,712 K 3932 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PrintIsolationHost.exe 1,656 K 5,784 K 6040
mDNSResponder.exe 1,480 K 5,056 K 2320 Bonjour Service Apple Inc. (Verified) Apple Inc.
hpwuschd2.exe 1,024 K 4,220 K 6712 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,504 K 5,672 K 2432 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSF.exe 3,016 K 4,960 K 2348 HP Support Assistant HP Inc. (Verified) HP Inc.
hpqwmiex.exe 1,656 K 7,132 K 4520 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqtra08.exe 4,900 K 14,604 K 6420 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
HPMSGSVC.exe 1,800 K 6,660 K 6592 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleUpdate.exe 1,532 K 5,452 K 1844
Fuel.Service.exe 1,380 K 5,568 K 1176 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
dllhost.exe 1,572 K 6,352 K 6208
CLIStart.exe 1,880 K 7,500 K 6544 Catalyst® Control Center Launcher Advanced Micro Devices, Inc. (Verified) Advanced Micro Devices, Inc.
ClassicStartMenu.exe 2,528 K 8,848 K 2092 Classic Start Menu IvoSoft (Certificate expired) IvoSoft
chrome.exe 19,192 K 53,716 K 2752 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 17,280 K 38,848 K 3844 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 12,156 K 16,596 K 3852 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 22,780 K 48,992 K 3836 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 13,984 K 26,616 K 3808 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 19,276 K 52,756 K 1080 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 1,996 K 6,204 K 3680 Google Chrome Google LLC (Verified) Google LLC
BackgroundTransferHost.exe 2,712 K 10,884 K 5276 Download/Upload Host Microsoft Corporation (Verified) Microsoft Windows
AVGUI.exe 3,708 K 3,080 K 6376 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AvEmUpdate.exe 2,720 K 8,168 K 3584
armsvc.exe 1,064 K 4,204 K 2000 Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
AERTSr64.exe 504 K 2,588 K 1096 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
AdaptiveSleepService.exe 1,148 K 4,708 K 1976 (No signature was present in the subject)
acrotray.exe 1,408 K 5,396 K 6664 AcroTray Adobe Systems Inc. (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe 1,728 K 1,968 K 6568 Hp Accelerometer System Tray Hewlett-Packard Company (Verified) Hewlett-Packard Company

  • 0

#10
RKinner
Posted 02 August 2023 - 02:33 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

I think your AVG is unhappy for some reason.  Don't know if it's because it's fighting something we can't see in the logs or just because it no longer works well on your version of WIndows.  We can rule out an infection by running the free ESET online scan:

 

https://www.eset.com...online-scanner/

 

Click on One-Time Scan.  This will download esetonlinescanner.exe.  Go to your downloads folder and right click on it and Run As Admin.  Follow the instructions.  Usually takes several hours.

 

IF ESET doesn't find anything then I would uninstall AVG and replace it with the free Avast.  (It's now the same company.  Avast bought up AVG.  I use Avast and it works well without using too much CPU (and they claim to work on 8.1 too).

 

I prefer the free offline version:

 

https://www.avast.co...lation-files#pc

 

Takes a bit longer to download but more reliable install.  Do not let them talk you into the trial version.  Stick with Basic.  They want to do a quick scan at first.  I don't like the scan so I don't recommend it.  If you feel the need for a scan then have it do the boot-time scan.  Much better and since it runs before Windows loads it can catch stuff that might otherwise hide.  Does take a while so I usually let it run over night.

 

Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.
 
  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.
 
When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:
 
 
Copy and paste the text from the log to a Reply when done.
 
 
IF you don't want to do a scan now that's fine.  But do make a new Process Explorer log (remember to wait one minute after starting Process Explorer before making the log).
 
To attach files:
 
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 

  • 0

Advertisements

#11
Beatriceswiss
Posted 02 August 2023 - 03:19 PM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

I will run the ESET scan and post when complete.

 

I will then also post a new Process Explorer log.

 

The screenshots are attached.

Attached Thumbnails

  • Drivers Screenshot.png
  • Processes Screenshot.png

Edited by Beatriceswiss, 02 August 2023 - 03:20 PM.

  • 0

#12
Beatriceswiss
Posted 03 August 2023 - 12:19 PM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

ESET online found only one item of malware, which was quaranteened.

 

New process logs are below.

 

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 93.79 0 K 4 K 0
procexp (1)64.exe 3.38 28,440 K 54,516 K 1952 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 1.13 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 1.13 22,128 K 25,408 K 1000
csrss.exe 0.75 2,692 K 2,956 K 688
chrome.exe 0.38 71,708 K 146,736 K 2808 Google Chrome Google LLC (Verified) Google LLC
System < 0.01 176 K 3,896 K 4
explorer.exe < 0.01 94,636 K 92,076 K 1652 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
chrome.exe < 0.01 137,760 K 227,548 K 4404 Google Chrome Google LLC (Verified) Google LLC
AVGSvc.exe < 0.01 180,232 K 175,256 K 1392 AVG Service AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe < 0.01 59,840 K 32,412 K 6376 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
CCC.exe < 0.01 84,552 K 13,100 K 3568 Catalyst Control Center: Host application ATI Technologies Inc. (No signature was present in the subject) ATI Technologies Inc.
chrome.exe < 0.01 20,400 K 52,968 K 10372 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 19,988 K 42,676 K 10220 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 11,656 K 13,368 K 440 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
chrome.exe < 0.01 14,104 K 27,008 K 11144 Google Chrome Google LLC (Verified) Google LLC
chrome.exe < 0.01 20,348 K 57,888 K 10588 Google Chrome Google LLC (Verified) Google LLC
MOM.exe < 0.01 27,864 K 5,076 K 4412 Catalyst Control Center: Monitoring program Advanced Micro Devices Inc. (No signature was present in the subject) Advanced Micro Devices Inc.
AVGUI.exe < 0.01 33,036 K 6,040 K 7100 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
svchost.exe < 0.01 133,120 K 135,672 K 692 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
AppleMobileDeviceService.exe < 0.01 2,892 K 2,508 K 1616 MobileDeviceService Apple Inc. (Verified) Apple Inc.
aswidsagent.exe < 0.01 32,056 K 35,008 K 4816 AVG Software Analyzer AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
wsc_proxy.exe < 0.01 5,584 K 5,256 K 296 AVG remediation exe AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
SynTPEnh.exe < 0.01 4,140 K 1,008 K 1764 Synaptics TouchPad 64-bit Enhancements Synaptics Incorporated (Verified) Synaptics Incorporated
chrome.exe < 0.01 12,324 K 17,328 K 9504 Google Chrome Google LLC (Verified) Google LLC
svchost.exe < 0.01 4,764 K 4,008 K 2608 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
taskhostex.exe < 0.01 3,584 K 4,356 K 1748 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
hpservice.exe < 0.01 956 K 700 K 1072 HpService Hewlett-Packard Company (Verified) Hewlett-Packard Company
wmpnetwk.exe 6,228 K 4,944 K 3184 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,532 K 5,268 K 4860
winlogon.exe 1,492 K 1,488 K 740
wininit.exe 852 K 624 K 696
unsecapp.exe 1,260 K 1,808 K 8924
SynTPHelper.exe 876 K 112 K 5952
svchost.exe 5,852 K 6,940 K 868 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 4,448 K 5,068 K 2388 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,288 K 8,868 K 5752 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 15,556 K 18,260 K 944 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 17,260 K 16,116 K 1020 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,724 K 8,268 K 4032 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 8,860 K 11,768 K 1164 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 6,000 K 6,244 K 904 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 21,864 K 22,372 K 1708 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,408 K 3,244 K 1312 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 9,880 K 8,404 K 9872 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 1,608 K 2,136 K 1036 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
svchost.exe 3,316 K 3,216 K 2360 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows Publisher
spoolsv.exe 9,224 K 10,508 K 1680 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
smss.exe 284 K 336 K 376
services.exe 4,084 K 5,072 K 792
SearchIndexer.exe 28,676 K 24,324 K 5076 Microsoft Windows Search Indexer Microsoft Corporation (Verified) Microsoft Windows
ScanToPCActivationApp.exe 2,844 K 4,608 K 6388 ScanToPCActivationApp Hewlett-Packard Co. (Verified) Hewlett Packard
RtkNGUI64.exe 4,248 K 2,296 K 6184 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RtkAudioService64.exe 1,724 K 1,320 K 1104 Realtek Audio Service Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,416 K 3,864 K 6340 HD Audio Background Process Realtek Semiconductor (Verified) Realtek Semiconductor Corp
RAVBg64.exe 5,660 K 3,824 K 1132
procexp (1).exe 4,740 K 9,920 K 8488 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
mDNSResponder.exe 1,532 K 1,472 K 2320 Bonjour Service Apple Inc. (Verified) Apple Inc.
lsass.exe 7,840 K 10,144 K 800 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows Publisher
hpwuschd2.exe 1,028 K 1,092 K 6712 hpwuSchd Application Hewlett-Packard (Verified) Hewlett-Packard Company
HPWMISVC.exe 1,272 K 960 K 2432 HP WMI Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
HPSupportSolutionsFrameworkService.exe 39,308 K 15,736 K 4964 HP Support Solutions Framework Service HP Inc. (Verified) HP Inc.
hpqwmiex.exe 1,600 K 2,024 K 4520 HP Software Framework WMI Service Hewlett-Packard Company (Verified) Hewlett-Packard Company
hpqtra08.exe 4,868 K 5,424 K 6420 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
hpqste08.exe 4,468 K 3,660 K 6844 HP CUE Status Root Hewlett-Packard Co. (Verified) Hewlett Packard
hpqgpc01.exe 3,244 K 2,588 K 6944 GPCore COM object Hewlett-Packard (Verified) Hewlett Packard
hpqbam08.exe 1,588 K 1,208 K 6888 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (Verified) Hewlett Packard
HPMSGSVC.exe 1,628 K 1,660 K 6592 HP Message Service Hewlett-Packard Development Company, L.P. (Verified) Hewlett-Packard Company
GoogleCrashHandler64.exe 1,396 K 120 K 4988
GoogleCrashHandler.exe 1,476 K 936 K 6384
Fuel.Service.exe 1,816 K 2,344 K 1176 AMD Fuel Service Advanced Micro Devices, Inc. (No signature was present in the subject) Advanced Micro Devices, Inc.
dllhost.exe 1,368 K 1,152 K 6208
dasHost.exe 6,892 K 6,800 K 2416
csrss.exe 2,128 K 1,920 K 588
ClassicStartMenu.exe 2,500 K 2,000 K 2092 Classic Start Menu IvoSoft (Certificate expired) IvoSoft
chrome.exe 34,820 K 70,608 K 4000 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 23,520 K 52,244 K 8724 Google Chrome Google LLC (Verified) Google LLC
chrome.exe 2,152 K 6,600 K 10088 Google Chrome Google LLC (Verified) Google LLC
AVGUI.exe 39,564 K 8,124 K 5108 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
AVGUI.exe 31,444 K 4,248 K 3596 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
avgToolsSvc.exe 75,928 K 78,672 K 1516 AVG Antivirus AVG Technologies CZ, s.r.o. (Verified) AVG Technologies USA, LLC
aswEngSrv.exe 92,680 K 117,624 K 2768
armsvc.exe 996 K 688 K 2000 Acrobat Update Service Adobe Inc. (Verified) Adobe Inc.
AERTSr64.exe 504 K 404 K 1096 Andrea filters APO access service (64-bit) Andrea Electronics Corporation (Verified) Andrea Electronics
AdaptiveSleepService.exe 1,188 K 1,388 K 1976 (No signature was present in the subject)
acrotray.exe 1,340 K 932 K 6664 AcroTray Adobe Systems Inc. (Verified) Adobe Systems, Incorporated
AccelerometerSt.exe 1,704 K 792 K 6568 Hp Accelerometer System Tray Hewlett-Packard Company (Verified) Hewlett-Packard Company

  • 0

#13
RKinner
Posted 03 August 2023 - 02:58 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks much better now.  Is your PC any faster?


  • 0

#14
Beatriceswiss
Posted 03 August 2023 - 04:19 PM

Beatriceswiss

    Member

  • Topic Starter
  • Member
  • PipPip
  • 80 posts

Somewhat better, but startup takes a long time, opening programs takes a long time.

 

When I checked earlier if Windows update was running, there was a message which I can't recall exactly, but it was along the lines of "update can't proceed because there is another update going on." But nothing happened.


  • 0

#15
RKinner
Posted 04 August 2023 - 08:01 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
 
* Application
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button and wait.
Notepad will open with the output log.
 
 
Please copy and paste the Output log into your next reply 

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP