The slimware update keeps popping up. I would really appreciate your kind help in helping remove it.Any suggestion would be good.
Thanks so much.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3-07-2019
Ran by User (administrator) on LAPTOP-VBJ4OFN0 (HP HP Laptop 15-db0xxx) (09-07-2019 20:44:38)
Running from C:\Users\User\Desktop
Loaded Profiles: User (Available Profiles: User)
Platform: Windows 10 Home Version 1809 17763.195 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19041.16510.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19061.410.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atiesrxx.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\TouchpointAnalyticsClientService.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\AppHelperCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\NetworkCap.exe
(HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe
(HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\Common Files\DynamicAppDownloader\Downloads\OSSwitchService.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(McAfee, Inc. -> McAfee, Inc.) C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SnippingTool.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek) C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.) C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc) C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\DriverUpdate\DriverUpdate.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimService.exe
(Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.) C:\Program Files\SlimServices\SlimServiceFactory.exe
(sound research corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPHelper.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\windows\System32\RtkAudUService64.exe [855528 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtlS5Wake] => C:\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe [2097600 2018-04-17] (Realtek Semiconductor Corp. -> Realtek)
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\Run: [DriverUpdate] => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {37FD73A2-CA7F-4726-AB54-561A909C17AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4941E8BE-A78C-40D0-9EED-574C421BAFC4} - System32\Tasks\SlimCleaner Plus (Scheduled Scan) => C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe [333400 2019-06-11] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Inc)
Task: {4DF23D4D-2542-45F8-BCBF-CC7869CFB48C} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent => {61f77d5e-afe9-400b-a5e6-e9e80fc8e601} C:\Windows\System32\RDXTaskFactory.dll [411136 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {55DA8762-E651-43D1-BF89-6189A854A22D} - System32\Tasks\DriverUpdate Scan => C:\Program Files\DriverUpdate\DriverUpdate.exe [37680216 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities, Inc.)
Task: {5C854E9C-0154-44E8-A2FD-B948592A169A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9C6A9F84-4C08-4B63-918D-32BCCAA51B75} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {A4EC146D-60D4-4D30-AA09-FDF983E26284} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-07-08] (HP Inc. -> HP Inc.)
Task: {A9FD898C-1962-406B-A189-FA2ECB74875F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E141AC46-6173-4A3F-8BF6-9BB9807D179E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1073528 2019-07-08] (HP Inc. -> HP Inc.)
Task: {F9F74FEC-42CD-4881-82C3-B9CBE48222B2} - System32\Tasks\McAfee\mfewin10switch => C:\Program Files\HP\McAfeePre\1.1.222\DADUpdater.exe [4178840 2019-07-06] (McAfee, Inc. -> McAfee, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.197.42.70
Tcpip\..\Interfaces\{ba69cfed-42f0-4f6c-adb3-3ad5f5584628}: [DhcpNameServer] 10.197.42.70
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {0F8D12A4-F41A-4A07-A31E-94FC5E6166BB} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0F8D12A4-F41A-4A07-A31E-94FC5E6166BB} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea ... -keywords={searchTerms}
FireFox:
========
FF DefaultProfile: 3yb3bbn8.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\3yb3bbn8.default [2019-07-08]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vwtmh6aq.default-release [2019-07-09]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atiesrxx.exe [507936 2019-01-09] (Advanced Micro Devices, Inc. -> AMD)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\AppHelperCap.exe [401376 2018-12-14] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\NetworkCap.exe [401376 2018-12-14] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe [403936 2018-12-14] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\TouchpointAnalyticsClientService.exe [420304 2018-12-07] (HP Inc. -> HP Inc.)
R2 RtkAudioUniversalService; C:\windows\System32\RtkAudUService64.exe [855528 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\windows\RtkBtManServ.exe [749536 2018-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R2 SECOMNService; C:\windows\System32\SECOMN64.exe [166392 2019-01-07] (sound research corporation -> Sound Research, Corp.)
R3 SlimWareServices; C:\Program Files\SlimWare Utilities\Services\SlimWare.Services.exe [181848 2019-06-25] (Slimware Utilities Holdings, Inc. -> SlimWare Utilities Holdings, Inc.)
R2 SynTPEnhService; C:\windows\System32\SynTPEnhService.exe [398376 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-09] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 amdacpbus; C:\windows\System32\drivers\amdacpbus.sys [945224 2019-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 AmdAS4; C:\windows\System32\drivers\AmdAS4.sys [26888 2019-01-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, INC.)
S3 amdgpio2; C:\windows\System32\drivers\amdgpio2.sys [34568 2019-01-09] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R3 amdkmdag; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atikmdag.sys [47551008 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\windows\System32\DriverStore\FileRepository\u0337817.inf_amd64_4e2c1a5ea7d040a8\B337709\atikmpag.sys [589312 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdpsp; C:\windows\System32\drivers\amdpsp.sys [137688 2019-01-09] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc. )
S3 AmUStor; C:\windows\system32\drivers\AmUStor.SYS [108480 2018-11-23] (Alcorlink Corp. -> )
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWT6.sys [107400 2019-01-09] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1f5602eb8a12ac4c\x64\hpcustomcapdriver.sys [16432 2018-10-26] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [1139640 2018-12-22] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\windows\System32\drivers\RtkBtfilter.sys [767472 2018-11-20] (WDKTestCert VSAuto,131800073559665678 -> Realtek Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [9632008 2018-12-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
R3 SmbDrv; C:\windows\System32\drivers\Smb_driver_AMDASF.sys [47656 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\windows\System32\drivers\Smb_driver_Intel.sys [48168 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SynRMIHID; C:\windows\System32\drivers\SynRMIHID.sys [63016 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SynTPFilterHID; C:\windows\System32\drivers\SynTP.sys [767016 2018-12-27] (Synaptics Incorporated -> Synaptics Incorporated)
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [47704 2019-07-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [367032 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-09] (Microsoft Windows -> Microsoft Corporation)
R3 WinRing0_1_2_0; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\OpenHardwareMonitorLib.sys [14544 2019-07-09] (Noriyuki MIYAZAKI -> OpenLibSys.org)
R3 WirelessButtonDriver64; C:\windows\System32\drivers\WirelessButtonDriver64.sys [35360 2018-09-13] (HP Inc. -> HP)
S3 H2OFFT; \SystemRoot\System32\drivers\H2OFFT64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-09 20:44 - 2019-07-09 20:46 - 000017942 _____ C:\Users\User\Desktop\FRST.txt
2019-07-09 20:44 - 2019-07-09 20:44 - 000000000 ____D C:\FRST
2019-07-09 17:55 - 2019-07-09 17:55 - 002420224 _____ (Farbar) C:\Users\User\Desktop\FRST64.exe
2019-07-09 16:31 - 2019-07-09 16:31 - 000003884 _____ C:\windows\System32\Tasks\SlimCleaner Plus (Scheduled Scan)
2019-07-09 00:30 - 2019-07-09 00:30 - 000000000 ____D C:\windows\System32\Tasks\Hewlett-Packard
2019-07-09 00:30 - 2019-07-09 00:30 - 000000000 ____D C:\Users\User\AppData\Roaming\Hewlett-Packard
2019-07-09 00:18 - 2019-07-09 00:18 - 000000000 ____D C:\Users\User\AppData\Local\Publishers
2019-07-08 22:07 - 2019-07-08 22:07 - 000000000 ____D C:\Users\User\AppData\Local\Comms
2019-07-08 20:38 - 2019-07-08 20:38 - 000000000 ____D C:\Users\User\AppData\Local\DBG
2019-07-08 20:18 - 2019-07-08 21:39 - 000003376 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-1002
2019-07-08 20:18 - 2019-07-08 21:39 - 000000000 ___RD C:\Users\User\OneDrive
2019-07-08 20:18 - 2019-07-08 20:18 - 000002527 _____ C:\Users\Public\Desktop\SlimCleaner Plus.lnk
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Users\User\AppData\Local\Downloaded Installers
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\SlimWare Utilities Inc
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimCleaner Plus
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimServices
2019-07-08 20:18 - 2019-07-08 20:18 - 000000000 ____D C:\Program Files\SlimCleaner Plus
2019-07-08 20:17 - 2019-07-08 20:17 - 000000000 ____D C:\Users\User\AppData\Local\PlaceholderTileLogoFolder
2019-07-08 20:16 - 2019-07-09 16:29 - 000000000 ____D C:\Users\User\AppData\Local\SlimWare Utilities Inc
2019-07-08 20:16 - 2019-07-08 20:16 - 000003772 _____ C:\windows\System32\Tasks\DriverUpdate Scan
2019-07-08 20:16 - 2019-07-08 20:16 - 000002489 _____ C:\Users\Public\Desktop\DriverUpdate.lnk
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\SlimWare Utilities
2019-07-08 20:16 - 2019-07-08 20:16 - 000000000 ____D C:\Program Files\DriverUpdate
2019-07-08 20:15 - 2019-07-08 20:15 - 000000000 ____D C:\Users\Public\Documents\Downloaded Installers
2019-07-08 16:17 - 2019-07-09 17:44 - 000000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2019-07-08 16:17 - 2019-07-08 16:17 - 000001446 _____ C:\Users\User\Desktop\Microsoft Edge.lnk
2019-07-08 16:17 - 2019-07-08 16:17 - 000000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2019-07-08 16:17 - 2019-07-08 16:17 - 000000000 ____D C:\Users\User\AppData\Local\Mozilla
2019-07-08 16:15 - 2019-07-08 16:15 - 000000000 ___HD C:\Users\User\MicrosoftEdgeBackups
2019-07-08 16:15 - 2019-07-08 16:15 - 000000000 ____D C:\Users\User\AppData\Local\MicrosoftEdge
2019-07-08 16:08 - 2019-07-09 17:01 - 000000000 ____D C:\Users\User\AppData\Local\Packages
2019-07-08 16:08 - 2019-07-08 23:57 - 000000000 ____D C:\Users\User\AppData\Local\D3DSCache
2019-07-08 16:08 - 2019-07-08 21:39 - 000002367 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-08 16:08 - 2019-07-08 16:09 - 000000000 ____D C:\Users\User\AppData\Local\ConnectedDevicesPlatform
2019-07-08 16:08 - 2019-07-08 16:08 - 000000020 ___SH C:\Users\User\ntuser.ini
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ___RD C:\Users\User\3D Objects
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Synaptics
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Roaming\Adobe
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Local\VirtualStore
2019-07-08 16:08 - 2019-07-08 16:08 - 000000000 ____D C:\Users\User\AppData\Local\AMD
2019-07-08 15:59 - 2019-07-08 15:59 - 000000000 ____D C:\Users\gside\AppData\Roaming\GetMyDrivers
2019-07-08 15:59 - 2019-07-08 15:59 - 000000000 ____D C:\Users\gside\AppData\Local\PlaceholderTileLogoFolder
2019-07-07 16:14 - 2019-07-07 16:26 - 000000000 ____D C:\windows\system32\MRT
2019-07-07 16:14 - 2019-07-07 16:14 - 135349160 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2019-07-07 16:14 - 2019-07-07 16:14 - 001993528 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
2019-07-07 16:13 - 2019-07-07 16:13 - 000000000 ____D C:\Program Files\UNP
2019-07-06 23:38 - 2019-07-06 23:38 - 000000000 _SHDL C:\Documents and Settings
2019-07-06 19:22 - 2019-07-06 19:00 - 000592616 _____ (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2019-07-06 17:33 - 2019-07-06 17:33 - 000000000 ____D C:\Users\gside\AppData\Local\DBG
2019-07-06 17:32 - 2019-07-06 17:32 - 000000000 ____D C:\Users\gside\AppData\Local\Comms
2019-07-06 17:23 - 2019-07-06 17:23 - 000000000 ____D C:\ProgramData\McAfee_dad
2019-07-06 17:23 - 2019-07-06 17:23 - 000000000 ____D C:\Program Files\Common Files\McAfee.COM
2019-07-06 17:22 - 2019-07-06 17:23 - 000000000 ____D C:\ProgramData\McAfee
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\windows\System32\Tasks\McAfee
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\Users\gside\AppData\Roaming\HP
2019-07-06 17:22 - 2019-07-06 17:22 - 000000000 ____D C:\Program Files\Common Files\DynamicAppDownloader
2019-07-06 17:10 - 2019-07-06 17:10 - 000000000 ____D C:\Users\gside\AppData\Local\Publishers
2019-07-06 17:08 - 2019-07-08 15:30 - 000000000 ____D C:\Users\gside\AppData\LocalLow\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-06 17:08 - 2019-07-06 17:08 - 000001000 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Users\gside\AppData\Roaming\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Users\gside\AppData\Local\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\ProgramData\Mozilla
2019-07-06 17:08 - 2019-07-06 17:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-06 17:07 - 2019-07-06 17:08 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-06 16:57 - 2019-07-08 23:14 - 000000000 ___RD C:\Users\gside\OneDrive
2019-07-06 16:57 - 2019-07-06 17:00 - 000003378 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-1001
2019-07-06 16:54 - 2019-07-06 16:54 - 000001446 _____ C:\Users\gside\Desktop\Microsoft Edge.lnk
2019-07-06 16:53 - 2019-07-08 16:02 - 000000000 ____D C:\Users\gside\AppData\Local\D3DSCache
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ___HD C:\Users\gside\MicrosoftEdgeBackups
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ____D C:\Users\gside\AppData\Local\MicrosoftEdge
2019-07-06 16:53 - 2019-07-06 16:53 - 000000000 ____D C:\Users\gside\AppData\Local\AMD
2019-07-06 16:52 - 2019-07-08 20:11 - 000000000 ____D C:\Users\gside\AppData\Local\Packages
2019-07-06 16:52 - 2019-07-06 17:24 - 000000000 ____D C:\Users\gside\AppData\Local\ConnectedDevicesPlatform
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ___RD C:\Users\gside\3D Objects
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Roaming\Synaptics
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Roaming\Adobe
2019-07-06 16:52 - 2019-07-06 16:52 - 000000000 ____D C:\Users\gside\AppData\Local\VirtualStore
2019-07-06 16:47 - 2019-07-06 17:00 - 000002370 _____ C:\Users\gside\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-06 16:47 - 2019-07-06 16:57 - 000000000 ____D C:\Users\gside
2019-07-06 16:47 - 2019-07-06 16:47 - 000000020 ___SH C:\Users\gside\ntuser.ini
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-09 20:34 - 2019-01-18 14:17 - 000000000 ____D C:\ProgramData\HP
2019-07-09 20:34 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-09 20:33 - 2018-11-07 02:45 - 000000000 ____D C:\windows\system32\SleepStudy
2019-07-09 17:01 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-09 17:01 - 2018-09-15 03:33 - 000000000 ____D C:\windows\AppReadiness
2019-07-09 16:53 - 2018-11-07 02:47 - 000000000 ____D C:\ProgramData\Packages
2019-07-09 16:43 - 2018-09-15 03:31 - 000000000 ____D C:\windows\INF
2019-07-09 14:49 - 2018-11-07 02:51 - 000846530 _____ C:\windows\system32\PerfStringBackup.INI
2019-07-09 00:14 - 2018-11-07 02:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2019-07-09 00:13 - 2019-03-15 15:49 - 000065536 _____ C:\windows\psp_storage.bin
2019-07-09 00:13 - 2018-09-15 02:09 - 000786432 _____ C:\windows\system32\config\BBI
2019-07-09 00:10 - 2018-11-07 02:45 - 000000000 ____D C:\windows\system32\Drivers\wd
2019-07-08 23:14 - 2018-09-15 03:23 - 000000000 ____D C:\windows\CbsTemp
2019-07-08 23:13 - 2018-09-15 02:09 - 000000000 ____D C:\windows\servicing
2019-07-08 20:15 - 2019-01-18 14:18 - 000000000 ____D C:\Program Files (x86)\HP
2019-07-08 16:08 - 2018-11-07 02:47 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-07 16:23 - 2019-03-15 15:46 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2019-07-06 23:40 - 2018-09-15 03:33 - 000000000 ____D C:\windows\system32\WinBioDatabase
2019-07-06 23:39 - 2019-03-15 16:25 - 000002852 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2161562956-2876439724-661099721-500
2019-07-06 23:39 - 2018-11-07 02:44 - 000000000 ____D C:\windows\Panther
2019-07-06 19:27 - 2018-09-15 03:33 - 000000000 ___RD C:\Program Files\Windows Defender
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019
Ran by User (09-07-2019 20:46:53)
Running from C:\Users\User\Desktop
Windows 10 Home Version 1809 17763.195 (X64) (2019-07-07 03:39:29)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2161562956-2876439724-661099721-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2161562956-2876439724-661099721-503 - Limited - Disabled)
Guest (S-1-5-21-2161562956-2876439724-661099721-501 - Limited - Disabled)
User (S-1-5-21-2161562956-2876439724-661099721-1002 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2161562956-2876439724-661099721-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
DriverUpdate (HKLM\...\{17D0BC60-A6E6-41AB-AAD8-BCED34B127DA}) (Version: 5.8.5 - Slimware Utilities Holdings, Inc.) Hidden
DriverUpdate (HKLM\...\DriverUpdate) (Version: 5.8.5 - Slimware Utilities Holdings, Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2161562956-2876439724-661099721-1002\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Mozilla Firefox 67.0.4 (x64 en-US) (HKLM\...\Mozilla Firefox 67.0.4 (x64 en-US)) (Version: 67.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 67.0.4 - Mozilla)
SlimCleaner Plus (HKLM\...\{6592C4FC-45A7-42C8-9A68-7E020BDAC8AB}) (Version: 4.2.1.62 - Slimware Utilities, Holding, Inc.) Hidden
SlimCleaner Plus (HKLM\...\SlimCleaner Plus) (Version: 4.2.1.62 - Slimware Utilities, Holding, Inc.)
Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2811.0_x64__343d40qqvtj1t [2019-03-15] (Amazon.com)
Booking.com USA: Big savings on hotels in 96,000 destinations worldwide -> C:\Program Files\WindowsApps\PricelinePartnerNetwork.Booking.comUSABigsavingson_1.0.4.0_x64__mgae2k3ys4ra0 [2019-07-08] (Priceline Partner Network)
Dropbox for S mode -> C:\Program Files\WindowsApps\C27EB4BA.DROPBOX_21.4.5.0_x64__xbfy0k16fey96 [2019-07-08] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2019-03-15] (HP Inc.)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.2.161.0_x64__dt26b99r8h8gj [2019-03-15] (Realtek Semiconductor Corp)
HP JumpStarts -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStarts_1.0.96.0_x64__v10z8vjag6ke6 [2019-03-15] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.0.34.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.575.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.192.0_x64__v10z8vjag6ke6 [2019-07-08] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6 [2019-07-09] (HP Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-07-08] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
McAfee Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_1.4.3.0_x64__wafk5atnkzcwy [2019-07-09] (McAfee Inc.)
Microsoft Access -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Access_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
Microsoft Excel -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Excel_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Outlook -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft PowerPoint -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.PowerPoint_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Publisher -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Publisher_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Studios) [MS Ad]
Microsoft Word -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Word_16051.11727.20230.0_x86__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-07-08] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_6.15.61.0_x64__kx24dqmazqk8j [2019-07-08] (Random Salad Games LLC) [MS Ad]
sMedio True DVD for HP -> C:\Program Files\WindowsApps\0E3921EB.sMedioTrueDVDforHP_1.1.104.0_x64__agwrg61xdd7p4 [2019-07-08] (sMedio Inc.)
Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35042.0.0_x64__807d65c4rvak2 [2019-07-08] (Synaptics Incorporated)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-07-09 00:04 - 2019-07-09 00:05 - 001221120 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
2019-07-09 00:04 - 2019-07-09 00:11 - 000015360 _____ (HP Inc.) [File not signed] C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_1.0.39.0_x64__v10z8vjag6ke6\SystemEventUtility\NativeRpcClient.DLL
2019-07-08 20:16 - 2019-07-08 20:16 - 000944640 _____ (Terra Informatica Software, Inc., British Columbia, Canada.) [File not signed] C:\Users\User\AppData\Local\SlimWare Utilities Inc\DriverUpdate\htmlayout.dll
==================== Alternate Data Streams (Whitelisted) =========
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-09-15 03:31 - 2018-09-15 03:31 - 000000824 _____ C:\windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2161562956-2876439724-661099721-1002\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 10.197.42.70
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{145C1202-94AA-4DE6-A1E1-F1F01E47E7FF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16040.10730.20103.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D414D89D-335A-4DA8-BE96-DC9E27FCB5D6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E56CA0A5-2878-4757-BE18-A9109AEDDF13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{23A3FF08-9E68-4D61-9F8D-7FBC1020CF34}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11727.20230.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
06-07-2019 23:39:57 Windows Modules Installer
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/09/2019 08:35:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SolutionFinder.exe, version: 1.1.0.1, time stamp: 0x5c876eba
Faulting module name: KERNELBASE.dll, version: 10.0.17763.134, time stamp: 0xc30ded87
Exception code: 0xe0434352
Fault offset: 0x0011ab32
Faulting process id: 0x1d7c
Faulting application start time: 0x01d536b74f351c52
Faulting application path: C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.5.192.0_x64__v10z8vjag6ke6\www\HPSF\Modules\SolutionFinder.exe
Faulting module path: C:\windows\System32\KERNELBASE.dll
Report Id: b915d7b4-8c20-4873-9752-43a00f411e74
Faulting package full name:
Faulting package-relative application ID:
Error: (07/09/2019 08:35:02 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: SolutionFinder.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
at System.Collections.Generic.List`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].InsertRange(Int32, System.Collections.Generic.IEnumerable`1<System.__Canon>)
at SolutionFinder.Program.GetMessages(System.String, System.String, System.String, System.String)
at SolutionFinder.Program.Main(System.String[])
Error: (07/09/2019 05:01:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SysInfoCap.exe, version: 1.7.934.0, time stamp: 0x5c12a5ca
Faulting module name: combase.dll, version: 10.0.17763.134, time stamp: 0x5f712695
Exception code: 0xc0000005
Fault offset: 0x00000000000912d5
Faulting process id: 0x754
Faulting application start time: 0x01d5360cbcf92f2b
Faulting application path: C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_44dd2c42f20b4640\x64\SysInfoCap.exe
Faulting module path: C:\windows\System32\combase.dll
Report Id: 45e7d2cb-747c-4a8b-be59-394b740ac020
Faulting package full name:
Faulting package-relative application ID:
Error: (07/09/2019 12:12:19 AM) (Source: EventSystem) (EventID: 4622) (User: )
Description: The COM+ Event System could not marshal the subscriber for subscription {46D5EC70-A1F6-489F-81ED-006C2477C49F}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005.
Error: (07/08/2019 11:28:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.5.35.12, time stamp: 0x5b923623
Faulting module name: ntdll.dll, version: 10.0.17763.194, time stamp: 0xe8b54827
Exception code: 0xc0000005
Fault offset: 0x00000000000239e1
Faulting process id: 0x29e8
Faulting application start time: 0x01d535c8eb3c412e
Faulting application path: C:\windows\System32\SynTPEnh.exe
Faulting module path: C:\windows\SYSTEM32\ntdll.dll
Report Id: d7a81500-5378-4005-a32f-b2c33648de51
Faulting package full name:
Faulting package-relative application ID:
Error: (07/08/2019 09:37:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 3a58
Start Time: 01d535eb99c7fd1a
Termination Time: 29
Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe
Report Id: 3b28b5ef-80cf-48c8-8311-790a49039bfd
Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Hang type: Cross-thread
Error: (07/08/2019 09:36:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MicrosoftEdgeCP.exe version 11.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 3f30
Start Time: 01d535ebab6ce3fa
Termination Time: 26
Application Path: C:\Windows\System32\MicrosoftEdgeCP.exe
Report Id: 4a07fc98-fc36-419e-a254-4f487b4f6862
Faulting package full name: Microsoft.MicrosoftEdge_44.17763.1.0_neutral__8wekyb3d8bbwe
Faulting package-relative application ID: MicrosoftEdge
Hang type: Unknown
Error: (07/06/2019 05:33:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SystemSettings.exe version 10.0.17763.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2a4c
Start Time: 01d534425da8cf7d
Termination Time: 4294967295
Application Path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Report Id: 952266b8-4b9c-4032-93d7-717378f23de9
Faulting package full name: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Hang type: Cross-process
System errors:
=============
Error: (07/09/2019 08:34:27 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : The embedded controller (EC) did not respond within the specified timeout period. This may indicate that there is an error in the EC hardware or firmware or that the BIOS is accessing the EC incorrectly. You should check with your computer manufacturer for an upgraded BIOS. In some situations, this error may cause the computer to function incorrectly.
Error: (07/09/2019 06:14:10 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 06:14:10 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 06:02:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 06:02:46 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 05:59:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 05:59:32 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/09/2019 05:53:14 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-VBJ4OFN0)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user LAPTOP-VBJ4OFN0\User SID (S-1-5-21-2161562956-2876439724-661099721-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2019-07-06 16:54:53.499
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\SYSTEM.SAV\util\HpseuHostLauncher.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.
Date: 2019-07-06 16:54:53.495
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\SYSTEM.SAV\util\HpseuHostLauncher.exe that did not meet the Enterprise signing level requirements.
Date: 2019-07-06 16:54:53.242
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.
Date: 2019-07-06 16:54:53.222
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\explorer.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Realtek\PCIE Wireless LAN\RtlS5Wake\RtlS5Wake.exe that did not meet the Enterprise signing level requirements.
Date: 2019-07-06 16:52:54.793
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\runonce.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wscript.exe that did not meet the Enterprise signing level requirements or violated code integrity policy.
Date: 2019-07-06 16:52:54.791
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\runonce.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\wscript.exe that did not meet the Enterprise signing level requirements.
Date: 2019-07-06 23:38:59.729
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_f12ec4c7b95b11b9\x64\OpenHardwareMonitorLib.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde F.17 01/16/2019
Motherboard: HP 863C
Processor: AMD A6-9225 RADEON R4, 5 COMPUTE CORES 2C+3G
Percentage of memory in use: 70%
Total physical RAM: 3981.68 MB
Available physical RAM: 1156.14 MB
Total Virtual: 5993.45 MB
Available Virtual: 2003.67 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:930.28 GB) (Free:901.01 GB) NTFS
\\?\Volume{6fbc505c-c42f-44ae-a4b7-3ee16e0447cf}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.57 GB) NTFS
\\?\Volume{d5481b04-9611-4a64-aa57-3c65702cb71f}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: DCA9B95F)
Partition: GPT.
==================== End of Addition.txt ============================