[SOLVED] Win7 Update DOA. Genuine Windows message keeps popping up

D

dhr

Contributor
Joined
Jun 9, 2018
Posts
7
The Computer runs fine. No Win7 updates. Cannot view update history. Keep getting an occasional message about Not Running Genuine Windows although checking status in System Properties shows windows activated. Virus scan with Windows Essentials is clean.

sfc details

2018-06-09 07:30:39, Info CSI 00000009 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:39, Info CSI 0000000a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:39, Info CSI 0000000c [SR] Verify complete
2018-06-09 07:30:39, Info CSI 0000000d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:39, Info CSI 0000000e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:39, Info CSI 00000010 [SR] Verify complete
2018-06-09 07:30:40, Info CSI 00000011 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:40, Info CSI 00000012 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:40, Info CSI 00000014 [SR] Verify complete
2018-06-09 07:30:40, Info CSI 00000015 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:40, Info CSI 00000016 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:40, Info CSI 00000018 [SR] Verify complete
2018-06-09 07:30:40, Info CSI 00000019 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:40, Info CSI 0000001a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:41, Info CSI 0000001c [SR] Verify complete
2018-06-09 07:30:41, Info CSI 0000001d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:41, Info CSI 0000001e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:41, Info CSI 00000020 [SR] Verify complete
2018-06-09 07:30:41, Info CSI 00000021 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:41, Info CSI 00000022 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:41, Info CSI 00000024 [SR] Verify complete
2018-06-09 07:30:42, Info CSI 00000025 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:42, Info CSI 00000026 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:42, Info CSI 00000028 [SR] Verify complete
2018-06-09 07:30:42, Info CSI 00000029 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:42, Info CSI 0000002a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:42, Info CSI 0000002c [SR] Verify complete
2018-06-09 07:30:42, Info CSI 0000002d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:42, Info CSI 0000002e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:43, Info CSI 00000030 [SR] Verify complete
2018-06-09 07:30:43, Info CSI 00000031 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:43, Info CSI 00000032 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:43, Info CSI 00000034 [SR] Verify complete
2018-06-09 07:30:43, Info CSI 00000035 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:43, Info CSI 00000036 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:43, Info CSI 00000038 [SR] Verify complete
2018-06-09 07:30:43, Info CSI 00000039 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:43, Info CSI 0000003a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:44, Info CSI 0000003c [SR] Verify complete
2018-06-09 07:30:44, Info CSI 0000003d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:44, Info CSI 0000003e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:44, Info CSI 00000040 [SR] Verify complete
2018-06-09 07:30:44, Info CSI 00000041 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:44, Info CSI 00000042 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:44, Info CSI 00000044 [SR] Verify complete
2018-06-09 07:30:45, Info CSI 00000045 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:45, Info CSI 00000046 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:45, Info CSI 00000048 [SR] Verify complete
2018-06-09 07:30:45, Info CSI 00000049 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:45, Info CSI 0000004a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:45, Info CSI 0000004c [SR] Verify complete
2018-06-09 07:30:45, Info CSI 0000004d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:45, Info CSI 0000004e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:46, Info CSI 00000050 [SR] Verify complete
2018-06-09 07:30:46, Info CSI 00000051 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:46, Info CSI 00000052 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:46, Info CSI 00000054 [SR] Verify complete
2018-06-09 07:30:46, Info CSI 00000055 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:46, Info CSI 00000056 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:46, Info CSI 00000058 [SR] Verify complete
2018-06-09 07:30:46, Info CSI 00000059 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:46, Info CSI 0000005a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:47, Info CSI 0000005c [SR] Verify complete
2018-06-09 07:30:47, Info CSI 0000005d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:47, Info CSI 0000005e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:47, Info CSI 00000060 [SR] Verify complete
2018-06-09 07:30:47, Info CSI 00000061 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:47, Info CSI 00000062 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:47, Info CSI 00000064 [SR] Verify complete
2018-06-09 07:30:48, Info CSI 00000065 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:48, Info CSI 00000066 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:48, Info CSI 00000068 [SR] Verify complete
2018-06-09 07:30:48, Info CSI 00000069 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:48, Info CSI 0000006a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:49, Info CSI 0000006c [SR] Verify complete
2018-06-09 07:30:49, Info CSI 0000006d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:49, Info CSI 0000006e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:49, Info CSI 00000070 [SR] Verify complete
2018-06-09 07:30:49, Info CSI 00000071 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:49, Info CSI 00000072 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:50, Info CSI 00000074 [SR] Verify complete
2018-06-09 07:30:50, Info CSI 00000075 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:50, Info CSI 00000076 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:50, Info CSI 00000078 [SR] Verify complete
2018-06-09 07:30:50, Info CSI 00000079 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:50, Info CSI 0000007a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:51, Info CSI 0000007c [SR] Verify complete
2018-06-09 07:30:51, Info CSI 0000007d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:51, Info CSI 0000007e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:51, Info CSI 00000080 [SR] Verify complete
2018-06-09 07:30:51, Info CSI 00000081 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:51, Info CSI 00000082 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:52, Info CSI 00000084 [SR] Verify complete
2018-06-09 07:30:52, Info CSI 00000085 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:52, Info CSI 00000086 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:52, Info CSI 00000088 [SR] Verify complete
2018-06-09 07:30:52, Info CSI 00000089 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:52, Info CSI 0000008a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:53, Info CSI 0000008c [SR] Verify complete
2018-06-09 07:30:53, Info CSI 0000008d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:53, Info CSI 0000008e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:53, Info CSI 00000090 [SR] Verify complete
2018-06-09 07:30:53, Info CSI 00000091 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:53, Info CSI 00000092 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:54, Info CSI 00000094 [SR] Verify complete
2018-06-09 07:30:54, Info CSI 00000095 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:54, Info CSI 00000096 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:54, Info CSI 00000098 [SR] Verify complete
2018-06-09 07:30:54, Info CSI 00000099 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:54, Info CSI 0000009a [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:55, Info CSI 0000009c [SR] Verify complete
2018-06-09 07:30:55, Info CSI 0000009d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:55, Info CSI 0000009e [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:56, Info CSI 000000a0 [SR] Verify complete
2018-06-09 07:30:56, Info CSI 000000a1 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:56, Info CSI 000000a2 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:56, Info CSI 000000a4 [SR] Verify complete
2018-06-09 07:30:56, Info CSI 000000a5 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:56, Info CSI 000000a6 [SR] Beginning Verify and Repair transaction
2018-06-09 07:30:57, Info CSI 000000a8 [SR] Verify complete
2018-06-09 07:30:57, Info CSI 000000a9 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:30:57, Info CSI 000000aa [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:00, Info CSI 000000ad [SR] Verify complete
2018-06-09 07:31:00, Info CSI 000000ae [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:00, Info CSI 000000af [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:02, Info CSI 000000b3 [SR] Verify complete
2018-06-09 07:31:02, Info CSI 000000b4 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:02, Info CSI 000000b5 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:04, Info CSI 000000b8 [SR] Verify complete
2018-06-09 07:31:04, Info CSI 000000b9 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:04, Info CSI 000000ba [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:06, Info CSI 000000bd [SR] Verify complete
2018-06-09 07:31:06, Info CSI 000000be [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:06, Info CSI 000000bf [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:08, Info CSI 000000c1 [SR] Verify complete
2018-06-09 07:31:08, Info CSI 000000c2 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:08, Info CSI 000000c3 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:12, Info CSI 000000e8 [SR] Verify complete
2018-06-09 07:31:13, Info CSI 000000e9 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:13, Info CSI 000000ea [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:14, Info CSI 000000ec [SR] Verify complete
2018-06-09 07:31:15, Info CSI 000000ed [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:15, Info CSI 000000ee [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:16, Info CSI 000000f0 [SR] Verify complete
2018-06-09 07:31:16, Info CSI 000000f1 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:16, Info CSI 000000f2 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:18, Info CSI 000000f4 [SR] Verify complete
2018-06-09 07:31:18, Info CSI 000000f5 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:18, Info CSI 000000f6 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:20, Info CSI 000000f8 [SR] Verify complete
2018-06-09 07:31:20, Info CSI 000000f9 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:20, Info CSI 000000fa [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:21, Info CSI 000000fc [SR] Verify complete
2018-06-09 07:31:21, Info CSI 000000fd [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:21, Info CSI 000000fe [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:25, Info CSI 00000102 [SR] Verify complete
2018-06-09 07:31:26, Info CSI 00000103 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:26, Info CSI 00000104 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:29, Info CSI 00000125 [SR] Verify complete
2018-06-09 07:31:29, Info CSI 00000126 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:29, Info CSI 00000127 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:34, Info CSI 00000129 [SR] Verify complete
2018-06-09 07:31:34, Info CSI 0000012a [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:34, Info CSI 0000012b [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:39, Info CSI 0000012f [SR] Verify complete
2018-06-09 07:31:39, Info CSI 00000130 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:39, Info CSI 00000131 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:40, Info CSI 00000133 [SR] Verify complete
2018-06-09 07:31:41, Info CSI 00000134 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:41, Info CSI 00000135 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:42, Info CSI 00000137 [SR] Verify complete
2018-06-09 07:31:42, Info CSI 00000138 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:42, Info CSI 00000139 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:43, Info CSI 0000013b [SR] Verify complete
2018-06-09 07:31:43, Info CSI 0000013c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:43, Info CSI 0000013d [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:49, Info CSI 00000150 [SR] Verify complete
2018-06-09 07:31:49, Info CSI 00000151 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:49, Info CSI 00000152 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:50, Info CSI 00000154 [SR] Verify complete
2018-06-09 07:31:50, Info CSI 00000155 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:50, Info CSI 00000156 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:51, Info CSI 00000158 [SR] Verify complete
2018-06-09 07:31:51, Info CSI 00000159 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:51, Info CSI 0000015a [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:52, Info CSI 0000015c [SR] Verify complete
2018-06-09 07:31:52, Info CSI 0000015d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:52, Info CSI 0000015e [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:54, Info CSI 00000160 [SR] Verify complete
2018-06-09 07:31:54, Info CSI 00000161 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:54, Info CSI 00000162 [SR] Beginning Verify and Repair transaction
2018-06-09 07:31:59, Info CSI 00000166 [SR] Verify complete
2018-06-09 07:31:59, Info CSI 00000167 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:31:59, Info CSI 00000168 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:02, Info CSI 0000016a [SR] Verify complete
2018-06-09 07:32:02, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:02, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:02, Info CSI 0000016e [SR] Verify complete
2018-06-09 07:32:02, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:02, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:04, Info CSI 00000172 [SR] Verify complete
2018-06-09 07:32:05, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:05, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:06, Info CSI 00000176 [SR] Verify complete
2018-06-09 07:32:06, Info CSI 00000177 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:06, Info CSI 00000178 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:08, Info CSI 0000017a [SR] Verify complete
2018-06-09 07:32:09, Info CSI 0000017b [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:09, Info CSI 0000017c [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:14, Info CSI 00000187 [SR] Verify complete
2018-06-09 07:32:15, Info CSI 00000188 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:15, Info CSI 00000189 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:18, Info CSI 00000198 [SR] Verify complete
2018-06-09 07:32:18, Info CSI 00000199 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:18, Info CSI 0000019a [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:26, Info CSI 0000019c [SR] Verify complete
2018-06-09 07:32:27, Info CSI 0000019d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:27, Info CSI 0000019e [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:29, Info CSI 000001a0 [SR] Verify complete
2018-06-09 07:32:29, Info CSI 000001a1 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:29, Info CSI 000001a2 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:33, Info CSI 000001a5 [SR] Verify complete
2018-06-09 07:32:33, Info CSI 000001a6 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:33, Info CSI 000001a7 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:35, Info CSI 000001a9 [SR] Verify complete
2018-06-09 07:32:35, Info CSI 000001aa [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:35, Info CSI 000001ab [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:37, Info CSI 000001ad [SR] Verify complete
2018-06-09 07:32:37, Info CSI 000001ae [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:37, Info CSI 000001af [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:38, Info CSI 000001b1 [SR] Verify complete
2018-06-09 07:32:39, Info CSI 000001b2 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:39, Info CSI 000001b3 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:40, Info CSI 000001b7 [SR] Verify complete
2018-06-09 07:32:40, Info CSI 000001b8 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:40, Info CSI 000001b9 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:46, Info CSI 000001bb [SR] Verify complete
2018-06-09 07:32:46, Info CSI 000001bc [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:46, Info CSI 000001bd [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:50, Info CSI 000001c0 [SR] Verify complete
2018-06-09 07:32:51, Info CSI 000001c1 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:51, Info CSI 000001c2 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:53, Info CSI 000001c4 [SR] Verify complete
2018-06-09 07:32:53, Info CSI 000001c5 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:53, Info CSI 000001c6 [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:55, Info CSI 000001c9 [SR] Verify complete
2018-06-09 07:32:55, Info CSI 000001ca [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:55, Info CSI 000001cb [SR] Beginning Verify and Repair transaction
2018-06-09 07:32:58, Info CSI 000001cd [SR] Verify complete
2018-06-09 07:32:58, Info CSI 000001ce [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:32:58, Info CSI 000001cf [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:01, Info CSI 000001d2 [SR] Verify complete
2018-06-09 07:33:01, Info CSI 000001d3 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:01, Info CSI 000001d4 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:03, Info CSI 000001d6 [SR] Verify complete
2018-06-09 07:33:03, Info CSI 000001d7 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:03, Info CSI 000001d8 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:06, Info CSI 000001da [SR] Verify complete
2018-06-09 07:33:06, Info CSI 000001db [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:06, Info CSI 000001dc [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:08, Info CSI 000001df [SR] Verify complete
2018-06-09 07:33:08, Info CSI 000001e0 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:08, Info CSI 000001e1 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:10, Info CSI 000001e3 [SR] Verify complete
2018-06-09 07:33:10, Info CSI 000001e4 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:10, Info CSI 000001e5 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:12, Info CSI 000001e8 [SR] Verify complete
2018-06-09 07:33:12, Info CSI 000001e9 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:12, Info CSI 000001ea [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:14, Info CSI 000001ed [SR] Verify complete
2018-06-09 07:33:14, Info CSI 000001ee [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:14, Info CSI 000001ef [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:17, Info CSI 000001f2 [SR] Verify complete
2018-06-09 07:33:17, Info CSI 000001f3 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:17, Info CSI 000001f4 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:19, Info CSI 000001f7 [SR] Verify complete
2018-06-09 07:33:19, Info CSI 000001f8 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:19, Info CSI 000001f9 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:22, Info CSI 000001fb [SR] Verify complete
2018-06-09 07:33:22, Info CSI 000001fc [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:22, Info CSI 000001fd [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:25, Info CSI 00000200 [SR] Verify complete
2018-06-09 07:33:25, Info CSI 00000201 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:25, Info CSI 00000202 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:26, Info CSI 00000204 [SR] Verify complete
2018-06-09 07:33:26, Info CSI 00000205 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:26, Info CSI 00000206 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:27, Info CSI 00000208 [SR] Verify complete
2018-06-09 07:33:27, Info CSI 00000209 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:27, Info CSI 0000020a [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:29, Info CSI 0000020c [SR] Verify complete
2018-06-09 07:33:29, Info CSI 0000020d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:29, Info CSI 0000020e [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:30, Info CSI 00000210 [SR] Verify complete
2018-06-09 07:33:31, Info CSI 00000211 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:31, Info CSI 00000212 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:33, Info CSI 00000214 [SR] Verify complete
2018-06-09 07:33:33, Info CSI 00000215 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:33, Info CSI 00000216 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:34, Info CSI 00000218 [SR] Verify complete
2018-06-09 07:33:34, Info CSI 00000219 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:34, Info CSI 0000021a [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:36, Info CSI 0000021c [SR] Verify complete
2018-06-09 07:33:36, Info CSI 0000021d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:36, Info CSI 0000021e [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:40, Info CSI 00000220 [SR] Verify complete
2018-06-09 07:33:40, Info CSI 00000221 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:40, Info CSI 00000222 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:44, Info CSI 00000224 [SR] Verify complete
2018-06-09 07:33:44, Info CSI 00000225 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:44, Info CSI 00000226 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:46, Info CSI 00000228 [SR] Verify complete
2018-06-09 07:33:46, Info CSI 00000229 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:46, Info CSI 0000022a [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:47, Info CSI 0000022c [SR] Verify complete
2018-06-09 07:33:47, Info CSI 0000022d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:47, Info CSI 0000022e [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:48, Info CSI 00000230 [SR] Verify complete
2018-06-09 07:33:48, Info CSI 00000231 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:48, Info CSI 00000232 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:49, Info CSI 00000234 [SR] Verify complete
2018-06-09 07:33:49, Info CSI 00000235 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:49, Info CSI 00000236 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:50, Info CSI 00000238 [SR] Verify complete
2018-06-09 07:33:51, Info CSI 00000239 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:51, Info CSI 0000023a [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:51, Info CSI 0000023c [SR] Verify complete
2018-06-09 07:33:51, Info CSI 0000023d [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:51, Info CSI 0000023e [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:52, Info CSI 00000240 [SR] Verify complete
2018-06-09 07:33:52, Info CSI 00000241 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:52, Info CSI 00000242 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:55, Info CSI 0000024a [SR] Verify complete
2018-06-09 07:33:55, Info CSI 0000024b [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:55, Info CSI 0000024c [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:56, Info CSI 0000024e [SR] Verify complete
2018-06-09 07:33:56, Info CSI 0000024f [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:56, Info CSI 00000250 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:57, Info CSI 00000252 [SR] Verify complete
2018-06-09 07:33:57, Info CSI 00000253 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:57, Info CSI 00000254 [SR] Beginning Verify and Repair transaction
2018-06-09 07:33:58, Info CSI 00000256 [SR] Verify complete
2018-06-09 07:33:58, Info CSI 00000257 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:33:58, Info CSI 00000258 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:01, Info CSI 0000025a [SR] Verify complete
2018-06-09 07:34:01, Info CSI 0000025b [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:01, Info CSI 0000025c [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:05, Info CSI 0000025f [SR] Verify complete
2018-06-09 07:34:05, Info CSI 00000260 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:05, Info CSI 00000261 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:06, Info CSI 00000263 [SR] Verify complete
2018-06-09 07:34:06, Info CSI 00000264 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:06, Info CSI 00000265 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:07, Info CSI 00000267 [SR] Verify complete
2018-06-09 07:34:07, Info CSI 00000268 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:07, Info CSI 00000269 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:14, Info CSI 0000026e [SR] Verify complete
2018-06-09 07:34:14, Info CSI 0000026f [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:14, Info CSI 00000270 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:17, Info CSI 00000275 [SR] Verify complete
2018-06-09 07:34:18, Info CSI 00000276 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:18, Info CSI 00000277 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:21, Info CSI 00000279 [SR] Verify complete
2018-06-09 07:34:21, Info CSI 0000027a [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:21, Info CSI 0000027b [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:24, Info CSI 00000289 [SR] Verify complete
2018-06-09 07:34:24, Info CSI 0000028a [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:24, Info CSI 0000028b [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:27, Info CSI 00000291 [SR] Verify complete
2018-06-09 07:34:28, Info CSI 00000292 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:28, Info CSI 00000293 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:29, Info CSI 00000295 [SR] Verify complete
2018-06-09 07:34:29, Info CSI 00000296 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:29, Info CSI 00000297 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:31, Info CSI 0000029b [SR] Verify complete
2018-06-09 07:34:31, Info CSI 0000029c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:31, Info CSI 0000029d [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:32, Info CSI 0000029f [SR] Verify complete
2018-06-09 07:34:33, Info CSI 000002a0 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:33, Info CSI 000002a1 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:36, Info CSI 000002c6 [SR] Verify complete
2018-06-09 07:34:37, Info CSI 000002c7 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:37, Info CSI 000002c8 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:38, Info CSI 000002ca [SR] Verify complete
2018-06-09 07:34:38, Info CSI 000002cb [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:38, Info CSI 000002cc [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:39, Info CSI 000002ce [SR] Verify complete
2018-06-09 07:34:39, Info CSI 000002cf [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:39, Info CSI 000002d0 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:41, Info CSI 000002d2 [SR] Verify complete
2018-06-09 07:34:41, Info CSI 000002d3 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:41, Info CSI 000002d4 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:43, Info CSI 000002e2 [SR] Verify complete
2018-06-09 07:34:43, Info CSI 000002e3 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:43, Info CSI 000002e4 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:45, Info CSI 000002e6 [SR] Verify complete
2018-06-09 07:34:46, Info CSI 000002e7 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:46, Info CSI 000002e8 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:50, Info CSI 000002f6 [SR] Verify complete
2018-06-09 07:34:50, Info CSI 000002f7 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:50, Info CSI 000002f8 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:51, Info CSI 000002fa [SR] Verify complete
2018-06-09 07:34:51, Info CSI 000002fb [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:51, Info CSI 000002fc [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:52, Info CSI 000002fe [SR] Verify complete
2018-06-09 07:34:53, Info CSI 000002ff [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:53, Info CSI 00000300 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:55, Info CSI 00000303 [SR] Verify complete
2018-06-09 07:34:55, Info CSI 00000304 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:55, Info CSI 00000305 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:55, Info CSI 00000307 [SR] Verify complete
2018-06-09 07:34:56, Info CSI 00000308 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:56, Info CSI 00000309 [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:57, Info CSI 0000030b [SR] Verify complete
2018-06-09 07:34:58, Info CSI 0000030c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:58, Info CSI 0000030d [SR] Beginning Verify and Repair transaction
2018-06-09 07:34:59, Info CSI 0000030f [SR] Verify complete
2018-06-09 07:34:59, Info CSI 00000310 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:34:59, Info CSI 00000311 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:03, Info CSI 0000031b [SR] Verify complete
2018-06-09 07:35:03, Info CSI 0000031c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:03, Info CSI 0000031d [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:07, Info CSI 0000032f [SR] Verify complete
2018-06-09 07:35:07, Info CSI 00000330 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:07, Info CSI 00000331 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:14, Info CSI 00000333 [SR] Verify complete
2018-06-09 07:35:15, Info CSI 00000334 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:15, Info CSI 00000335 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:16, Info CSI 00000337 [SR] Verify complete
2018-06-09 07:35:16, Info CSI 00000338 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:16, Info CSI 00000339 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:17, Info CSI 0000033b [SR] Verify complete
2018-06-09 07:35:17, Info CSI 0000033c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:17, Info CSI 0000033d [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:18, Info CSI 00000341 [SR] Verify complete
2018-06-09 07:35:18, Info CSI 00000342 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:18, Info CSI 00000343 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:20, Info CSI 00000345 [SR] Verify complete
2018-06-09 07:35:20, Info CSI 00000346 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:20, Info CSI 00000347 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:22, Info CSI 00000349 [SR] Verify complete
2018-06-09 07:35:22, Info CSI 0000034a [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:22, Info CSI 0000034b [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:23, Info CSI 0000034d [SR] Verify complete
2018-06-09 07:35:23, Info CSI 0000034e [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:23, Info CSI 0000034f [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:24, Info CSI 00000352 [SR] Verify complete
2018-06-09 07:35:25, Info CSI 00000353 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:25, Info CSI 00000354 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:26, Info CSI 00000356 [SR] Verify complete
2018-06-09 07:35:26, Info CSI 00000357 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:26, Info CSI 00000358 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:28, Info CSI 0000035a [SR] Verify complete
2018-06-09 07:35:28, Info CSI 0000035b [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:28, Info CSI 0000035c [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:30, Info CSI 0000035f [SR] Verify complete
2018-06-09 07:35:30, Info CSI 00000360 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:30, Info CSI 00000361 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:31, Info CSI 00000363 [SR] Verify complete
2018-06-09 07:35:31, Info CSI 00000364 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:31, Info CSI 00000365 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:33, Info CSI 00000367 [SR] Verify complete
2018-06-09 07:35:33, Info CSI 00000368 [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:33, Info CSI 00000369 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:35, Info CSI 0000036b [SR] Verify complete
2018-06-09 07:35:35, Info CSI 0000036c [SR] Verifying 100 (0x0000000000000064) components
2018-06-09 07:35:35, Info CSI 0000036d [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:37, Info CSI 0000036f [SR] Verify complete
2018-06-09 07:35:37, Info CSI 00000370 [SR] Verifying 57 (0x0000000000000039) components
2018-06-09 07:35:37, Info CSI 00000371 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:38, Info CSI 00000373 [SR] Verify complete
2018-06-09 07:35:38, Info CSI 00000374 [SR] Repairing 0 components
2018-06-09 07:35:38, Info CSI 00000375 [SR] Beginning Verify and Repair transaction
2018-06-09 07:35:38, Info CSI 00000377 [SR] Repair complete

SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-06-09 10:35:49.291
Microsoft Windows 7 Service Pack 1 - amd64 THIS IS NOT AMD.... its Intel Core2 Quad Q8300
Not using a script file.








AutoAnalysis::
SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.








Successfully processed all directives.






Failed to generate a complete zip file. Upload aborted.




SFCFix version 3.0.0.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2018-06-09 14:10:15.848
----------------------EOF-----------------------
 

Attachments

  • Not Running Genuine Widows message 0x8004fe21.PNG
    Not Running Genuine Widows message 0x8004fe21.PNG
    100.7 KB · Views: 2
  • rename systemdistribution access denied.PNG
    rename systemdistribution access denied.PNG
    31.4 KB · Views: 1
softwaremaniac said:
Hello and welcome, please carry out the rest of the instructions: Windows Update Forum Posting Instructions

SURT run, SFC run, CBS export.
Click to expand...

Thanks for the reply.

Step #3 – SURT/DISM Scan returns this message.
Windows update intaller failed 0xc8000247.PNG


​Its running according the Task Manager, but 40 minutes later, no reports. Now I cannot access the windows update page, The Computer Home page is locked with a spinning circle on the pointer after clicking "Windows Update" in the lower lift corner.


Step #4 - Run SFCFix
SFCfix summary.PNG
SFCFix version 3.0.0.0 by niemiro.
Start time: 2018-06-10 09:45:45.687
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.

AutoAnalysis::








SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.

Step #5 – Export/Upload CBS folder
Attached.

Thanks!



 

Attachments

Step#1 - FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.
 
softwaremaniac said:
Step#1 - FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.
Click to expand...

Here you go...Thanks!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by DHR (administrator) on DENNIS-PC (10-06-2018 23:05:57)
Running from C:\Users\DHR\Downloads
Loaded Profiles: Colleen & DHR (Available Profiles: Colleen & DHR)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(ArcSoft, Inc.) C:\Users\Colleen\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Hauppauge Computer Works, Inc) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureGenPCI.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Google, Inc.) C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe
() C:\Program Files\Google\Drive File Stream\25.252.303.31\crashpad_handler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard Company) C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Google, Inc.) C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1431276350\ee\aolsoftware.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google, Inc.) C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Google, Inc.) C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
() C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\Ir.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1431276350\ee\aolsoftware.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Acronis International GmbH) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
() C:\Users\Colleen\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
() C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Microsoft Corporation) C:\Windows\System32\wusa.exe
(Microsoft Corporation) C:\Windows\ehome\mcGlidHost.exe
(Microsoft Corporation) C:\Windows\System32\Wat\WatUX.exe
(Microsoft Corporation) C:\Windows\ehome\ehvid.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [541568 2017-11-29] ()
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] => C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [UpdatePRCShortCut] => "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1431276350\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [976320 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-10] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2187336 2018-01-06] ()
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425352 2016-06-03] (Acronis International GmbH)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4034944 2017-11-29] ()
HKU\S-1-5-21-561410102-3470156359-296495681-1003\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-561410102-3470156359-296495681-1003\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [385024 2010-03-10] (AMD)
HKU\S-1-5-21-561410102-3470156359-296495681-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-561410102-3470156359-296495681-1003\...\MountPoints2: {fbfa4930-1a2a-11e6-894b-00038a000015} - O:\HPLauncher.exe
HKU\S-1-5-21-561410102-3470156359-296495681-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-561410102-3470156359-296495681-1004\...\Run: [HPADVISOR] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\S-1-5-21-561410102-3470156359-296495681-1004\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe [28989176 2018-05-29] (Google, Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1462184 2018-03-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk [2015-05-10]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk [2015-05-10]
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PictureMover.lnk [2009-09-08]
ShortcutTarget: PictureMover.lnk -> C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe (Hewlett-Packard Company)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status..lnk [2015-05-10]
ShortcutTarget: WinTV Recording Status..lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AOL Desktop Launcher.lnk [2018-06-01]
ShortcutTarget: AOL Desktop Launcher.lnk -> C:\Users\DHR\AppData\Local\AOLDesktop\AolTrayApp.exe (No File)
Startup: C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HP SimpleSave Monitor.lnk [2018-02-05]
ShortcutTarget: HP SimpleSave Monitor.lnk -> C:\Users\DHR\AppData\Roaming\HP SimpleSave Application\StartHelper.exe (No File)
GroupPolicy: Restriction ? <==== ATTENTION


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{969A3DA4-8EE6-474D-8B71-692AAE778268}: [DhcpNameServer] 192.168.1.1


Internet Explorer:
==================
HKU\S-1-5-21-561410102-3470156359-296495681-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-561410102-3470156359-296495681-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
HKU\S-1-5-21-561410102-3470156359-296495681-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
HKU\S-1-5-21-561410102-3470156359-296495681-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_US&c=94&bd=Pavilion&pf=cndt
SearchScopes: HKLM -> DefaultScope {9307525F-5986-418D-BDC6-C2B9608AA6FE} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {9307525F-5986-418D-BDC6-C2B9608AA6FE} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {D8E0CC98-17E3-40B4-A29A-4A4A66D42927} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 -> DefaultScope {9307525F-5986-418D-BDC6-C2B9608AA6FE} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {9307525F-5986-418D-BDC6-C2B9608AA6FE} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {D8E0CC98-17E3-40B4-A29A-4A4A66D42927} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKU\S-1-5-21-561410102-3470156359-296495681-1003 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3106C107-5C3E-423E-BE4A-B4A364AF57E6}&mid=2fe7c2a9294f47cdada541affc72ba8b-4ac13c9df36c9f1109182607b45f7f0b4c8ecff1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-16 09:23:35&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-561410102-3470156359-296495681-1003 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3106C107-5C3E-423E-BE4A-B4A364AF57E6}&mid=2fe7c2a9294f47cdada541affc72ba8b-4ac13c9df36c9f1109182607b45f7f0b4c8ecff1&lang=en&ds=AVG&coid=avgtbavg&cmpid=0915tb&pr=fr&d=2015-07-16 09:23:35&v=4.3.8.510&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-561410102-3470156359-296495681-1003 -> {AEB5783E-4B54-4660-B1C6-18989EF00638} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-561410102-3470156359-296495681-1003 -> {D8E0CC98-17E3-40B4-A29A-4A4A66D42927} URL =
SearchScopes: HKU\S-1-5-21-561410102-3470156359-296495681-1004 -> {D8E0CC98-17E3-40B4-A29A-4A4A66D42927} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0560.0\msneshellx.dll [2009-04-07] (Microsoft Corp.)
Toolbar: HKU\S-1-5-21-561410102-3470156359-296495681-1003 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No File


FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-08] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @viewpoint.com/VMP -> C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-10] (Adobe Systems Inc.)


Chrome:
=======
CHR StartupUrls: Default -> "hxxp://google.com/","hxxp://start.mysearchdial.com/?f=1&a=dsites0202&cd=2XzuyEtN2Y1L1QzutAzzyCtDyByBtDyDtAzytCzyyCyD0D0CtN0D0Tzu0CyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1112082213&ir=","hxxps://www.google.com/search?q=goggle&rlz=1C1GGGE_enUS406&oq=goggle&aqs=chrome..69i57j0l5.4391j0j4&sourceid=chrome&es_sm=93&ie=UTF-8#q=google"
CHR Profile: C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default [2018-06-10]
CHR Extension: (Slides) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-22]
CHR Extension: (Docs) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-22]
CHR Extension: (Google Drive) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-22]
CHR Extension: (YouTube) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-22]
CHR Extension: (Adobe Acrobat) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-03-23]
CHR Extension: (Sheets) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-22]
CHR Extension: (Google Docs Offline) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-22]
CHR Extension: (Chrome Media Router) - C:\Users\DHR\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-09]
CHR HKU\S-1-5-21-561410102-3470156359-296495681-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-561410102-3470156359-296495681-1004\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx


==================== Services (Whitelisted) ====================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R2 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1221384 2017-11-29] ()
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2015-10-29] (Microsoft Corporation) [File not signed]
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6086744 2018-03-02] ()
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-13] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203776 2011-06-01] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [34816 2017-12-31] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2017-12-31] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [680448 2016-06-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [680448 2016-06-14] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 BackupService; C:\Users\Colleen\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [83512 2010-07-01] (ArcSoft, Inc.)
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-13] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [705024 2017-12-31] (Microsoft Corporation) [File not signed]
R3 BITS; C:\Windows\System32\qmgr.dll [849920 2010-11-20] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [136704 2012-07-04] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [190976 2017-04-12] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [145920 2017-04-12] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [512000 2017-12-31] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [317952 2010-11-20] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [254464 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1386496 2016-08-22] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [183296 2011-03-02] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2010-11-20] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2010-11-20] (Microsoft Corporation) [File not signed]
S3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-13] (Microsoft Corporation) [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
R3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2010-11-20] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-13] (Microsoft Corporation) [File not signed]
R2 EPSON_EB_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [166400 2009-09-13] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_PM_RPCV4_04; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [128512 2009-09-13] (SEIKO EPSON CORPORATION) [File not signed]
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2010-11-20] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-13] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2010-11-20] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-13] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-13] (Microsoft Corporation) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1180160 2017-05-12] (Microsoft Corporation) [File not signed]
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1175056 2018-03-27] (Garmin Ltd. or its subsidiaries)
R2 gpsvc; C:\Windows\System32\gpsvc.dll [794624 2016-05-12] (Microsoft Corporation) [File not signed]
R2 Hauppauge WinTV Extender; C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe [69120 2011-01-25] (Hauppauge Computer Works, Inc) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [558592 2011-01-17] (Hauppauge Computer Works) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-13] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [232448 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2010-11-20] (Microsoft Corporation) [File not signed]
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [124928 2009-07-09] (Hewlett-Packard) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [116224 2017-12-29] (Microsoft Corporation) [File not signed]
S3 IKEEXT; C:\Windows\System32\ikeext.dll [863232 2017-12-31] (Microsoft Corporation) [File not signed]
R2 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-13] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [569344 2012-10-03] (Microsoft Corporation) [File not signed]
S3 KeyIso; C:\Windows\system32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-13] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [236032 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2010-11-20] (Microsoft Corporation) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-05-18] (Hewlett-Packard Company) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-13] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-13] (Microsoft Corporation) [File not signed]
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84992 2010-11-20] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4692840 2016-08-15] (Acronis International GmbH)
R2 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [7717528 2016-07-18] (Acronis International GmbH)
R2 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1500960 2017-11-29] ()
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [828928 2017-12-31] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-13] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [128512 2016-11-09] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2016-11-09] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
S3 napagent; C:\Windows\system32\qagentRT.dll [476160 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-13] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [303104 2017-12-31] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [26112 2017-08-10] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2017-12-31] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [439296 2017-12-31] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [187904 2016-06-14] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-13] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1389056 2017-03-10] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508352 2017-03-10] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2011-05-24] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-13] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2017-12-31] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [502272 2016-05-12] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [210432 2014-12-18] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\SysWOW64\qwave.dll [210944 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [344064 2010-11-20] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2017-11-02] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2017-11-02] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-13] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [512000 2017-12-31] (Microsoft Corporation) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor)
R2 SamSs; C:\Windows\system32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110528 2017-12-31] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2010-11-20] (Microsoft Corporation) [File not signed]
R3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2010-11-20] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2016-02-09] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-13] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [121856 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [113664 2010-11-20] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [370688 2010-11-20] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2010-11-20] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-13] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [559616 2017-12-31] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-13] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-13] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-13] (Microsoft Corporation) [File not signed]
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
R2 stisvc; C:\Windows\System32\wiaservc.dll [580096 2010-11-20] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-13] (Microsoft Corporation) [File not signed]
R2 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [9729272 2016-08-11] ()
S3 SysMain; C:\Windows\system32\sysmain.dll [1741312 2017-12-31] (Microsoft Corporation) [File not signed]
R3 TabletInputService; C:\Windows\System32\TabSvc.dll [92672 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316928 2010-11-20] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [242176 2010-11-20] (Microsoft Corporation) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10351856 2016-12-15] (TeamViewer GmbH)
S3 TermService; C:\Windows\System32\termsrv.dll [683520 2014-10-13] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-13] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-13] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-13] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-13] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-13] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-13] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [30720 2017-12-31] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [533504 2010-11-20] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1600512 2010-11-20] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1504256 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2017-12-31] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276992 2017-12-31] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2017-12-05] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2017-12-05] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2015-01-08] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76800 2015-01-08] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [263680 2016-09-08] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [208896 2016-09-08] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-13] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-13] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [444928 2017-12-31] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2023424 2016-08-06] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1178112 2016-08-06] (Microsoft Corporation) [File not signed]
S3 Wlansvc; C:\Windows\System32\wlansvc.dll [886272 2017-09-13] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-13] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [117248 2010-11-20] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-13] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [591872 2017-10-11] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [427520 2017-10-11] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2651136 2017-05-10] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [84992 2012-07-25] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [228864 2014-01-27] (Microsoft Corporation) [File not signed]


===================== Drivers (Whitelisted) ======================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R3 1394ohci; C:\Windows\system32\drivers\1394ohci.sys [229888 2010-11-20] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\drivers\acpipmi.sys [12800 2010-11-20] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [496128 2017-04-04] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-13] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9320448 2011-06-01] (ATI Technologies Inc.) [File not signed]
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [306688 2011-06-01] (Advanced Micro Devices, Inc.) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [62464 2017-12-31] (Microsoft Corporation) [File not signed]
R3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-13] (Microsoft Corporation) [File not signed]
R3 AtiHdmiService; C:\Windows\System32\drivers\AtiHdmi.sys [116736 2010-01-28] (ATI Technologies, Inc.) [File not signed]
S3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [9320448 2011-06-01] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-13] (Microsoft Corporation) [File not signed]
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-13] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90112 2016-10-05] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-13] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTCFilterService; C:\Windows\System32\DRIVERS\motfilt.sys [6144 2013-07-23] (Motorola Inc) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-13] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-13] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2010-11-20] (Microsoft Corporation) [File not signed]
R3 circlass; C:\Windows\System32\DRIVERS\circlass.sys [45568 2009-07-13] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-13] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\drivers\CompositeBus.sys [38912 2010-11-20] (Microsoft Corporation) [File not signed]
S3 CSRBC; C:\Windows\System32\Drivers\csrbc.sys [38400 2011-02-08] (CSR plc.) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [106496 2017-12-31] (Microsoft Corporation) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [5632 2015-12-08] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
S3 ErrDev; C:\Windows\system32\drivers\errdev.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195584 2017-03-10] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [205312 2017-03-10] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-13] (Microsoft Corporation) [File not signed]
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [375136 2018-03-02] (Acronis International GmbH)
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
R1 googledrivefs2356; C:\Windows\System32\DRIVERS\googledrivefs2356.sys [100600 2018-05-07] (Google, Inc.)
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
R3 hcw89; C:\Windows\System32\DRIVERS\hcw89.sys [1605760 2013-03-28] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\system32\drivers\HDAudBus.sys [122368 2010-11-20] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HidIr; C:\Windows\System32\DRIVERS\hidir.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\system32\drivers\hidusb.sys [30208 2010-11-20] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [754176 2017-12-31] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\Windows\system32\drivers\i8042prt.sys [105472 2009-07-13] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\system32\DRIVERS\intelppm.sys [62464 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\drivers\IPMIDrv.sys [78848 2010-11-20] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-13] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-13] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\system32\drivers\kbdhid.sys [33280 2010-11-20] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-13] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-13] (Microsoft Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2017-10-11] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-13] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-13] (Microsoft Corporation) [File not signed]
S3 motandroidusb; C:\Windows\System32\Drivers\motoandroid.sys [32768 2013-07-23] (Motorola) [File not signed]
S3 motccgp; C:\Windows\System32\DRIVERS\motccgp.sys [23552 2013-07-23] (Motorola Mobility Inc) [File not signed]
S3 motmodem; C:\Windows\System32\DRIVERS\motmodem.sys [31744 2013-07-23] (Motorola Mobility Inc) [File not signed]
S3 MotoSwitchService; C:\Windows\System32\DRIVERS\motswch.sys [8832 2013-07-23] (Motorola) [File not signed]
S3 Motousbnet; C:\Windows\System32\DRIVERS\Motousbnet.sys [27648 2013-07-23] (Motorola Mobility Inc) [File not signed]
R3 mouhid; C:\Windows\System32\DRIVERS\mouhid.sys [31232 2009-07-13] (Microsoft Corporation) [File not signed]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2017-12-31] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [142336 2016-09-08] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [159744 2017-12-31] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [291328 2017-12-31] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129536 2017-12-31] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-13] (Microsoft Corporation) [File not signed]
R3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-13] (Microsoft Corporation) [File not signed]
R3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-13] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-13] (Microsoft Corporation) [File not signed]
S3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [324608 2017-09-13] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-13] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2017-12-31] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56832 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2010-11-20] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [58368 2017-12-31] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [45056 2017-12-31] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [262656 2017-08-10] (Microsoft Corporation) [File not signed]
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-13] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [26112 2017-08-10] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-13] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\drivers\ohci1394.sys [72832 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-13] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663552 2016-06-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111104 2010-11-20] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2017-12-31] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-13] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [129536 2010-11-20] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-13] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [317440 2017-10-11] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-13] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-13] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [19456 2012-08-23] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [212480 2014-07-16] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-13] (Microsoft Corporation) [File not signed]
R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [233472 2009-07-13] (Realtek ) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2010-11-20] (Microsoft Corporation) [File not signed]
S4 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\drivers\sffdisk.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\drivers\sffp_mmc.sys [13824 2009-07-13] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\drivers\sffp_sd.sys [14336 2010-11-20] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-13] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-13] (Microsoft Corporation) [File not signed]
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [460288 2017-12-31] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [406016 2017-12-31] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [168448 2017-12-31] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [46080 2016-07-07] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-13] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2012-02-16] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [117248 2017-07-29] (Microsoft Corporation) [File not signed]
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1267544 2018-03-02] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [212320 2018-03-02] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [687968 2018-03-02] (Acronis International GmbH)
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [40448 2017-08-13] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56832 2013-10-01] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2010-11-20] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [328192 2010-11-20] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2010-11-20] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\System32\DRIVERS\umpass.sys [9728 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\system32\drivers\usbccgp.sys [99840 2017-10-17] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\drivers\usbcir.sys [100864 2013-07-12] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\drivers\usbehci.sys [56320 2017-10-17] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\system32\drivers\usbhub.sys [344064 2017-10-17] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2017-10-17] (Microsoft Corporation) [File not signed]
R3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-13] (Microsoft Corporation) [File not signed]
R3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [42496 2013-07-02] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [91648 2016-02-03] (Microsoft Corporation) [File not signed]
R3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [30720 2017-10-17] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-13] (Microsoft Corporation) [File not signed]
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331104 2018-03-02] (Acronis International GmbH)
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2017-12-31] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2017-12-31] (Microsoft Corporation) [File not signed]
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (America Online, Inc.) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-13] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [41984 2010-11-20] (Microsoft Corporation) [File not signed]
S3 WmiAcpi; C:\Windows\system32\drivers\wmiacpi.sys [14336 2009-07-13] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-13] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [87040 2012-07-25] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [198656 2012-07-25] (Microsoft Corporation) [File not signed]
U3 avgbdisk; no ImagePath


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2018-06-10 23:05 - 2018-06-10 23:07 - 000062654 _____ C:\Users\DHR\Downloads\FRST.txt
2018-06-10 23:05 - 2018-06-10 23:05 - 000000000 ____D C:\FRST
2018-06-10 23:03 - 2018-06-10 23:03 - 002413056 _____ (Farbar) C:\Users\DHR\Downloads\FRST64.exe
2018-06-10 09:48 - 2018-06-10 09:48 - 000000950 _____ C:\Users\DHR\Desktop\SFCFix.txt
2018-06-10 09:21 - 2018-06-10 09:23 - 564744309 _____ C:\Users\DHR\Downloads\Windows6.1-KB947821-v34-x64 (1).msu
2018-06-10 09:05 - 2018-06-10 09:05 - 000000000 ___HT C:\Windows\wusa.lock
2018-06-10 09:05 - 2018-06-10 09:05 - 000000000 ____D C:\0d0844de41857ed2ae7311be5113
2018-06-10 09:02 - 2018-06-10 09:05 - 564744309 _____ C:\Users\DHR\Downloads\Windows6.1-KB947821-v34-x64.msu
2018-06-10 08:43 - 2018-06-10 09:58 - 000000000 ____D C:\Users\DHR\Desktop\Troubleshooting
2018-06-09 14:35 - 2018-06-09 14:35 - 000000000 ____D C:\Users\DHR\AppData\Local\ElevatedDiagnostics
2018-06-09 14:34 - 2018-06-09 14:34 - 000313366 _____ C:\Users\DHR\Downloads\WindowsUpdate.diagcab
2018-06-09 14:10 - 2018-06-10 09:48 - 000000000 ____D C:\SFCFix
2018-06-09 10:35 - 2018-06-10 09:48 - 000000000 ____D C:\Users\DHR\AppData\Local\niemiro
2018-06-09 10:35 - 2018-06-09 10:35 - 002884096 _____ (niemiro) C:\Users\DHR\Downloads\SFCFix.exe
2018-06-09 09:17 - 2018-06-09 09:17 - 000000000 ____D C:\Users\Colleen\Night Owl HD CMS
2018-06-09 09:17 - 2018-06-09 09:17 - 000000000 ____D C:\Users\Colleen\AppData\Roaming\Nightowl
2018-06-09 08:52 - 2018-06-09 09:03 - 000000000 ____D C:\Users\DHR\AppData\Local\Avg
2018-06-09 08:52 - 2018-06-09 08:52 - 000000000 ____D C:\Windows\System32\Tasks\AVG
2018-06-09 08:50 - 2018-06-09 08:50 - 007391672 _____ (AVG Technologies CZ, s.r.o.) C:\Users\DHR\Downloads\avg_antivirus_free_setup.exe
2018-06-09 08:37 - 2018-06-09 08:44 - 000167618 _____ C:\Windows\ntbtlog.txt
2018-06-08 19:43 - 2018-06-08 19:43 - 000313366 _____ C:\Users\Colleen\Downloads\WindowsUpdate (1).diagcab
2018-06-08 18:36 - 2018-06-08 18:36 - 000003288 ____N C:\bootsqm.dat
2018-06-05 19:25 - 2018-06-05 19:25 - 000000000 ____D C:\Users\DHR\Documents\Quicken
2018-06-04 23:38 - 2018-06-04 23:38 - 000000000 ____D C:\Users\DHR\AppData\Roaming\AOL
2018-05-17 16:38 - 2018-05-21 12:24 - 000003176 _____ C:\Windows\System32\Tasks\HPCeeScheduleForDHR
2018-05-17 16:38 - 2018-05-21 12:24 - 000000326 _____ C:\Windows\Tasks\HPCeeScheduleForDHR.job


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2018-06-10 19:27 - 2009-07-13 21:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-06-10 19:27 - 2009-07-13 21:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-06-09 15:06 - 2018-03-02 10:36 - 000002278 _____ C:\Users\DHR\Desktop\Crucial Storage Executive.lnk
2018-06-09 09:17 - 2015-05-12 12:23 - 000000000 ____D C:\Users\Colleen
2018-06-09 09:12 - 2016-01-02 14:03 - 000000000 ____D C:\Temp
2018-06-09 09:11 - 2009-07-13 22:13 - 000781790 _____ C:\Windows\system32\PerfStringBackup.INI
2018-06-09 09:11 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\inf
2018-06-09 09:04 - 2009-07-13 22:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-06-09 09:03 - 2015-11-07 13:14 - 000000000 ____D C:\ProgramData\Avg
2018-06-08 20:13 - 2009-07-13 21:45 - 000430120 _____ C:\Windows\system32\FNTCACHE.DAT
2018-06-08 20:08 - 2018-03-13 19:08 - 000004460 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-08 20:08 - 2015-07-12 18:29 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-06-08 20:08 - 2015-05-10 09:46 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-06-08 20:08 - 2015-05-10 09:46 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-08 20:08 - 2015-05-10 09:46 - 000000000 ____D C:\Windows\system32\Macromed
2018-06-08 20:08 - 2009-09-08 17:08 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-06-08 20:00 - 2018-02-22 17:17 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-08 20:00 - 2018-02-22 17:17 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-06-08 19:39 - 2018-02-22 19:20 - 000000000 ____D C:\Users\DHR
2018-06-08 19:38 - 2018-02-24 17:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightowl View
2018-06-08 19:38 - 2018-02-24 17:51 - 000000000 ____D C:\Program Files (x86)\Nightowl View
2018-06-08 19:38 - 2018-02-24 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nightowl
2018-06-08 19:38 - 2018-02-24 17:49 - 000000000 ____D C:\Program Files (x86)\Nightowl
2018-06-08 19:38 - 2018-02-24 00:25 - 000000000 ____D C:\Users\DHR\AppData\Roaming\Nightowl
2018-06-08 19:38 - 2017-08-18 16:46 - 000000000 ____D C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aol Inc
2018-06-08 19:38 - 2017-08-18 16:46 - 000000000 ____D C:\Users\Colleen\AppData\Local\AOLDesktopData
2018-06-08 19:38 - 2017-08-18 16:46 - 000000000 ____D C:\Users\Colleen\AppData\Local\AOLDesktop
2018-06-08 19:38 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\registration
2018-06-08 19:38 - 2009-07-13 20:20 - 000000000 ____D C:\Windows\Help
2018-06-08 13:05 - 2018-02-22 20:00 - 015650816 _____ C:\Users\DHR\Desktop\PERSONAL.QDF
2018-06-08 13:00 - 2018-02-25 16:48 - 001522960 _____ C:\Users\DHR\Desktop\PERSONALOFXLOG.DAT
2018-06-08 12:57 - 2018-04-01 10:22 - 000114432 _____ C:\Users\DHR\Desktop\personal_SyncLog.dat
2018-06-08 10:42 - 2015-05-13 11:55 - 000000000 ____D C:\Users\Colleen\Documents\Self
2018-06-05 20:17 - 2016-11-21 01:35 - 000000000 ____D C:\Users\Colleen\AppData\Local\ElevatedDiagnostics
2018-06-05 19:34 - 2018-04-01 10:24 - 000000000 ____D C:\Users\DHR\Desktop\BACKUP
2018-06-05 19:13 - 2017-08-18 16:46 - 000000000 ____D C:\Users\Colleen\AppData\Local\SquirrelTemp
2018-06-04 23:44 - 2018-02-22 19:46 - 000000000 ____D C:\Users\DHR\Documents\Close Up
2018-06-04 23:38 - 2018-02-22 19:21 - 000000000 ____D C:\Users\DHR\AppData\Local\AOL
2018-06-02 10:59 - 2015-10-26 12:25 - 000003200 _____ C:\Windows\System32\Tasks\HPCeeScheduleForColleen
2018-06-02 10:59 - 2015-10-26 12:25 - 000000342 _____ C:\Windows\Tasks\HPCeeScheduleForColleen.job
2018-06-01 21:17 - 2018-02-20 18:33 - 000002261 _____ C:\Users\Colleen\Desktop\AOL Desktop Gold.lnk
2018-06-01 13:03 - 2018-04-06 07:33 - 000001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk
2018-05-31 10:00 - 2015-05-10 09:38 - 000000552 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2018-05-30 18:05 - 2018-02-22 19:46 - 000000000 ____D C:\Users\DHR\Documents\Taxes
2018-05-30 08:25 - 2015-05-13 11:55 - 000000000 ____D C:\Users\Colleen\Documents\Retirement planning docs
2018-05-16 23:06 - 2015-05-10 09:46 - 000003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 23:06 - 2015-05-10 09:46 - 000003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 16:55 - 2015-05-10 15:25 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-16 16:55 - 2015-05-10 15:25 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-13 15:19 - 2015-05-13 11:55 - 000000000 ____D C:\Users\Colleen\Documents\OneOC items


Some files in TEMP:
====================
2014-02-25 11:56 - 2014-02-25 11:56 - 000115816 _____ (AOL Inc.) C:\Users\Colleen\AppData\Local\Temp\AcsInstall.dll
2015-11-07 13:14 - 2015-11-07 13:14 - 002892128 _____ (AVG Technologies) C:\Users\Colleen\AppData\Local\Temp\avg-814d630b-27e4-4b29-be7a-e413c223bc46.exe
2016-02-24 00:57 - 2016-01-12 17:23 - 000179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_081040520456.exe
2015-11-18 04:35 - 2015-10-16 14:30 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_081277656918.exe
2016-08-22 15:04 - 2016-07-20 14:01 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_081354778935.exe
2016-04-19 04:06 - 2016-03-23 16:57 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_081496311022.exe
2016-01-05 11:51 - 2015-11-12 17:54 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_08198309480.exe
2016-01-15 23:44 - 2015-12-08 08:23 - 000091048 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_082048340490.exe
2016-05-13 12:07 - 2016-04-14 17:29 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_082123478952.exe
2016-06-23 03:37 - 2016-05-18 13:03 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_08392221612.exe
2016-07-27 14:12 - 2016-06-21 18:49 - 000186640 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_08642687167.exe
2016-04-07 18:06 - 2016-02-18 13:09 - 000179624 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Colleen\AppData\Local\Temp\avguirn_08658707614.exe
2016-03-15 10:20 - 2016-03-15 10:20 - 000008704 _____ () C:\Users\Colleen\AppData\Local\Temp\cdulvr0l.dll
2017-06-07 17:36 - 2017-06-07 17:36 - 050762208 _____ (Garmin Ltd or its subsidiaries) C:\Users\Colleen\AppData\Local\Temp\GarminExpressInstaller.exe
2003-10-23 11:27 - 2003-10-23 11:27 - 000022528 _____ (Microsoft Corporation) C:\Users\Colleen\AppData\Local\Temp\SHFOLDER.DLL
2018-03-02 10:37 - 2018-03-02 10:37 - 000040448 ____N () C:\Users\DHR\AppData\Local\Temp\proxy_vole475851858827879770.dll


==================== Bamital & volsnap ======================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\system32\winlogon.exe
[2018-01-08 18:02] - [2017-12-31 18:50] - 000455680 _____ (Microsoft Corporation) 11D6A262B617130F7C16E308C12E0D41


C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll
[2018-01-08 18:02] - [2017-12-31 19:18] - 000512000 _____ (Microsoft Corporation) BA6C9EE518A11DA4AD061B223EBED3D3


C:\Windows\system32\dnsapi.dll => MD5 is legit
C:\Windows\SysWOW64\dnsapi.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2018-05-28 00:58


==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by DHR (10-06-2018 23:07:39)
Running from C:\Users\DHR\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-10 16:29:47)
Boot Mode: Normal
==========================================================




==================== Accounts: =============================


Administrator (S-1-5-21-561410102-3470156359-296495681-500 - Administrator - Disabled)
Colleen (S-1-5-21-561410102-3470156359-296495681-1003 - Administrator - Enabled) => C:\Users\Colleen
DHR (S-1-5-21-561410102-3470156359-296495681-1004 - Administrator - Enabled) => C:\Users\DHR
Guest (S-1-5-21-561410102-3470156359-296495681-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-561410102-3470156359-296495681-1002 - Limited - Enabled)


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


Acronis True Image for Crucial (HKLM-x32\...\{24B40484-CFC1-4F4C-A46D-1F37BA785FDF}) (Version: 20.0.5297 - Acronis)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (HKLM-x32\...\Adobe Photoshop 6.0) (Version: 6.0 - Adobe Systems, Inc.)
AnswerWorks 5.0 English Runtime (HKLM-x32\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
ANT Drivers Installer x64 (HKLM\...\{3DE56A70-06BA-4863-8FBB-45D041AF0C7A}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOL Desktop Gold (HKU\S-1-5-21-561410102-3470156359-296495681-1003\...\AOLDesktop) (Version: 11.0.1831 - Oath Inc.)
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version: - AOL Inc.)
ATI Catalyst Install Manager (HKLM\...\{F9F4430E-80DE-EC0F-BF8E-476352C8F954}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.9.605 - AVG Technologies)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (HKLM-x32\...\{394F1B21-1FA4-DDE1-C00B-0A3EEA1A94D1}) (Version: 2010.0310.1824.32984 - ATI) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Crucial Storage Executive (HKU\S-1-5-21-561410102-3470156359-296495681-1004\...\Crucial Storage Executive 3.50.102017.03) (Version: 3.50.102017.03 - Crucial)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
DVD-Cloner V8.20 Build 1007 (HKLM-x32\...\DVD-Cloner 8_is1) (Version: 8.20.0.1007 - OpenCloner Inc.)
Elevated Installer (HKLM-x32\...\{B7768089-44E1-4B51-9213-737959C689E5}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
ePreserver (HKLM-x32\...\{CAE4D845-91C4-46A9-8353-8DF42DF518CD}) (Version: 11.0.432.0 - Connected Software)
EPSON Artisan 830 Series Printer Uninstall (HKLM\...\EPSON Artisan 830 Series) (Version: - SEIKO EPSON Corporation)
Epson Event Manager (HKLM-x32\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
Garmin Express (HKLM-x32\...\{178D3388-656C-4326-BFFF-3607481CA5BB}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{aa902576-9ab8-4371-98d1-efde885f775b}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{C6C8A534-050C-40E9-92FC-4D06A8A487C8}) (Version: 6.3.0.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 25.252.303.31 - Google, Inc.)
Google Earth Pro (HKLM-x32\...\{FA1BBF34-E994-4310-95D7-BE93092B8E61}) (Version: 7.3.1.4507 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hardware Diagnostic Tools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5205.31 - PC-Doctor, Inc.)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.2.29025 - Hauppauge Computer Works)
Homepage Protection (HKLM-x32\...\Homepage Protection) (Version: - AOL Products)
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM-x32\...\{5B295588-59C1-4386-9F85-BB4BEDCB0D22}) (Version: 5.7.0.3036 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.71 - WildTangent)
HP MediaSmart Demo (HKLM-x32\...\{9DEF9686-CCB2-47B7-BF83-B49EA21FA016}) (Version: 1.00.0000 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3205 - Hewlett-Packard)
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (HKLM-x32\...\HP Remote Solution) (Version: 1.1.9.0 - TopSeed)
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}) (Version: 4.1.11.3 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.2.2 - Hewlett-Packard) Hidden
HydraVision (HKLM-x32\...\{A7C0BB1A-1546-44D6-1BE0-FB0F84364787}) (Version: 4.2.162.0 - ATI Technologies Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
Legacy 8.0 (HKLM-x32\...\Legacy 8.0) (Version: 8.0 - Millennia Corporation)
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Live Search Toolbar (HKLM-x32\...\{DF802C05-4660-418c-970C-B988ADB1D316}) (Version: 3.0.560.0 - Microsoft Live Search Toolbar)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - )
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (HKLM-x32\...\{894AB83D-A9AF-4E54-BFF3-A7262A0A6C13}) (Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Night Owl HD CMS version 1.3.74 (HKLM-x32\...\{DDC5185C-7C8A-420B-B831-BCE5AAB1F449}_is1) (Version: 1.3.74 - Night Owl SP,LLC)
Nightowl View (HKLM-x32\...\{FF14C187-9EB3-41F9-862F-2620EF5E5901}_is1) (Version: - sz)
Personal Ancestral File 5 (HKLM-x32\...\{D94A8E22-DF2B-4107-9E51-608A60A7671D}) (Version: - )
PictureMover (HKLM-x32\...\{1896E712-2B3D-45eb-BCE9-542742A51032}) (Version: 3.3.1.19 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{427F2E40-EAE0-4739-82C0-C464B7C9F55E}) (Version: 0.9.607 - Plex, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3101 - CyberLink Corp.)
PowerRecover (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.1923 - CyberLink Corp.) Hidden
Quicken 2015 (HKLM-x32\...\{00C2D443-43D9-4550-ABEA-318288E23E57}) (Version: 24.1.11.1 - Intuit)
Quicken 2017 (HKLM-x32\...\{E5AE4F66-CDA1-432A-A69E-C685D454ABDA}) (Version: 26.1.15.15 - Quicken)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sena Bluetooth Device Manager 3.4.2 (HKLM-x32\...\Sena Bluetooth Device Manager) (Version: 3.4.2 - Copyright (C) 2012 ~ 2017 Sena Technologies Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SUABnR (HKLM-x32\...\{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{6B8AC866-8C52-4FAE-BCD7-F80713F513F9}) (Version: 3.17.0601 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{3C48AF07-0974-49B7-A3EE-CA620469C219}) (Version: 3.17.0403 - Samsung Electronics Co., Ltd.)
Viewpoint Media Player (HKLM-x32\...\ViewpointMediaPlayer) (Version: - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB (12/23/2016 2.5.2.5) (HKLM\...\65950AF57B86BC9C0C1F231FC2F5D9B6740BA587) (Version: 12/23/2016 2.5.2.5 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-561410102-3470156359-296495681-1004_Classes\CLSID\{7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-561410102-3470156359-296495681-1004_Classes\CLSID\{96836CC1-31EA-4F1C-A7F4-D67863D5D4FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-561410102-3470156359-296495681-1004_Classes\CLSID\{9EE0C242-8973-456D-B382-0752476703FD}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-561410102-3470156359-296495681-1004_Classes\CLSID\{B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll (Google, Inc.)
CustomCLSID: HKU\S-1-5-21-561410102-3470156359-296495681-1004_Classes\CLSID\{C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931}\InprocServer32 -> C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {7CB4D2F7-77AE-4A08-9BDF-21370FF8D6BD} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {C9F7D7A1-D13F-4C72-9AB0-06FDC65AA931} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {96836CC1-31EA-4F1C-A7F4-D67863D5D4FD} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2016-08-09] (Acronis)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2016-08-09] (Acronis International GmbH)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-03-10] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6-x32: [VersionsPageShellExt] -> {9E42900A-85F9-4E67-9778-575FBBA0A81C} => C:\Program Files (x86)\Acronis\TrueImageHome\versions_page.dll [2016-08-09] (Acronis International GmbH)
ContextMenuHandlers1_S-1-5-21-561410102-3470156359-296495681-1004: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)
ContextMenuHandlers4_S-1-5-21-561410102-3470156359-296495681-1004: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)
ContextMenuHandlers5_S-1-5-21-561410102-3470156359-296495681-1004: [DriveFS] -> {B53FB4A1-B6BB-4F9B-AAA8-8704FBC1BE25} => C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefsext.dll [2018-05-29] (Google, Inc.)


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {089F9342-83CA-41B4-9791-9EC3A27E1169} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {096C822D-9B4E-4E96-9AAD-BB59ED63B89B} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-08-05] (CyberLink)
Task: {0ADCA1C9-5396-48B0-BBEF-EFFD3394A27B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-561410102-3470156359-296495681-1001UA => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {0D043379-1E05-4A12-9B47-D8DDC4503880} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {16CD1476-D20B-4FA4-8E94-F705980FE476} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {185DE28D-7AE8-4316-ABF2-C5E28C2A42C6} - System32\Tasks\HPCeeScheduleForColleen => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)
Task: {1C294389-8540-453B-8364-34234D27E99B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-08] (Adobe Systems Incorporated)
Task: {1D96A8D2-5C8D-4A32-B942-2B2AC2BCC45E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {350DEC5E-6F62-4692-AA7B-1F6FEE950D1B} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {3CBAE885-DB88-4EFB-A92B-1E6B3912FF71} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {41B973DB-DCDD-437F-9435-A3B762A4A420} - System32\Tasks\{4F26E214-A7E6-4B18-BBC4-AF9762D549EA} => C:\Windows\system32\pcalua.exe -a "C:\Software Downloads\Personal Ancestral File PAF program\PAF5EnglishSetup.exe" -d "C:\Software Downloads\Personal Ancestral File PAF program"
Task: {42DAD910-AA31-48EF-84C8-FC5F5FE08F79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-10] (Google Inc.)
Task: {45B65D42-D283-46A8-BE28-3F1BB6BCA5CE} - System32\Tasks\HPCeeScheduleForDHR => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2009-05-26] (Hewlett-Packard)
Task: {540971EF-623F-42C7-B0DE-706801FEB04E} - System32\Tasks\0215piUpdateInfo => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe
Task: {56AEB7CD-B7FC-4E61-B3CC-0257E781E9B7} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {63486F9B-15B0-4E91-AD59-A81A94BBCF30} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2018-05-08] (Microsoft)
Task: {829E89EC-6A6B-4293-AA70-564A43D4E2B5} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-03-27] ()
Task: {8EC0EBF6-FE06-4794-9459-30D84995F7F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-561410102-3470156359-296495681-1001Core => C:\Users\Dennis\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {A862336B-17CA-47DA-B85F-AA6DBD0B4C9F} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {C128E027-B18C-408F-B9F3-0C2399028C7A} - System32\Tasks\Hewlett-Packard\HP Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2009-07-09] (Hewlett-Packard)
Task: {E36A9BAA-49C8-443B-BD04-DE0D90E22C20} - System32\Tasks\{DDCBBE70-4B93-4B89-83A7-F0B1E33DCEC4} => C:\Windows\system32\pcalua.exe -a E:\AutoPlay.exe -d E:\ -c -c
Task: {E667B305-76D2-45B4-811E-76721379446C} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {EEB341EB-EFC9-4EFE-82BB-E845CAEAAD8E} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-06-09] (AVG Technologies CZ, s.r.o.)
Task: {F800582C-0F40-4939-ABE7-439A8E4BE55C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2018-05-08] (Microsoft)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\HPCeeScheduleForColleen.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDHR.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe5-fh scripts\monthly.xml


==================== Shortcuts & WMI ========================


(The entries could be listed to be restored or removed.)




==================== Loaded Modules (Whitelisted) ==============


2017-11-29 16:11 - 2017-11-29 16:11 - 001221384 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
2018-03-02 10:54 - 2018-03-02 10:54 - 006086744 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2018-06-01 13:03 - 2018-05-29 17:52 - 002519800 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefs_common_icuuc.dll
2018-06-01 13:03 - 2018-05-29 17:52 - 003299576 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefs_icui18n.dll
2018-06-01 13:03 - 2018-05-29 17:52 - 003843832 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\drivefs_cc_icu_data_library_core.dll
2009-07-23 14:34 - 2009-07-23 14:34 - 000409384 _____ () C:\Program Files (x86)\Hewlett-Packard\Recovery\Protect.dll
2009-07-08 14:35 - 2009-07-08 14:35 - 000610360 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2017-11-29 16:02 - 2017-11-29 16:02 - 000541568 _____ () C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
2018-06-01 13:03 - 2018-05-29 17:52 - 096082680 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\libcef.dll
2018-06-01 13:03 - 2018-05-29 17:52 - 001771768 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\crashpad_handler.exe
2009-05-26 01:36 - 2009-05-26 01:36 - 000656896 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
2018-06-01 13:03 - 2018-05-29 17:52 - 004152568 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\libglesv2.dll
2018-06-01 13:03 - 2018-05-29 17:52 - 000101112 _____ () C:\Program Files\Google\Drive File Stream\25.252.303.31\libegl.dll
2015-07-16 09:23 - 2018-01-06 10:54 - 002187336 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2017-11-29 17:21 - 2017-11-29 17:21 - 004034944 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
2010-01-12 12:49 - 2010-01-12 12:49 - 000098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-07-04 08:49 - 2015-07-04 08:49 - 000270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-11-29 17:30 - 2017-11-29 17:30 - 001500960 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
2016-08-11 14:29 - 2016-08-11 14:29 - 009729272 _____ () C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
2016-05-23 20:42 - 2011-05-26 14:14 - 000477080 _____ () C:\Users\Colleen\AppData\Roaming\HP SimpleSave Application\StartHelper.exe
2018-06-08 20:00 - 2018-06-05 18:25 - 004608856 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libglesv2.dll
2018-06-08 20:00 - 2018-06-05 18:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\libegl.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2018-03-27 16:08 - 2018-03-27 16:08 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2015-05-10 14:27 - 2011-01-17 19:38 - 000019456 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2014-04-07 07:31 - 2014-04-07 07:31 - 000172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2009-07-15 17:51 - 2009-07-15 17:51 - 000061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 17:51 - 2009-07-15 17:51 - 000131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 000007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2018-02-22 19:21 - 2009-06-03 12:34 - 003764224 _____ () C:\Users\DHR\AppData\Roaming\PictureMover\Bin\Core.dll
2017-08-08 14:21 - 2017-07-21 07:26 - 000518144 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2018-02-22 19:21 - 2009-06-03 12:43 - 001703936 _____ () C:\Users\DHR\AppData\Roaming\PictureMover\EN-US\Presentation.dll
2017-11-29 16:01 - 2017-11-29 16:01 - 006114224 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_resources.dll
2016-07-23 17:15 - 2016-07-23 17:15 - 000129968 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\afcdpapi.dll
2017-11-29 17:21 - 2017-11-29 17:21 - 019951808 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll
2017-11-29 16:01 - 2017-11-29 16:01 - 000391600 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\resource.dll
2016-08-03 15:47 - 2016-08-03 15:47 - 000685488 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\sqlite3.dll
2017-11-29 16:01 - 2017-11-29 16:01 - 000049584 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll
2009-08-05 13:45 - 2009-08-05 13:45 - 000931112 _____ () c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll
2016-06-22 11:27 - 2016-06-22 11:27 - 000217008 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\pcs_io.dll
2016-03-09 10:28 - 2016-03-09 10:28 - 000042416 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\winpthreads4.dll
2016-07-02 21:30 - 2016-07-02 21:30 - 000376240 _____ () C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\archive3.dll
2016-06-14 17:24 - 2016-06-14 17:24 - 000444336 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2016-06-22 09:16 - 2016-06-22 09:16 - 000115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\expat.dll


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)




==================== Safe Mode (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)




==================== Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)




==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)




==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-13 19:34 - 2009-06-10 14:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts




==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-561410102-3470156359-296495681-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Colleen\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-561410102-3470156359-296495681-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\DHR\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.


==================== MSCONFIG/TASK MANAGER disabled items ==




==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [{2CC5656E-E4BB-464E-B402-5E4A10C70DF2}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{2864FA14-C303-4B6C-A825-7930C39E3E41}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{D07FE920-B1D3-4071-896A-C9013436BD85}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{2061080B-BBC6-4B5F-AF95-9CE3AAA317A2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{A18D11D4-A348-4324-8D3C-9FCF81415889}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{C988F228-E723-4B53-968A-51DBDDB218E8}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{F9BCE0A5-6E74-41D2-AE3D-BC26BB69082E}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{F3805B33-73B8-4EA3-BB0C-4D3C43A6290D}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe
FirewallRules: [{1B6E6334-F552-460E-ABC3-C4DBEA25AC88}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe
FirewallRules: [{53AEE3EF-3731-447B-AE58-5096920C5C90}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe
FirewallRules: [{2C3B798C-616F-479E-9C39-25FAFF678AE7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
FirewallRules: [{C6A80CE4-EC48-473D-A29D-1986C7532CC7}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{53F46B47-11C4-4177-840E-38A66D582BA1}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{AB695214-AADE-41BE-BCEA-0E12788A5B34}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLDial.exe
FirewallRules: [{FC7C2E36-353E-4392-A807-49DB668B2B19}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{C6C4A332-BF80-49DB-B505-9A05C19BEFD1}] => (Allow) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
FirewallRules: [{E8A9FDFE-9FB5-4D3D-B6B8-32D77A370B04}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1431276350\ee\aolsoftware.exe
FirewallRules: [{E130C5A0-19BD-439D-8D5A-BC4F64C15148}] => (Allow) C:\Program Files (x86)\Common Files\AOL\1431276350\ee\aolsoftware.exe
FirewallRules: [{CCB75A08-3BC9-482B-8A83-968C2153E2CF}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{DABADBCD-2854-46D6-944F-BED8F5382622}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
FirewallRules: [{5B62E493-521B-4FAB-B0F1-794C1FA9FFC5}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{2C3AB343-7CC0-4604-8869-61BEBB34DB3C}] => (Allow) C:\Program Files (x86)\Common Files\AOL\TopSpeed\3.0\aoltpsd3.exe
FirewallRules: [{E83EEFBE-8B5C-4102-909F-6B821FF694D8}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{1220BE4C-3CFE-4DFB-ABA7-986090918571}] => (Allow) C:\Program Files (x86)\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{AB001D84-021F-4EB4-B9C9-31D758B52198}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{130FC6CB-A521-4E09-8AC7-C0D8FC90E2EA}] => (Allow) C:\Program Files (x86)\Common Files\AOL\System Information\sinf.exe
FirewallRules: [{B45C21E5-E4ED-4F5D-A638-C0ABBF691CB9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{64B58C3E-4CDA-4A19-853C-A11EA66AA19A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{19A54189-485A-4911-9C6C-EB509BB5A717}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{DFB1D505-C078-43CC-A948-B24B2F6EE3C8}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{44F331AE-593A-4C24-A0D6-E47BEB9EF0A2}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe
FirewallRules: [{C5F90662-3149-4EAD-84EA-58CD889243B5}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{4D442898-EC3C-42F4-BEEF-530925C0A6DC}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{DDF7408D-7FD8-4327-BFE2-8944CC3DDB53}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{04CB0D7E-DEEB-4168-9D8A-A58CD612ADA7}] => (Allow) C:\Program Files (x86)\WinTV\Extend\WinTVExtender.exe
FirewallRules: [{5EF9E11B-09E6-40D2-8705-8D8B0D0EC5B6}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{781F7AF0-AB59-49D6-93CD-1412A9DAB0AA}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [TCP Query User{3CB1AD8C-5447-411C-929F-A660A0768DBA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{571DFD51-A778-4DBC-AD05-C8EC206AAC62}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{EC439FA2-400B-4CFE-A3A0-1CE2148839EB}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
FirewallRules: [{A96306A1-EB2C-4214-9BD1-5FCAC3A1D336}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.7a\waol.exe
FirewallRules: [{9876D315-813F-431F-87E8-23575A6905B8}] => (Allow) LPort=5556
FirewallRules: [{7CA0265B-2867-4E93-80EE-02E7A9BE892C}] => (Allow) LPort=5558
FirewallRules: [{31A8A7DE-CC2D-48EE-8E27-951C840CF39D}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe
FirewallRules: [{0CFDC9B4-323F-4C0A-86BF-B633F014C6C5}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.1\waol.exe
FirewallRules: [{FF77CA47-B5C5-48F8-AF61-27D396A6411E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{873B81FD-1C83-4F8D-8E5F-2B996183DBEC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{76AC25A0-6C5E-46AE-A828-031DA84E0586}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe
FirewallRules: [{8D219AF5-0375-45A1-80AE-4EA0D878AC67}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2\waol.exe
FirewallRules: [{18510E4A-1087-444A-A268-E532F8D530CE}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2a\waol.exe
FirewallRules: [{2B53005F-E9C0-47BE-9E08-73E7875CF938}] => (Allow) C:\Program Files (x86)\AOL Desktop 9.8.2a\waol.exe
FirewallRules: [{18FB122E-908C-4BF6-9C95-FDE2963F9B9A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{054997F6-065A-499F-8FE7-5EBA3CE2E339}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D4DF965D-ADCC-4250-816E-785FD665E7DC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8628760B-6A6A-4E5E-B4F3-8652504119D3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{C8A4940D-5788-40FC-87B8-A41D7C69B392}C:\program files (x86)\nightowlx_cms\resources\app\lib\local_server\cmswebsvr.exe] => (Allow) C:\program files (x86)\nightowlx_cms\resources\app\lib\local_server\cmswebsvr.exe
FirewallRules: [UDP Query User{1D65B983-FB44-44A7-9E60-8D7A05971535}C:\program files (x86)\nightowlx_cms\resources\app\lib\local_server\cmswebsvr.exe] => (Allow) C:\program files (x86)\nightowlx_cms\resources\app\lib\local_server\cmswebsvr.exe
FirewallRules: [TCP Query User{AEB907FB-680E-46FE-A61A-BEE19E59F048}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [UDP Query User{C975227E-A487-40EC-B0DC-59001AC913D7}C:\program files\crucial\crucial storage executive\java\bin\javaw.exe] => (Allow) C:\program files\crucial\crucial storage executive\java\bin\javaw.exe
FirewallRules: [{EB16B2F4-1C55-4283-8C59-112B92384363}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{57394810-72AC-4F1E-A0EC-576D64BB6637}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{BEF9358B-99F1-4195-AE22-CB4A448257E8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{AFCB525D-A84B-45CF-B9C1-E48497BE8BC1}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{5E3A1519-21DB-4E18-BC31-6CAB425E0CE5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8DCC2650-F133-4E97-A236-E83DC4B973E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3AA79492-D4BA-4DEA-BE85-639A0383A170}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{883EB33C-A209-4868-A48C-87FB935942A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5F825B03-91CB-4785-8F6D-A3D18330A2BB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Restore Points =========================


06-05-2018 22:35:46 Scheduled Checkpoint
27-05-2018 19:26:48 Scheduled Checkpoint
03-06-2018 19:26:57 Scheduled Checkpoint
08-06-2018 19:36:34 Restore Operation
08-06-2018 20:09:58 Windows Modules Installer


==================== Faulty Device Manager Devices =============


Name: WAN Miniport (ATW) #2
Description: WAN Miniport (ATW)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: America Online, Inc.
Service: wanatw
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.




==================== Event log errors: =========================


Application errors:
==================
Error: (06/10/2018 11:07:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.


Error: (06/10/2018 11:07:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -583.




System errors:
=============
Error: (06/10/2018 11:05:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 69 time(s).


Error: (06/10/2018 11:05:11 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.


Error: (06/10/2018 11:03:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 68 time(s).


Error: (06/10/2018 11:03:45 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-2147217025.


Error: (06/10/2018 07:00:03 PM) (Source: googledrivefs2356) (EventID: 2) (User: )
Description: bscured by a filter driver.


Error: (06/10/2018 07:00:03 PM) (Source: googledrivefs2356) (EventID: 2) (User: )
Description: ng mounted. If this prevents DriveFS startup, it may mean the DriveFS device has its identity o


Error: (06/10/2018 07:00:03 PM) (Source: googledrivefs2356) (EventID: 2) (User: )
Description: Not mounting because there is no matching DCB. This is expected, if a non-DriveFS device is bei


Error: (06/10/2018 07:00:03 PM) (Source: googledrivefs2356) (EventID: 2) (User: )
Description: bscured by a filter driver.




CodeIntegrity:
===================================


Date: 2016-12-31 14:02:33.632
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_c02edbb4165e839e\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:33.398
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_c02edbb4165e839e\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:33.180
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_c02edbb4165e839e\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:32.946
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22943_none_c02edbb4165e839e\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:32.603
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:32.369
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:32.150
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.


Date: 2016-12-31 14:02:31.916
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22411_none_c04d416616480b5a\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================


Processor: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
Percentage of memory in use: 30%
Total physical RAM: 8191.24 MB
Available physical RAM: 5689.99 MB
Total Virtual: 16380.64 MB
Available Virtual: 12003.49 MB


==================== Drives ================================


Drive c: (HP) (Fixed) (Total:441.5 GB) (Free:180.5 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:24.16 GB) (Free:14.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Media) (Fixed) (Total:3725.9 GB) (Free:3233.66 GB) NTFS
Drive h: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive i: (Google Drive File Stream) (Fixed) (Total:1073741824 GB) (Free:171.48 GB) FAT32




==================== MBR & Partition Table ==================


========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 273C9BD8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=441.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=24.2 GB) - (Type=07 NTFS)


========================================================
Disk: 1 (Size: 1678 GB) (Disk ID: 9233E9E6)


Partition: GPT.


==================== End of Addition.txt ============================
 
I think we have made progress. The "not using Genuine Windows" has stopped popping up.
Its now trying to install updates and I can see the update history.

There were 19 updates to install, 14 involved "Office" and 5 were windows related. The office updates failed so I am now just trying to install the Windows updates.

I found two failures in the history.

Microsoft .NET Framework 4.7.1 for Windows 7 and Windows Server 2008 R2 for x64 (KB4033342)

Installation date: ‎2/‎20/‎2018 5:17 PM

Installation status: Failed

Error details: Code 13EC

Update type: Recommended

The Microsoft .NET Framework 4.7.1 is a highly compatible, in-place update for all the previous versions of .NET Framework 4.X. After you install this update, you may have to restart your computer.

More information:
http://support.microsoft.com/kb/4033342

Help and Support:
http://support.microsoft.com

2018-02 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4074598)

Installation date: ‎2/‎14/‎2018 10:13 AM

Installation status: Failed

Error details: Code 80070070

Update type: Important

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article. After you install this update, you may have to restart your system.

More information:
http://support.microsoft.com/help/4074598

Help and Support:
http://support.microsoft.com/help/4074598

I'll report back with my progress....THANKS!
 
It's all working! Thanks for your help. I will donate.....

Best,

Dennis
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top