Jump to content

shirl

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. I had the same issues. Nothing seems to be able to get rid of PUP.Optional.DriverSupport Please help! Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25.02.2019 01 Ran by shirl (27-02-2019 22:22:56) Running from C:\Users\shirl\Downloads Windows 10 Home Version 1803 17134.590 (X64) (2018-07-22 08:13:37) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4096539192-3162152629-878619529-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4096539192-3162152629-878619529-503 - Limited - Disabled) defaultuser0 (S-1-5-21-4096539192-3162152629-878619529-1004 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-4096539192-3162152629-878619529-501 - Limited - Disabled) shirl (S-1-5-21-4096539192-3162152629-878619529-1005 - Administrator - Enabled) => C:\Users\shirl WDAGUtilityAccount (S-1-5-21-4096539192-3162152629-878619529-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.6.0.384 - Adobe Systems Incorporated) Adobe Dreamweaver CC 2018 (HKLM-x32\...\DRWV_18_0) (Version: 18.0 - Adobe Systems Incorporated) Adobe Illustrator CC 2018 (HKLM-x32\...\ILST_22_1) (Version: 22.1 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.) Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4.6527 - CyberLink Corp.) CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.1.3008 - CyberLink Corp.) DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden Driver Support (HKLM-x32\...\DriverSupport) (Version: 10.1.6.14 - PC Drivers HeadQuarters LP) <==== ATTENTION Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.) Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden ELAN Touchpad 18.2.15.7_X64_WHQL (HKLM\...\Elantech) (Version: 18.2.15.7 - ELAN Microelectronic Corp.) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.4.1 - Seiko Epson Corporation) Epson Event Manager (HKLM-x32\...\{B1765501-59E8-4395-BF00-8A2C1F1FC1E0}) (Version: 3.10.0091 - Seiko Epson Corporation) EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.54.0.0 - Seiko Epson Corporation) Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation) Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{4830989D-5FA5-41DF-A02F-5D1B4D5C73B8}) (Version: 4.4.10 - Seiko Epson Corporation) EPSON XP-6100 Series Printer Uninstall (HKLM\...\EPSON XP-6100 Series) (Version: - Seiko Epson Corporation) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 72.0.3626.119 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden HP 3D DriveGuard (HKLM-x32\...\{D3D0E6C5-4B65-4088-A5A9-A7DF27DB5D1A}) (Version: - ) HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.96.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM-x32\...\{b0ebf7ff-6b1a-4a92-9c85-6915be1962b9}) (Version: 5.1.19895 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{6B4A5299-4837-485A-B71D-7F1CE6F8F018}) (Version: 1.0.0.143 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{0F5EBB0D-DF6D-4DBE-9789-57BF05B3B0FD}) (Version: 1.0.145.0 - HP Inc.) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8351.5556 - HP Inc.) HP Support Assistant (HKLM-x32\...\{0A07AA35-BE9C-453F-A2F7-486E68B9DC69}) (Version: 8.7.50.3 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{52A6690A-A8F3-4EDC-8BA9-125FDD65337A}) (Version: 12.10.49.21 - HP Inc.) HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.25 - HP Inc.) HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.13 - HP Inc.) iCloud (HKLM\...\{28ABC5D7-AF47-4476-A6AA-C2DD822ED40F}) (Version: 7.9.0.9 - Apple Inc.) Intel(R) Chipset Device Software (HKLM-x32\...\{aaa7f0fb-02dc-4576-beef-7d24842c5fbe}) (Version: 10.1.1.32 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.10900.330 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1054 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4749 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation) Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{246c6cc0-9810-4728-9a29-28474de2eec5}) (Version: 1.47.866.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation) Intel® Integrated Sensor Solution (HKLM-x32\...\{b3c2a365-876b-4588-97ce-5ab104b07d57}) (Version: 3.0.30.1076 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{4996e560-35d4-4f06-93df-54b6e6ab11c5}) (Version: 20.50.1 - Intel Corporation) ISS_Drivers_x64 (HKLM\...\{7F65AED2-5B3C-40DD-996B-6F8820856F34}) (Version: 3.0.30.1076 - Intel Corporation) Hidden iTunes (HKLM\...\{160EFAC8-C79A-48A2-845C-3F6F577078A0}) (Version: 12.9.2.6 - Apple Inc.) Java 8 Update 171 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation) Kodi (HKU\S-1-5-21-4096539192-3162152629-878619529-1005\...\Kodi) (Version: - XBMC-Foundation) Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes) McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.) Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.11231.20174 - Microsoft Corporation) Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4096539192-3162152629-878619529-1005\...\OneDriveSetup.exe) (Version: 19.012.0121.0009 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.11231.20174 - Microsoft Corporation) Hidden Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.21277 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7851 - Realtek Semiconductor Corp.) SCIT version 3.1 (HKLM-x32\...\{20E72732-8BB2-4E1F-8058-02393D003867}_is1) (Version: 3.1 - NeuroTest Pty Ltd) Sublime Text Build 3176 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation) Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version: - WildTangent) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-3) (Version: 1.0.33.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.14 - WildTangent) Zoom (HKU\S-1-5-21-4096539192-3162152629-878619529-1005\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4096539192-3162152629-878619529-1005_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4096539192-3162152629-878619529-1005_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-1E5F84D52F98}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Windows -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4096539192-3162152629-878619529-1005_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> ) ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> ) ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-02-10] (McAfee, Inc. -> McAfee, Inc.) ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-12-03] (Apple Inc. -> Apple Inc.) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki125121.inf_amd64_26ca8ba649abc040\igfxDTCM.dll [2017-11-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-27] (Adobe Systems Incorporated -> ) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-02-10] (McAfee, Inc. -> McAfee, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04935C9C-FDBD-41C7-815A-CE00577E130B} - System32\Tasks\{66C2C36E-A363-434C-8E61-E488F0B116F7} Task: {0AF80641-5767-4F1B-9852-F65225285911} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe (HP Inc. -> HP Inc.) Task: {293632B5-9E95-442F-AB31-407874C92596} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION Task: {2F408841-C42E-4877-8C71-B99F0DE7A8B3} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {2FB8369E-E86C-4DD4-B022-F9C6A34684B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.) Task: {326CE6CB-AF3B-43CD-B88F-E7CE21B01D30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.) Task: {40CA944A-2565-42DE-ACBB-9913A3A87CF6} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs] Task: {42F53CF1-93F7-40D4-89C5-17D9420DF765} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe (HP Inc. -> HP Inc.) Task: {4E25BA76-B0DC-4C32-9825-743210189407} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {4F3940AD-6ECF-47C6-894D-A8C1A741980B} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-shirl.webber@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe (Adobe Systems Incorporated -> Adobe Systems, Incorporated) Task: {5401C402-AA6E-4D86-A31B-12F15062BF1D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {633D9BDE-3885-45C0-A14E-024225686ADE} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {63E14C08-A586-4602-83B5-AF0FF0FC72D7} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-shirl.webber@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {68C3F5C7-B200-49FA-99E5-38B8E5A87079} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.) Task: {6A68FE26-9D86-421A-9651-A886ADD650AC} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {6C3E5C98-89F9-405F-A701-4F8F04D93535} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {6EAA8334-0016-4AC3-9DB4-A1763C9D5FDC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe (Apple Inc. -> Apple Inc.) Task: {706E80D3-39ED-463B-9B27-22C895CC2AB8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc -> Dropbox, Inc.) Task: {71AB48B4-629A-4AFA-A3C6-726B5B8A81F9} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe (Dropbox, Inc -> ) Task: {7B49980D-622F-44EB-AA32-CCE3AE342774} - System32\Tasks\EPSON XP-6100 Series Update {63BAC7F0-BD61-497C-8DBE-6DA82A7D8D90} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {7DCF7915-6CE2-4665-B29A-3A10D3CB5A9E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {823A70FE-777E-4BF0-BA5A-A89BBFB3586A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation) Task: {8CB09A2A-508C-4669-807E-ABA4E1F8472F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated) Task: {8E2047F6-E81E-4837-9101-43C74E4597A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {8F3C6451-D1CB-4F5B-BDDE-71927741F7FC} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation) Task: {8FEF6122-C474-4CDA-90C2-E88261F6237C} - System32\Tasks\HPCeeScheduleForshirl => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (Hewlett-Packard Company -> HP Development Company, L.P.) Task: {94A97E28-EBBF-4446-9F85-EA373152AD2B} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe (Hewlett-Packard Company -> HP Development Company, L.P.) Task: {9C9C1577-3CD5-43CD-98A7-4D24B2BA4099} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe (McAfee, Inc. -> McAfee, Inc.) Task: {A277DE46-04AA-45CB-998E-978FD6EB8307} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe (McAfee, Inc. -> McAfee, Inc.) Task: {AA6C923D-8AE5-4257-958B-6C1DFDB2F8EB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation) Task: {B4F6E016-8B7B-4519-B7E6-ACC2D487815D} - System32\Tasks\EPSON XP-6100 Series Update {3261EC63-38CB-4271-8587-FCB27621ECDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) Task: {B6AA9A43-9C6F-4C0A-8D0E-1742F4AFE119} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trust Services -> Intel(R) Corporation) Task: {C3228866-AE1D-41AA-A2AE-889908A607ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.) Task: {CFAD6EAE-D27E-4C41-ADCE-F9DB756048EC} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe (HP Inc. -> ) Task: {D0C9D879-1FF1-4E89-9B60-7A1AB7DBC975} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {DD02B1BC-690F-4D57-8A8E-78534E788875} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.) Task: {DD4FB7D4-1267-457C-B16E-33C856BB63D1} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\HP\HP Registration Service\HP GenOOBE\HPGenOOBE.exe (HP Inc.) [File not signed] Task: {DEF2A965-7E53-41A8-BB67-3A4A2F3265E7} - System32\Tasks\{ECB17B16-24AF-41E2-864C-34FE5427FF37} Task: {E15C3798-01D5-4E06-B5AE-EAC569141DF5} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation) Task: {F8CD6C97-B449-454D-B686-BF977A26CF22} - System32\Tasks\{2C932742-413C-4B70-82C9-252094ED4C3C} Task: {F9EB3D6C-B325-4317-87B9-147F109080B5} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION Task: {FBAF54A1-3B6A-470E-9397-73EFBE1E5DDE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe (HP Inc. -> HP Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {3261EC63-38CB-4271-8587-FCB27621ECDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE:/EXE:{3261EC63-38CB-4271-8587-FCB27621ECDD} /F:UpdateWORKGROUP\DESKTOP-QFJJ5EC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\EPSON XP-6100 Series Update {63BAC7F0-BD61-497C-8DBE-6DA82A7D8D90}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSVTE.EXE:/EXE:{63BAC7F0-BD61-497C-8DBE-6DA82A7D8D90} /F:UpdateWORKGROUP\DESKTOP-QFJJ5EC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\HPCeeScheduleForshirl.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-09-14 14:31 - 2016-09-14 14:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\WINDOWS\System32\enppmon.dll 2016-10-19 04:49 - 2016-05-06 09:37 - 000892928 _____ (HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe 2019-02-27 20:51 - 2019-02-01 09:56 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll 2019-02-27 20:51 - 2019-02-01 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll 2019-02-27 20:51 - 2019-02-01 09:56 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll 2019-02-27 22:06 - 2019-02-01 09:56 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll 2019-02-14 15:33 - 2019-02-14 15:33 - 000113152 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HPJumpStartBridge\f785e6b43fad7a881d3a7ba2a8791508\HPJumpStartBridge.ni.exe 2019-02-14 15:32 - 2019-02-14 15:32 - 000120320 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\9bf5754cb1555bccb84206f4db099116\BRIDGECommon.ni.dll 2019-02-14 15:33 - 2019-02-14 15:33 - 000110080 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\d1072b90b83389d6dc49ce9df54ba324\BridgeExtension.ni.dll 2017-02-07 20:22 - 2017-02-07 20:22 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\AppVIsvSubsystems32.dll 2017-02-07 20:22 - 2017-02-07 20:22 - 000000000 ____LMicrosoft Corporation C:\Program Files (x86)\Microsoft Office\root\Office16\c2r32.dll 2009-10-21 17:39 - 2009-10-21 17:39 - 000291328 _____ (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\LcMgr.dll 2017-02-13 14:54 - 2017-02-13 14:54 - 000132096 _____ (Seiko Epson Corporation) [File not signed] C:\Program Files (x86)\EPSON Software\Event Manager\epnsm.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 18:24 - 2015-10-30 18:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-4096539192-3162152629-878619529-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\shirl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{9CCCCFEE-7C86-41B7-8D87-0B201F7FC692}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{3931864C-01A8-4146-9CCF-F84E03799DEE}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc. -> McAfee, Inc.) FirewallRules: [{A381F9CC-7C82-4C5F-8F6D-F8592753B4D4}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE No File FirewallRules: [{59E84133-9D41-44ED-9F26-404E58A2CEFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe No File FirewallRules: [{17D6C239-EDDA-4BD6-B728-C161BAF53142}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe No File FirewallRules: [{19419BAE-1654-478F-BD12-5B9BCC0B30F0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe No File FirewallRules: [{FB27C5E3-2D22-46E2-8A54-6A61B70FA4B1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe No File FirewallRules: [{381FEE2C-77D2-4A74-B3B8-5F7EA854AE80}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.) FirewallRules: [{A349772C-0FEF-4251-B7DE-8A8851AE9FDD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe No File FirewallRules: [{7D990E77-0EB0-4611-9075-4E5CC5C877F3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe No File FirewallRules: [TCP Query User{40E4CF46-07DF-47DC-85AE-82A9ABBC6CE6}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed] FirewallRules: [UDP Query User{F4483CA9-FB78-42DB-B938-5A5EBA5D8A88}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed] FirewallRules: [{0C2027A6-294D-4C07-A5D5-5F3173C2F584}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1F4D018D-D59B-4867-87FD-D1630E9FD39B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2D9E172B-617A-43CD-AFDD-1E2FD81D9676}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{DDF039D0-1CDE-408C-AAE4-ADB78E17F3E6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{AB5E1560-D949-4620-BCB3-1AD9CF7B3C61}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [UDP Query User{80FAAD96-C0B9-49E9-9713-CF55EBC4E04C}C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe] => (Allow) C:\program files\adobe\adobe dreamweaver cc 2018\node\node.exe (Adobe Systems Incorporated -> Node.js) FirewallRules: [{6AEF0031-24F6-482A-8351-BA1B9C0F8A6F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{A3FC0B2E-1801-42B6-B563-3020FE525862}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F8FE1228-5227-44AE-8B89-E8F5F434C1C0}] => (Allow) C:\Users\shirl\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File FirewallRules: [{2427EB11-1670-45E7-982B-5FBD937CD641}] => (Allow) C:\Users\shirl\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\Data\ENEasyApp.exe No File FirewallRules: [{481734AF-305F-4AE6-83F0-111A598248F1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{C25D7119-700F-43C3-8C5A-4DDA08A017A1}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) FirewallRules: [{25AA6785-63D6-44B6-A83E-407CA7558E39}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{B72DE657-BE31-4328-A998-707719A58155}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe (SEIKO EPSON CORPORATION -> Seiko Epson Corporation) FirewallRules: [{FD5493BB-747D-4B2E-8950-DDBA1DCD29C8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.) ==================== Restore Points ========================= 20-02-2019 19:46:04 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= Name: WAN Miniport (PPPOE) Description: WAN Miniport (PPPOE) Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: RasPppoe Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:25 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0 Error: (02/27/2019 10:12:19 PM) (Source: DPTF) (EventID: 256) (User: ) Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.2.10900.330) TYPE: ERROR MODULE: DPTF TIME 6792 ms DPTF Build Version: 8.2.10900.330 DPTF Build Date: May 16 2016 11:32:37 Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 1002 Executing Function: PolicyBase::takeControlOfOsc Message: Passive Policy 2: Failed to acquire OSC: Failure during execution of _OSC: DPTF Build Version: 8.2.10900.330 DPTF Build Date: May 16 2016 11:32:37 Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473 Executing Function: EsifServices::primitiveExecuteSet Message: Error returned from ESIF services interface function call Participant: NoParticipant Domain: NoDomain ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93] ESIF Instance: 255 ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202] Policy: Passive Policy 2 [1] Error: (02/27/2019 09:42:37 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY) Description: Skipping: Eap method DLL path validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0 System errors: ============= Error: (02/27/2019 10:22:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:16:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:14:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:14:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:14:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:13:16 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QFJJ5EC) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscCloudBackupProvider and APPID Unavailable to the user DESKTOP-QFJJ5EC\shirl SID (S-1-5-21-4096539192-3162152629-878619529-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:13:04 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QFJJ5EC) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-QFJJ5EC\shirl SID (S-1-5-21-4096539192-3162152629-878619529-1005) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (02/27/2019 10:12:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Windows Defender: =================================== Date: 2019-02-27 21:36:36.752 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C6F8AD0C-F6D1-4B85-B817-BE32FAFBAA8E} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-02-12 10:21:27.978 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {4AEAB94A-450B-45B3-AB99-AF78227B4549} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-22 21:23:26.986 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {4BF07ECC-BDFE-4B6A-8DB2-D8095E187943} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-22 21:18:22.145 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {2A488203-C26B-4CED-A174-8E7F3D7B623F} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-22 21:12:13.780 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {276F52E5-7F8C-450C-B54D-38BF01712D33} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-01-25 14:02:27.304 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.285.6.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15600.4 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2019-01-22 09:23:52.606 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.283.3395.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15500.2 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-12-07 21:11:42.635 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.281.1406.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15400.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-11-16 18:28:54.813 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.281.101.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15400.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2018-11-13 21:14:39.031 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.281.34.0 Update Source: Microsoft Malware Protection Center Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.15400.5 Error code: 0x80070670 Error description: No valid sequence could be found for the set of updates. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz Percentage of memory in use: 68% Total physical RAM: 8064.57 MB Available physical RAM: 2546.65 MB Total Virtual: 13184.57 MB Available Virtual: 7151.48 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:221.8 GB) (Free:27.13 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:15.44 GB) (Free:1.63 GB) NTFS ==>[system with boot components (obtained from drive)] \\?\Volume{73b0d20e-73bf-4fca-ad51-598655180437}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.39 GB) NTFS \\?\Volume{abbfae46-96d5-4cf6-9a3d-ac93f7c13b5e}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: A50E1C7D) Partition: GPT. ==================== End of Addition.txt ============================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.