Featured Post

Avira Antivirus Pro - Review 2020 - PCMag India

Image
Avira Antivirus Pro - Review 2020 - PCMag IndiaAvira Antivirus Pro - Review 2020 - PCMag IndiaPosted: 11 Jun 2020 12:00 AM PDTEvery computer needs antivirus protection, and one way companies can support that aim is to provide free antivirus to the masses. But these companies can't survive unless some users shell out their hard-earned cash for paid antivirus utilities. Piling on pro-only tools and components is one way companies encourage upgrading to a paid antivirus. Avira Antivirus Pro adds several components not available to users of Avira Free Security, but they don't really add much value. The biggest reason to pay for it is if you want to use Avira in a commercial setting, which isn't allowed with the free version.Avira's pricing is undeniably on the high side, with a list price of $59.88 per year for one license, $71.88 for three, and $95.88 for five. Admittedly, it seems to be perpetually on sale; just now, the one-license price is discounted to $44.99. That…

100 disk usage !please help! - Virus, Trojan, Spyware, and Malware Removal Help - BleepingComputer

Hello, I haven't used bleeping computer in a very long time but about seven years ago or so you guys were extremely helpful so i thought i would try again :) 

 my boyfriend brought me his computer and it was going VERRRRRY slow, not just internet, but desktop and even logging in takes about a half an hour to get past the loading screen, i immediately downloaded malwarebytes and adwcleaner got rid of some PUPs and turned on firewall, but i was looking in task manager and it looks like 100 percent disk usage at all times and it isn't saying what is causing it. . . i am not sure if this is a malware problem, the computer is new, as in 3 years old, but not used very often. I will include my FRST scan and see if you professionals can decipher what is going on with this slow beast. 

 Thank you again so much for your time. 

p.s also about the disk percentage, i notice now it goes from 0 to 100 and back again about every two seconds, i am  not sure if thats normal or not or if it is clearing because i deleted those PUPS but any advice would be appreciated. 

first is the FRST file then the audition file 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-03-2020
Ran by steeb (administrator) on DESKTOP-TJBDFC3 (TOSHIBA Satellite E45W-C) (24-03-2020 23:04:45)
Running from C:\Users\steeb\Downloads
Loaded Profiles: steeb (Available Profiles: steeb)
Platform: Windows 10 Home Version 1607 14393.479 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files\TOSHIBA\System Setting\TCrdMain_Win8.exe#6306388005F1B484
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\steeb\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\steeb\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\steeb\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\steeb\AppData\Local\Google\Chrome\User Data\SwReporter\80.230.200\software_reporter_tool.exe
(Intel Corporation -> Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\McCSPServiceHost.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_5\mcapexe.exe
(Intel Corporation -> McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Malwarebytes Inc -> Malwarebytes) C:\Users\steeb\Downloads\adwcleaner_8.0.3.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.1000_x64__kzf8qxf38zg5c\SkypeHost.exe
(Toshiba Client Solutions Co.,Ltd. -> ) C:\ProgramData\TOSHIBA\TSS\Plugins\SwUpdates\Packages\c00008b1-c06b-480d-a2ea-0005187e81a8\22.59.07.TCH0337300B.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [180016 2015-06-08] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3937448 2015-07-21] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-27] (Microsoft Windows -> Microsoft Corporation)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516976 2015-06-09] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1298456 2015-04-20] (Canon Inc. -> CANON INC.)
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe [2022968 2016-04-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\Run: [Spotify] => C:\Program Files (x86)\Spotify\Spotify.exe [7298616 2016-04-01] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\RunOnce: [Application Restart #5] => C:\Users\steeb\AppData\Local\Host App Service\Engine\HostAppService.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources -- (the data entry has 593 more characters).
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\steeb\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\steeb\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\RunOnce: [Uninstall 19.152.0927.0012\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\steeb\AppData\Local\Microsoft\OneDrive\19.152.0927.0012\amd64"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\RunOnce: [Uninstall 19.152.0927.0012] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\steeb\AppData\Local\Microsoft\OneDrive\19.152.0927.0012"
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [371928 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> %SystemRoot%\inf\unregmp2.exe /ShowWMP
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\80.0.3987.149\Installer\chrmstp.exe [2020-03-24] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {039D9120-32E9-406B-AECD-9B399833977C} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe [906360 2016-11-09] (Intel Corporation -> McAfee, Inc.)
Task: {0B3E335D-109C-4782-9488-693A631E1A40} - System32\Tasks\Microsoft\Windows\ErrorDetails\EnableErrorDetailsUpdate => {FE285C8C-5360-41C1-A700-045501C740DE} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {16DEA092-FB0C-40D0-AE20-0536BECC21D9} - System32\Tasks\Microsoft\Windows\EDP\EDP App Launch Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {1B65DD58-D16B-45E8-BEB4-94D7E4D64DF7} - System32\Tasks\Microsoft\Windows\EDP\EDP Auth Task => {35EF4182-F900-4632-B072-8639E4478A61}
Task: {2753C871-94B8-4236-9060-8521F083F038} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\Platform\McAMTaskAgent.exe [906360 2016-11-09] (Intel Corporation -> McAfee, Inc.)
Task: {2BD924B7-47DD-4A81-A7A0-B687369E9843} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {3C652AB6-3BEB-4ED6-8397-D166040B20C5} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115032 2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {42D4712B-F5AF-4702-9E39-291A3E82D866} - System32\Tasks\ActiveMessenger-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\ActiveMessenger.exe [324360 2018-02-23] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
Task: {43FFAEED-0347-459F-B915-A7902D245A78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [385360 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {45F4144F-EB3E-49C7-9515-C058032396F1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [385360 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {4995CE77-C08C-4B1A-AA7A-01E18FF73EF5} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [101168 2015-06-12] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {4BA89482-D10F-4F2A-A48D-8994D2765C13} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {54023C7B-5F03-429F-BC96-A22F48098F98} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [385360 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AA559DF-9908-4B0F-A538-9205C23C1C03} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-23] (Google Inc -> Google LLC)
Task: {5CC81ECD-829D-4121-94F9-345AA276E0EE} - System32\Tasks\{B3C24880-8F4A-4997-A27A-9A5208E3EE4E} => "c:\windows\system32\launchwinapp.exe" hxxp://https://ift.tt/2UAWw9n
Task: {6474F95A-A825-4A97-8F12-D18E59CF6CFB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [385360 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {68B486A8-6A74-4A28-859B-380E93D7A678} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4552120 2020-01-06] (McAfee, LLC -> McAfee, LLC.)
Task: {6BB8A78C-8E0C-4C88-9487-BDC064B0C51D} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {70B95EC8-E584-4158-B262-FE393A344A42} - System32\Tasks\AdwCleaner_onReboot => C:\Users\steeb\Downloads\adwcleaner_8.0.3.exe [8199856 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
Task: {70DB7C0D-76F5-438B-B30B-EA293FE0E842} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1443424 2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Task: {825888C7-3AF1-47BC-BA8D-C9F268B0111B} - System32\Tasks\IS AppCloud Software\App Place for Toshiba-Reminder => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe
Task: {9ECD45EA-A801-4013-875B-BDE00C51FC5A} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [14320 2015-05-27] (DTS, Inc. -> )
Task: {A0ADD600-574B-4415-8CA9-358AEE1608DF} - System32\Tasks\Microsoft\Windows\ErrorDetails\ErrorDetailsUpdate => {9CDA66BE-3271-4723-8D35-DD834C58AD92} C:\Windows\System32\ErrorDetailsUpdate.dll [72704 2016-11-02] (Microsoft Windows -> Microsoft Corporation)
Task: {A67F720B-D62F-4BBA-A467-D18C27A63B7F} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel® Software Asset Manager -> Intel Corporation)
Task: {AD20B1C3-2DCA-46D9-A578-83D7E9584925} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [700040 2014-04-03] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {AFDA5EF1-027B-4B8E-A95B-6701C8E9D3E2} - System32\Tasks\IS AppCloud Software\App Place for Toshiba => C:\Program Files (x86)\Toshiba\AppPlace\toshibaappplace.exe
Task: {B4D8CC5D-9B25-4B7C-872E-9D4F49D43C91} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-09-23] (Google Inc -> Google LLC)
Task: {B957A5B9-E05F-46A0-BD38-0D2B4780BA60} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2E5FF2F-CE54-41A2-A0E2-A4317B8749A3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {C2EAF897-4CAF-4BF9-A05C-B328E76E67F5} - System32\Tasks\BTSchedulerTask => C:\Program Files (x86)\TOSHIBA\Toshiba Bluetooth Device Profile Utility\TosBt_NotificationScheduler.exe [135504 2015-07-08] (TOSHIBA CORPORATION -> Toshiba Corporation)
Task: {D630D66A-5B70-4FDB-A5FC-766E690A67B7} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel® Software Asset Manager -> Intel Corporation)
Task: {D7FDC951-BCE8-45F2-868A-A2421B5578A4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24600440 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
Task: {E03FDE2A-63F2-453B-89E3-229B8C5B8599} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1698000 2015-06-05] (Intel® Software -> Intel Corporation)
Task: {E4CFD92E-6C5E-4CDD-B32A-9C478E22AF9C} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14054104 2015-06-26] (Realtek Semiconductor Corp -> Realtek Semiconductor)
Task: {E68B9700-8D42-4CE2-BF47-5F45D36A1F51} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [724600 2016-10-11] (Intel Corporation -> McAfee, Inc.)
Task: {EE5D4BCD-BB6B-447F-B653-AD86C27355E6} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [585000 2016-09-21] (Dropbox, Inc -> )
Task: {FC1A24DB-C608-4498-B73C-E242B7EB5018} - System32\Tasks\ActiveSync-SystemMechanic => C:\Program Files (x86)\Common Files\Phoenix360\ActiveCore\activesync.exe [195328 2018-02-23] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{6f9dbe79-77e0-4b01-b5e7-f7cc3ce9d0e7}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Internet Explorer:
==================
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba15.msn.com/?pc=TBTE
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba15.msn.com/?pc=TBTE
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://start.new.toshiba.com?cid=H16C1
SearchScopes: HKU\S-1-5-21-442033261-3094401135-1840278262-1001 -> DefaultScope {820F6717-C9F0-434B-9CE1-DB23014F1DC3} URL = 
SearchScopes: HKU\S-1-5-21-442033261-3094401135-1840278262-1001 -> {820F6717-C9F0-434B-9CE1-DB23014F1DC3} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-03-24] (McAfee, Inc. -> McAfee, Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-03-24] (McAfee, Inc. -> McAfee, Inc.)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKU\S-1-5-21-442033261-3094401135-1840278262-1001 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (Canon Inc. -> CANON INC.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll No File
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-03-24]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-01-16] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-11-18] (Intel Corporation -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) [File not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-11-18] (Intel Corporation -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-442033261-3094401135-1840278262-1001: SkypePlugin -> C:\Users\steeb\AppData\Local\SkypePlugin\7.26.0.47\npGatewayNpapi.dll [2016-09-15] (Microsoft Corporation -> Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-442033261-3094401135-1840278262-1001: SkypePlugin64 -> C:\Users\steeb\AppData\Local\SkypePlugin\7.26.0.47\npGatewayNpapi-x64.dll [2016-09-15] (Microsoft Corporation -> Skype Technologies S.A.)
CHR Profile: C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default [2020-03-24]
CHR Extension: (Slides) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-09-23]
CHR Extension: (Docs) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-09-23]
CHR Extension: (Google Drive) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-09-23]
CHR Extension: (YouTube) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-09-23]
CHR Extension: (Sheets) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-09-23]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2020-03-24]
CHR Extension: (Google Docs Offline) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-24]
CHR Extension: (Gmail) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-09-23]
CHR Extension: (Chrome Media Router) - C:\Users\steeb\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 0184871558552596mcinstcleanup; C:\WINDOWS\TEMP\018487~1.EXE [1008304 2016-10-11] (McAfee, Inc. -> McAfee, Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11091224 2020-03-05] (Microsoft Corporation -> Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-14] (Dropbox, Inc -> Dropbox, Inc.)
S4 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19960 2015-05-27] (DTS, Inc. -> )
R4 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [189704 2016-07-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
S2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370848 2019-05-05] (Intel Corporation -> Intel Corporation)
R4 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] (Canon Inc. -> )
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel® Corporation)
S3 Intel® WiDi SAM; C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel® Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-06-23] (Intel® Software Asset Manager -> Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [6933272 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
S4 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899640 2020-03-24] (McAfee, Inc. -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_5\McAPExe.exe [963176 2016-10-07] (Intel Corporation -> McAfee, Inc.)
S4 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [379896 2015-07-03] (McAfee, Inc. -> McAfee, Inc.)
R4 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
R4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.2.351.0\\McCSPServiceHost.exe [1934968 2016-10-17] (Intel Corporation -> McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
R4 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
S4 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [1307752 2016-10-20] (Intel Corporation -> McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
R4 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [242704 2016-09-08] (McAfee, Inc. -> McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [384016 2016-09-08] (McAfee, Inc. -> McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [331280 2016-09-08] (McAfee, Inc. -> McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1473128 2016-10-07] (Intel Corporation -> McAfee, Inc.)
S4 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [603752 2016-10-14] (Intel Corporation -> McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] (Intel Corporation-Wireless Connectivity Solutions -> )
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1041512 2016-09-08] (Intel Corporation -> Intel Security, Inc.)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> )
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [294616 2015-05-22] (Realtek Semiconductor Corp -> Realtek Semiconductor)
S4 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237736 2015-07-21] (Synaptics Incorporated -> Synaptics Incorporated)
S2 TOSRMService; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\RMService.exe [330032 2015-11-20] (TOSHIBA CORPORATION -> TOSHIBA)
S4 TOSTABSYSSVC; C:\Program Files (x86)\TOSHIBA\TOSHIBA System Driver\TOSTABSYSSVC.exe [240432 2015-10-26] (TOSHIBA CORPORATION -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation -> Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel Corporation-Wireless Connectivity Solutions -> Intel® Corporation)
S2 GFNEXSrv; "C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 bcmfn; C:\WINDOWS\System32\drivers\bcmfn.sys [9728 2016-07-16] (Microsoft Windows -> Windows ® Win 7 DDK provider)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [88120 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc. -> McAfee, Inc.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [214496 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2020-03-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [195432 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [73584 2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248968 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [119960 2020-03-24] (Malwarebytes Inc -> Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [477752 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [364088 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [85656 2016-09-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [512056 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [884792 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [527496 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [109336 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [110136 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252984 2016-09-09] (McAfee, Inc. -> McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] (Microsoft Windows -> )
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [301784 2015-06-01] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-07-21] (Synaptics Incorporated -> Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45728 2015-08-07] (TOSHIBA CORPORATION -> Toshiba Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Windows -> Microsoft Corporation)
R2 PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-24 23:04 - 2020-03-24 23:07 - 000035870 _____ C:\Users\steeb\Downloads\FRST.txt
2020-03-24 23:04 - 2020-03-24 23:06 - 000000000 ____D C:\FRST
2020-03-24 22:54 - 2020-03-24 22:54 - 000003174 _____ C:\WINDOWS\system32\Tasks\AdwCleaner_onReboot
2020-03-24 22:53 - 2020-03-24 22:53 - 000001379 _____ C:\Users\steeb\Downloads\fixlist.txt
2020-03-24 22:49 - 2020-03-24 22:56 - 000000000 ____D C:\Users\steeb\AppData\LocalLow\IGDump
2020-03-24 22:49 - 2020-03-24 22:49 - 000195432 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2020-03-24 22:49 - 2020-03-24 22:49 - 000119960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2020-03-24 22:49 - 2020-03-24 22:49 - 000073584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2020-03-24 22:48 - 2020-03-24 22:48 - 000002032 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2020-03-24 22:48 - 2020-03-24 22:48 - 000002032 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2020-03-24 22:48 - 2020-03-24 22:48 - 000000000 ____D C:\Users\steeb\AppData\Local\mbamtray
2020-03-24 22:48 - 2020-03-24 22:48 - 000000000 ____D C:\Users\steeb\AppData\Local\mbam
2020-03-24 22:48 - 2020-03-24 22:48 - 000000000 ____D C:\Users\steeb\AppData\Local\cache
2020-03-24 22:48 - 2020-03-24 22:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2020-03-24 22:47 - 2020-03-24 22:51 - 000000000 ____D C:\AdwCleaner
2020-03-24 22:47 - 2020-03-24 22:47 - 000248968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2020-03-24 22:47 - 2020-03-24 22:47 - 000214496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2020-03-24 22:47 - 2020-03-24 22:47 - 000000000 ____D C:\ProgramData\Malwarebytes
2020-03-24 22:47 - 2020-03-24 22:46 - 000153312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2020-03-24 22:47 - 2020-03-24 22:46 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2020-03-24 22:46 - 2020-03-24 22:46 - 008199856 _____ (Malwarebytes) C:\Users\steeb\Downloads\adwcleaner_8.0.3.exe
2020-03-24 22:46 - 2020-03-24 22:46 - 000000000 ____D C:\Program Files\Malwarebytes
2020-03-24 22:45 - 2020-03-24 23:03 - 002279936 _____ (Farbar) C:\Users\steeb\Downloads\FRST64.exe
2020-03-24 22:45 - 2020-03-24 22:46 - 001957784 _____ (Malwarebytes) C:\Users\steeb\Downloads\MBSetup.exe
2020-03-24 21:32 - 2020-03-24 21:32 - 000000000 ____D C:\Users\steeb\AppData\Roaming\WinBatch
2020-03-24 21:25 - 2020-03-24 21:26 - 001288408 _____ (Google LLC) C:\Users\steeb\Downloads\ChromeSetup (1).exe
2020-03-24 21:24 - 2014-04-16 15:08 - 000658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall1468364.exe
2020-03-24 21:10 - 2020-03-24 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-24 23:06 - 2016-07-16 04:47 - 000000000 ___HD C:\Program Files\WindowsApps
2020-03-24 22:57 - 2016-07-16 04:47 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-03-24 22:54 - 2019-09-23 23:55 - 000000000 ____D C:\Users\steeb\AppData\Local\Google
2020-03-24 22:53 - 2016-04-01 07:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2020-03-24 22:53 - 2016-04-01 06:55 - 000000000 ____D C:\Program Files (x86)\TOSHIBA
2020-03-24 22:53 - 2016-04-01 06:54 - 000000000 ____D C:\ProgramData\TOSHIBA
2020-03-24 22:53 - 2015-12-21 23:30 - 000000000 ____D C:\Program Files\TOSHIBA
2020-03-24 22:51 - 2016-05-04 14:21 - 000000000 ____D C:\Users\steeb\AppData\Local\App Place for Toshiba
2020-03-24 22:51 - 2015-10-30 00:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2020-03-24 22:47 - 2016-07-16 04:47 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2020-03-24 22:45 - 2016-05-04 14:21 - 000000000 ____D C:\Users\steeb\AppData\Local\Packages
2020-03-24 22:39 - 2016-09-27 17:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-03-24 22:21 - 2016-07-16 04:36 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-03-24 22:11 - 2018-09-04 20:09 - 000003710 _____ C:\WINDOWS\system32\Tasks\McAfee Remediation (Prepare)
2020-03-24 21:31 - 2019-09-23 23:55 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-03-24 21:31 - 2019-09-23 23:55 - 000002303 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-03-24 21:31 - 2019-09-23 23:55 - 000002303 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-03-24 21:26 - 2019-01-03 20:54 - 000000000 ____D C:\Windows10Upgrade
2020-03-24 21:25 - 2016-04-01 07:29 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2020-03-24 21:24 - 2016-05-23 00:41 - 000000000 ____D C:\Users\steeb\AppData\Roaming\WildTangent
2020-03-24 21:24 - 2016-04-01 07:29 - 000000000 ____D C:\ProgramData\WildTangent
2020-03-24 21:22 - 2016-07-16 04:47 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-03-24 21:21 - 2016-04-01 07:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-03-24 21:12 - 2019-09-23 23:55 - 000003420 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-24 21:12 - 2019-09-23 23:55 - 000003296 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2020-03-24 21:10 - 2019-09-23 23:55 - 000000000 ____D C:\Program Files (x86)\Google
2020-03-24 21:10 - 2019-01-03 20:49 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-442033261-3094401135-1840278262-1001
2020-03-24 21:10 - 2016-05-04 14:26 - 000002374 _____ C:\Users\steeb\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-03-24 21:10 - 2016-05-04 14:26 - 000000000 ___RD C:\Users\steeb\OneDrive
2020-03-24 21:10 - 2016-04-01 06:45 - 001447348 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-03-24 21:09 - 2018-09-04 20:12 - 000748816 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-03-24 21:09 - 2016-09-27 18:10 - 000004008 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineUA
2020-03-24 21:09 - 2016-09-27 18:10 - 000003776 _____ C:\WINDOWS\system32\Tasks\DropboxUpdateTaskMachineCore
2020-03-24 21:09 - 2016-04-01 07:28 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2020-03-24 21:09 - 2016-04-01 07:28 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2020-03-24 21:08 - 2016-09-27 14:17 - 000000000 ____D C:\Users\steeb\AppData\Local\Spotify
2020-03-24 21:07 - 2016-05-04 14:21 - 000000000 __SHD C:\Users\steeb\IntelGraphicsProfiles
2020-03-24 21:06 - 2016-09-27 17:48 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-03-24 21:05 - 2016-09-27 17:52 - 000000000 ____D C:\Users\steeb
2020-03-24 21:05 - 2016-07-15 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2020-03-24 21:05 - 2016-04-01 07:33 - 000000000 ____D C:\ProgramData\McAfee
2020-03-24 21:04 - 2016-09-27 18:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-03-24 21:04 - 2016-04-01 07:33 - 000000000 ____D C:\Program Files\mcafee
2020-03-07 21:46 - 2016-07-16 04:45 - 000000000 ____D C:\WINDOWS\INF
==================== Files in the root of some directories ========
2020-03-24 21:24 - 2014-04-16 15:08 - 000658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall1468364.exe
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2019-09-23 22:59
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-03-2020
Ran by steeb (24-03-2020 23:09:20)
Running from C:\Users\steeb\Downloads
Windows 10 Home Version 1607 14393.479 (X64) (2016-09-28 01:14:18)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-442033261-3094401135-1840278262-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-442033261-3094401135-1840278262-503 - Limited - Disabled)
Guest (S-1-5-21-442033261-3094401135-1840278262-501 - Limited - Disabled)
steeb (S-1-5-21-442033261-3094401135-1840278262-1001 - Administrator - Enabled) => C:\Users\steeb
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {B10D5953-051E-97F6-F53B-3839EFD98259}
AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {0A6CB8B7-2324-9878-CF8B-034B945EC8E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {8936D876-4F71-96AE-DE64-910C110AC522}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Bluetooth® Link (HKLM\...\{936D21BF-3344-4B20-BC4C-3B67580C19F5}) (Version: 4.3.04 - Toshiba Corporation)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.02 - Canon Inc.)
Canon MG2500 series On-screen Manual (HKLM-x32\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
Canon MG2500 series User Registration (HKLM-x32\...\Canon MG2500 series User Registration) (Version:  - ‭Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.)
CyberLink PhotoDirector 5 (HKLM\...\{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6312.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4425.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.4425.0 - CyberLink Corp.)
digi.me (HKLM-x32\...\digi.me) (Version: 7.0.9 - digi.me Limited)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.295.1 - Dropbox, Inc.) Hidden
DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.)
Get Dropbox (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4474 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® WiDi (HKLM\...\{5DD8D7E4-87F1-4134-AD28-4228FB1A03BA}) (Version: 6.0.44.0 - Intel Corporation)
Intel® WiDi Software Asset Manager (HKLM-x32\...\{86905E62-645F-482E-A417-82C812ABD787}) (Version: 1.1.383 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Malwarebytes version 4.1.0.56 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.1.0.56 - Malwarebytes)
McAfee LiveSafe - Internet Security (HKLM-x32\...\MSC) (Version: 15.0.2063 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.36 - McAfee, Inc.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12527.20278 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\OneDriveSetup.exe) (Version: 19.232.1124.0010 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.20278 - Microsoft Corporation) Hidden
osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10130.29089 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Skype Web Plugin (HKLM-x32\...\{2E38DBB5-C606-475A-B0E4-E0643A037EA0}) (Version: 7.26.0.47 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 1.0.5.186.ga9c24d6a - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)
System Mechanic (HKLM-x32\...\{95129D61-FF52-4FA8-A403-3E31FC5D9696}) (Version: 17.5.1.47 - iolo technologies, LLC)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.8 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 3.0.2.0 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: 2.0.1.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.4.6401 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{B1F241E1-90BF-4201-8977-A0DF85A38EBB}) (Version: 2.6.16.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 2.02.0002.02 - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C99F4AFA-B32C-4063-865C-D7B5CC0A78FB}) (Version: 2.54.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22532 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version:  - )
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11552 - WinZip Computing, S.L. )
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-03-24] (Amazon.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.79.901.0_x86__kgqvnymyfvs32 [2016-12-09] (king.com)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_2.9.0.1_neutral__6e5tt8cgb93ep [2020-03-24] (Canon Inc.)
Dictionary (Toshiba Edition) -> C:\Program Files\WindowsApps\B43AE6A4.DictionaryToshibaEdition_2.1.0.23_x64__4d4hzhw5cmgnt [2016-04-01] (farlex.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2619.19263.0_x86__8xx8rvfyw5nnt [2020-03-24] (Facebook Inc)
INSTEON for Hub -> C:\Program Files\WindowsApps\SmartLabs.INSTEONforHub_1.2.1.18_x86__4162j3jeed9tp [2016-11-07] (SmartLabs)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-05-05] (AMZN Mobile LLC)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11001.20116.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Maps App for Windows -> C:\Program Files\WindowsApps\24728AkshatKumarSingh.MapsApp_12.0.6.0_x64__9zkjtya2skxpr [2019-10-16] (Akshat Kumar Singh) [MS Ad]
Messenger -> C:\Program Files\WindowsApps\Facebook.317180B0BB486_91.663.61525.0_x86__8xx8rvfyw5nnt [2016-11-12] (Facebook Inc)
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for JavaScript -> C:\Program Files\WindowsApps\Microsoft.Advertising.JavaScript_10.1805.2.0_x86__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-03-24] (Microsoft Corporation) [MS Ad]
Microsoft Phone -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2019-10-16] (Microsoft Corporation)
Microsoft Phone Companion -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2019-09-23] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.12.12120.0_x64__8wekyb3d8bbwe [2016-12-18] (Microsoft Studios) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.17.74.0_x86__8wekyb3d8bbwe [2016-11-24] (Microsoft Corporation) [MS Ad]
MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.37.0_x86__8wekyb3d8bbwe [2016-12-18] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.17.74.0_x86__8wekyb3d8bbwe [2016-11-24] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.17.74.0_x86__8wekyb3d8bbwe [2016-11-24] (Microsoft Corporation) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-05-05] (Ennova Research)
MyMusicCloud - Toshiba -> C:\Program Files\WindowsApps\TriPlayInc.MyMusicCloud-Toshiba_1.0.50.2550_x86__rejfh65ekdhs8 [2019-10-16] (TriPlay Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2020-03-24] (Netflix, Inc.)
Pandora -> C:\Program Files\WindowsApps\PandoraMediaInc.29680B314EFC2_15.0.3.0_x64__n619g4d5j0fnw [2020-03-24] (Pandora Media Inc) [Startup Task]
Sonic Dash -> C:\Program Files\WindowsApps\SegaNetworksInc.56538047DFC80_3.6.4.0_x86__as33fap47kd3c [2019-10-16] (SEGA Networks Inc)
Texture - Unlimited Magazines -> C:\Program Files\WindowsApps\NextIssue.NextIssueMagazines_1.6.1.0_x64__91pt4qm2m3xcw [2016-05-05] (NEXT ISSUE MEDIA LLC)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.5.10.0_x64__qj0v5chwq8f2g [2016-11-18] (TripAdvisor LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2019-10-16] (Twitter Inc.)
Zoom Rooms -> C:\Program Files\WindowsApps\ZoomVideoCommunicationsIn.ZoomRooms_4.3.13399.0_x86__r9fg4ykbbcwvc [2020-03-24] (Zoom Video Communications, Inc.)
ZUUS -> C:\Program Files\WindowsApps\181132B7.ZUUS_1.1.0.0_neutral__zrxb4n2dhz0mw [2016-04-01] (ZUUS Media, Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-442033261-3094401135-1840278262-1001_Classes\CLSID\{95DB3AD2-951C-4714-9FA2-406FDD28AA7A}\InprocServer32 -> C:\Users\steeb\AppData\Local\SkypePlugin\7.26.0.47\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.)
ContextMenuHandlers1: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\Incinerator.dll [2018-03-06] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
ContextMenuHandlers1: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-09-11] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [Incinerator] -> {E8215BEA-3290-4C73-964B-75502B9B41B2} => C:\Program Files (x86)\Phoenix360\System Mechanic\Incinerator.dll [2018-03-06] (IOLO TECHNOLOGIES, LLC -> iolo technologies, LLC)
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-09-11] (WinZip Computing LLC -> WinZip Computing, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-05-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2020-03-24] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2016-11-18] (Intel Corporation -> McAfee, Inc.)
ContextMenuHandlers6: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2015-09-11] (WinZip Computing LLC -> WinZip Computing, S.L.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\amazon.com -> hxxps://amazon.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 00:24 - 2015-10-30 00:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Innovation\Bishop Tree.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: 0184871558552596mcinstcleanup => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: dts_apo_service => 3
MSCONFIG\Services: GoogleChromeElevationService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: IJPLMSVC => 2
MSCONFIG\Services: McAfee WebAdvisor => 2
MSCONFIG\Services: McAWFwk => 3
MSCONFIG\Services: mcbootdelaystartsvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 3
MSCONFIG\Services: SynTPEnhService => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TOSTABSYSSVC => 2
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-442033261-3094401135-1840278262-1001\...\StartupApproved\Run: => "Spotify Web Helper"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{9E230DD8-C1E0-43DD-9800-2F9096C564EA}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE No File
FirewallRules: [{1CB34A92-5CC2-4806-B734-17871EB3BC6B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (Intel Corporation -> McAfee, Inc.)
FirewallRules: [{B8CCA372-FD26-42ED-8544-B822B5F7A5ED}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C08398AA-9354-4D4E-A15C-F8A974C08248}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyCrashService.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D676443A-CDF4-4A05-B734-ADC008D1D390}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{BDCD1C92-0947-4DF4-BF4B-997D5DA38950}] => (Allow) C:\Program Files (x86)\Spotify\SpotifyWebHelper.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{00B0B4D0-F8D2-4A84-A102-FB1D1694EFF3}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6BA47BE7-8B8E-4D6B-85F8-AD0965E890D6}] => (Allow) C:\Program Files (x86)\Spotify\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{C13CF68B-3590-4FFE-A2C6-32226B48635D}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe No File
FirewallRules: [{5C4E5BFD-BC0F-4A6B-8685-47C87C758663}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe No File
FirewallRules: [{B5E68391-DB40-4C9D-B886-8B4385499506}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe No File
FirewallRules: [{FF1754D3-0C0D-4FD1-9A9A-4F6B83BD13CD}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe No File
FirewallRules: [{15F2204B-25F5-425C-AF61-1D95CE12EB79}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Wireless Connectivity Solutions -> )
FirewallRules: [{819B96F3-8BA4-442F-8467-767F30313B9A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{36C378A8-4495-4763-BE69-E16AF5C72C95}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
16-10-2019 00:03:28 Windows Update
24-03-2020 22:20:18 Windows Update
24-03-2020 22:49:03 AdwCleaner_BeforeCleaning_24/03/2020_22:49:03
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (03/24/2020 11:06:31 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:26 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:21 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:16 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:11 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:06 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:06:01 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
Error: (03/24/2020 11:05:56 PM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating  status to SECURITY_PRODUCT_STATE_ON (error %3).
System errors:
=============
Error: (03/24/2020 10:53:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error: 
An instance of the service is already running.
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the McAfee WebAdvisor service, but this action failed with the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TOSHIBA eco Utility Service service terminated unexpectedly.  It has done this 1 time(s).
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The McAfee WebAdvisor service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 1 milliseconds: Restart the service.
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The TMachInfo service terminated unexpectedly.  It has done this 1 time(s).
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Remediation Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (03/24/2020 10:51:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
Windows Defender:
===================================
Date: 2019-09-23 23:03:33.393
Description: 
Windows Defender scan has been stopped before completion.
Scan ID: {AD6A6707-7472-4925-B6A6-8E6C1EB84EF4}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2020-03-24 21:38:16.351
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 
Previous Signature Version: 1.303.801.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version: 
Previous Engine Version: 1.1.16900.4
Error code: 0x80070643
Error description: Fatal error during installation. 
Date: 2020-03-24 21:37:16.976
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.313.24.0
Previous Signature Version: 1.303.801.0
Update Source: User
Signature Type: AntiSpyware
Update Type: Delta
Current Engine Version: 1.1.16900.4
Previous Engine Version: 1.1.16900.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
Date: 2020-03-24 21:37:16.976
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version: 1.313.24.0
Previous Signature Version: 1.303.801.0
Update Source: User
Signature Type: AntiVirus
Update Type: Delta
Current Engine Version: 1.1.16900.4
Previous Engine Version: 1.1.16900.4
Error code: 0x80070666
Error description: Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
Date: 2020-03-24 21:05:40.271
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x800705b4
Error description: This operation returned because the timeout period expired. 
Reason: The Network Inspection System did not successfully start due to an error.
Date: 2019-10-03 16:29:16.485
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: On Access
Error Code: 0x80004005
Error description: Unspecified error 
Reason: The filter driver skipped scanning items and is in pass through mode. This may be due to low resource conditions.
CodeIntegrity:
===================================
Date: 2019-09-23 22:59:13.559
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info =========================== 
BIOS: INSYDE Corp. 5.10 09/21/2015
Motherboard: FF40 06A0
Processor: Intel® Core™ i3-5015U CPU @ 2.10GHz
Percentage of memory in use: 67%
Total physical RAM: 6058.26 MB
Available physical RAM: 1989.08 MB
Total Virtual: 7128.39 MB
Available Virtual: 2182.14 MB
==================== Drives ================================
Drive c: (TIS0008500E) (Fixed) (Total:465.04 GB) (Free:401.39 GB) NTFS
Drive d: (ESP) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
Drive e: () (Fixed) (Total:0.45 GB) (Free:0.03 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================



https://ift.tt/2vSd5FK

Comments

Popular Posts

System detected an overrun of a stack-based buffer in this application [FIX] - Windows Report

Valorant anti-cheat lead answers many questions on Reddit - Millenium US