Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2022 02 Ran by jcpow (31-10-2022 15:38:47) Running from C:\Users\jcpow.DESKTOP-M8HV5LP\Desktop Microsoft Windows 11 Home Version 21H2 22000.1098 (X64) (2021-11-21 01:29:22) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= (If an entry is included in the fixlist, it will be removed.) Administrator (S-1-5-21-3714477290-3168749888-1815816112-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3714477290-3168749888-1815816112-503 - Limited - Disabled) Guest (S-1-5-21-3714477290-3168749888-1815816112-501 - Limited - Disabled) hornt (S-1-5-21-3714477290-3168749888-1815816112-1013 - Limited - Disabled) jcpow (S-1-5-21-3714477290-3168749888-1815816112-1010 - Administrator - Enabled) => C:\Users\jcpow.DESKTOP-M8HV5LP lynnh (S-1-5-21-3714477290-3168749888-1815816112-1001 - Limited - Enabled) => C:\Users\lynnh WDAGUtilityAccount (S-1-5-21-3714477290-3168749888-1815816112-504 - Limited - Disabled) zombi (S-1-5-21-3714477290-3168749888-1815816112-1002 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.) HP Audio Switch (HKLM-x32\...\{3A5141D4-47DB-4302-9B1C-272BE585BC8A}) (Version: 1.0.179.0 - HP Inc.) HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.17.0 - HP Inc.) HP CoolSense (HKLM-x32\...\{10F0BF3E-DBDB-422A-8C12-B4D46711D7C8}) (Version: 2.22.2 - HP Inc.) HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.) HP ePrint SW (HKLM\...\{16311D0B-D57C-46F8-AE64-9D4D44227271}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{4C246A91-6BAE-450E-BDEA-70D01663DF43}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{78525DEA-1E62-429B-9CA4-A78F899A9F29}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM\...\{B2CFD444-5088-4ECC-A1F1-28620C082C36}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM-x32\...\{3D00C669-D447-4A04-AFDA-25E9E76E7873}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM-x32\...\{59649835-21FD-4523-9AB0-9E67ED77F0CA}) (Version: 5.5.22560 - HP Inc.) Hidden HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.) HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.) HP JumpStart Bridge (HKLM-x32\...\{3FC961DB-BD36-4D8D-B276-0C456A2BB638}) (Version: 1.4.0.441 - HP Inc.) HP JumpStart Launch (HKLM-x32\...\{F213102E-FD30-4E22-AF73-4C682D65FFEE}) (Version: 1.4.441.0 - HP Inc.) HP LaserJet M14-M17 Basic Device Software (HKLM\...\{DBD3A5B4-0A41-4C1B-A3EE-DA05AA5D5D70}) (Version: 46.2.2636.18185 - HP Inc.) HP LaserJet M14-M17 Help (HKLM-x32\...\{860F83D4-E1ED-425C-9A5F-C07867AE1EC5}) (Version: 0.00.0005 - HP) HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - ) HP LaserJet Professional M1210 MFP Series Fax Installer (HKLM\...\{E94AE378-725A-41FF-BA24-397469D27FC8}) (Version: 1.3.0 - HP) HP LaserJet Professional M1210 MFP Series Toolbox (HKLM\...\{F958F851-8DBE-420C-9D37-5ECBB6C61148}) (Version: 1.0.17 - Hewlett-Packard) HP LaserJet Toolbox (HKLM\...\{2E8A793D-E275-46A2-BAB3-35FB95ACED57}) (Version: 3.0.0 - Hewlett-Packard) HP PC Hardware Diagnostics Windows (HKLM-x32\...\{ECCFEFB0-A6EB-4BB3-9C9D-690370ED0C6D}) (Version: 1.7.0.0 - HP Inc.) HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1511 - HP) Hidden HP Registration Service (HKLM-x32\...\{4E097B06-83A0-4CDD-A9DB-22F0744FE16A}) (Version: 1.0.0.43 - HP Inc.) Hidden HP System Event Utility (HKLM-x32\...\{5D308D1F-E37B-431A-8D35-67D16287467D}) (Version: 1.4.28 - HP Inc.) HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB79}) (Version: 1.0.15.0 - Hewlett Packard) Intel(R) Chipset Device Software (HKLM\...\{7FB35D08-C75C-4A18-B593-1D7C3E8970AD}) (Version: 10.1.1.45 - Intel Corporation) Hidden Intel(R) Chipset Device Software (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10208.5644 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1061 - Intel Corporation) Intel(R) Management Engine Components (HKLM\...\{5E21AB91-2EF8-4E8A-BA33-515E667CDC4B}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{EB67ED3E-E5CA-4F35-8D2D-F0EF10802DBF}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) Management Engine Driver (HKLM\...\{42625EDB-9CF1-421C-8540-0E66F1402DEC}) (Version: 1.0.0.0 - Intel Corporation) Hidden Intel(R) ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4973 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 16.0.2.1086 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{64A94A93-B0C4-4B16-8CDC-FDB06E8CC306}) (Version: 16.0.2.1086 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1725.1 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{FBC819D6-78B6-49AB-931E-3D127D43BE64}) (Version: 30.100.1725.1 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x64 (HKLM\...\{C9552825-7BF2-4344-BA91-D3CD46F4C442}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Trusted Connect Services Client (HKLM-x32\...\{66129f84-d3f0-4884-ac54-369ae6fc2cf6}) (Version: 1.48.197.0 - Intel Corporation) Hidden Intel(R) Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 2.2.1.31 - Intel Corporation) Intel® Integrated Sensor Solution (HKLM-x32\...\{cdb3fee9-918a-4ccd-8eec-b6f766e1d5ad}) (Version: 3.10.100.3524 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{EF71AFFB-85B5-407C-A301-39EA25F98313}) (Version: 20.90.0.2270 - Intel Corporation) Hidden ISS_Drivers_x64 (HKLM\...\{93073382-D2C1-4CDC-AA1D-DED948E35C1D}) (Version: 3.10.100.3524 - Intel Corporation) Hidden Malwarebytes version 4.5.14.210 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.14.210 - Malwarebytes) MediaMonkey 5 (HKLM-x32\...\MediaMonkey 5_is1) (Version: 5 - Ventis Media Inc.) Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 107.0.1418.26 - Microsoft Corporation) Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 107.0.1418.24 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (HKLM\...\{90140000-002A-0000-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (HKLM\...\{90140000-002A-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (HKLM\...\{90140000-0116-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2010 (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation) Microsoft VC++ redistributables repacked. (HKLM\...\{ED4D7D2E-A64D-4C3A-A8B9-B27CE153A2A6}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft VC++ redistributables repacked. (HKLM-x32\...\{599ED608-BADF-4C3D-9172-EA5E06386EF6}) (Version: 12.0.0.0 - Intel Corporation) Hidden Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.23506 (HKLM\...\{B0B194F8-E0CE-33FE-AA11-636428A4B73D}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.23506 (HKLM\...\{A1C31BA5-5438-3A07-9EEE-A5FB2D0FDE36}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23506 (HKLM-x32\...\{1045AB6F-6151-3634-8C2C-EE308AA1A6A7}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23506 (HKLM-x32\...\{65AD78AD-D23D-3A1E-9305-3AE65CD522C2}) (Version: 14.0.23506 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}) (Version: 10.0.50908 - Microsoft Corporation) Hidden Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 102.0.1 (x64 en-US)) (Version: 102.0.1 - Mozilla) Product Improvement Study for HP LaserJet M14-M17 (HKLM\...\{44899623-FEB7-4FE2-BC7C-3D22C2F4D84C}) (Version: 46.2.2636.18185 - HP Inc.) Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 1.0.1 - HP) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0015-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{E4D76E88-C65F-4003-9C71-EC4306679D17}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0409-1000-0000000FF1CE}_Office14.SingleImage_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.SingleImage_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.SingleImage_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0116-0409-1000-0000000FF1CE}_Office14.SingleImage_{03AE1408-7BF1-4AC6-A327-E32E7799BCE4}) (Version: - Microsoft) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0117-0409-0000-0000000FF1CE}_Office14.SingleImage_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version: - Microsoft) Hidden Synaptics WBF FP Reader (HKLM\...\{CEE492C3-6673-44AB-827B-1F2412EDE8B1}) (Version: 5.5.5.1093 - Synaptics Incorporated) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden USB Storage Driver (HKLM-x32\...\GENEUIDE) (Version: - ) Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden Windows PC Health Check (HKLM\...\{014B7442-C784-45D3-A152-F7D2C651F28A}) (Version: 3.3.2110.22002 - Microsoft Corporation) Windows PC Health Check (HKLM\...\{77ACFAF7-E5AB-410D-BA14-BBEBF89422DE}) (Version: 3.1.2109.29003 - Microsoft Corporation) Zoom (HKU\S-1-5-21-3714477290-3168749888-1815816112-1001\...\ZoomUMX) (Version: 5.0 - Zoom Video Communications, Inc.) Packages: ========= HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_1.5.189.0_x64__dt26b99r8h8gj [2021-10-25] (Realtek Semiconductor Corp) HP Impreza Pen -> C:\Program Files\WindowsApps\9FDF1AF1.HPImprezaPen_1.1.12.0_x64__g70az3e2cx9m2 [2021-10-25] (ELAN MICROELECTRONICS CORP.) [Startup Task] HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.4.481.0_x86__v10z8vjag6ke6 [2021-10-25] (HP Inc.) HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_139.2.289.0_x64__v10z8vjag6ke6 [2022-09-23] (HP Inc.) HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.20.22.0_x64__v10z8vjag6ke6 [2022-08-25] (HP Inc.) Hulu -> C:\Program Files\WindowsApps\HULULLC.HULUPLUS_3.11.0.0_neutral__fphbd361v8tya [2022-10-30] (Hulu.) LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2021-10-25] (LinkedIn) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1650.17.91.0_x64__8xx8rvfyw5nnt [2022-10-25] (Meta) [Startup Task] Microsoft Office Desktop Apps -> C:\Program Files\WindowsApps\Microsoft.Office.Desktop_16051.15629.20208.0_x86__8wekyb3d8bbwe [2022-10-17] (Microsoft Corporation) Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.14.9130.0_x64__8wekyb3d8bbwe [2022-09-22] (Microsoft Studios) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-17] (Netflix, Inc.) Photos Media Engine Add-on -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-11-18] (Microsoft Corporation) Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_10.3.2.0_x64__crhqpqs3x1ygc [2022-09-23] (PicsArt Inc.) Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.14.0_x64__kx24dqmazqk8j [2022-10-25] (Random Salad Games LLC) Synaptics TouchPad -> C:\Program Files\WindowsApps\SynapticsIncorporated.SynHPConsumerDApp_19005.35054.0.0_x64__807d65c4rvak2 [2021-10-25] (Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-04] (Malwarebytes Inc. -> Malwarebytes) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\igfxDTCM.dll [2019-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-08-04] (Malwarebytes Inc. -> Malwarebytes) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== ==================== Loaded Modules (Whitelisted) ============= 2022-10-17 10:52 - 2022-10-17 10:52 - 000160768 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\fc6ac8965ba7cee33366c38755d79bf8\BRIDGECommon.ni.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 000125440 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\331b7324ff456a5c388e8460c9fe34ed\BridgeExtension.ni.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 000395264 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\4a2d6bcaba8ddabdc824432fac6b4248\CleanStartController.ni.dll 2022-06-18 16:12 - 2022-06-18 16:12 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\4a3769626565d5b38994a350ecd077f7\Interop.IWshRuntimeLibrary.ni.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 000079872 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\ee83aa2dd4bf9989ac99753b5a9a7b43\NativeInterop.ni.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 000145920 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Registratio4eabc192#\c23baa430d172714709a082a0b7bf250\RegistrationUtilities.ni.dll 2018-11-24 19:10 - 2012-09-29 14:53 - 001038336 _____ () [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\HPM1210GC.dll 2018-11-24 19:10 - 2012-09-29 14:26 - 003120128 _____ () [File not signed] C:\WINDOWS\system32\spool\DRIVERS\x64\3\hpm1210su.dll 2022-10-17 10:54 - 2022-10-17 10:54 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\51e9bd2ef5693c2164811f235f7ff1ca\Hardcodet.Wpf.TaskbarNotification.ni.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 000136192 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CommonPortable\c9fb33a771b219bcf73215d837da4dc8\CommonPortable.ni.dll 2022-10-17 10:54 - 2022-10-17 10:54 - 001701888 _____ (Mark Heath & Contributors) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\b574476cdce2db9363357f18ee752420\NAudio.ni.dll 2010-01-28 17:10 - 2010-01-28 17:10 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll 2022-10-17 10:53 - 2022-10-17 10:53 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\12df1fd62d7155c23bc93bfc7f7cf02d\Newtonsoft.Json.ni.dll 2022-10-17 10:54 - 2022-10-17 10:54 - 003060736 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\2d7c28c9ead3a0d577354903881cda6a\Newtonsoft.Json.ni.dll 2009-10-16 14:27 - 2009-10-16 14:27 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll 2022-10-17 10:54 - 2022-10-17 10:54 - 000793088 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\95e25220dc1a2a592f7cb934c6a219dc\log4net.ni.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer (Whitelisted) ========== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-3714477290-3168749888-1815816112-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3714477290-3168749888-1815816112-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-3714477290-3168749888-1815816112-1010\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE HKU\S-1-5-21-3714477290-3168749888-1815816112-1010\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2022-08-17] (HP Inc. -> HP Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2022-08-17] (HP Inc. -> HP Inc.) ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2018-04-11 18:38 - 2018-04-11 18:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2019-09-07 09:10 - 2019-09-07 09:10 - 000000443 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.1 DESKTOP-M8HV5LP.mshome.net # 2024 9 4 5 14 10 34 734 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\ HKU\S-1-5-21-3714477290-3168749888-1815816112-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg HKU\S-1-5-21-3714477290-3168749888-1815816112-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\jcpow.DESKTOP-M8HV5LP\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 10.111.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C5BEB145-A71B-4451-8B3A-E47A8DA6F0E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{A5DD9E50-25EF-43F4-905F-017846697DC1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\amd64\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2491E2E9-2F65-422A-AF34-E07A6CE6FFC9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{AEDAD5F2-5A28-4B49-91AA-1E734DA07BBE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2111.9001.0_neutral__8wekyb3d8bbwe\x86\EngHost.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{571DE5A5-51BD-4AF7-A17C-5B0FFAE6B405}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{7EB53DFB-3CAA-4329-822D-B2379B56AB21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{44185EF5-CA23-494C-A1C7-19B55857E517}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{A550D1BD-E1BB-4911-B2F1-283807BAEC20}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.77.97.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File FirewallRules: [{5BB3BF92-BE41-437F-83D0-8433FDE0BA9F}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{72CB7147-DE7F-4D76-8D0D-5FE6BDE65CD2}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{B4BC1A6C-D341-4031-BF25-69BCC48EF972}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS40A5\HPDiagnosticCoreUI.exe => No File FirewallRules: [{36B016B4-6318-4FCD-AE30-A489B6750FED}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS40A5\HPDiagnosticCoreUI.exe => No File FirewallRules: [{C124F1F7-4FF9-4D5B-90A2-71CCCD72EBDF}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS5879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{7577FC24-5C3E-4D38-9EE3-26FDD44D8196}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS5879\HPDiagnosticCoreUI.exe => No File FirewallRules: [{59EBBBB8-D947-4494-8020-302F5CB2741F}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS64AB\HPDiagnosticCoreUI.exe => No File FirewallRules: [{BFBD63B3-0208-4489-AD77-E260B491B492}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS64AB\HPDiagnosticCoreUI.exe => No File FirewallRules: [{FE2573B5-8E17-4154-ABB5-4849D112DB9D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> ) FirewallRules: [{08805923-45E2-451A-A786-192650C8BE0E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{8A078114-4BF6-40C9-A3E5-52C5E5D63B0D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{F46C0280-278C-4911-B6FF-FC1B8DB52B8D}] => (Allow) LPort=161 FirewallRules: [{F6328A4E-9769-431E-BA72-3FA30058A5E0}] => (Allow) LPort=427 FirewallRules: [{50360D75-C3EC-4763-88E2-697AF08AD0E4}] => (Allow) LPort=9100 FirewallRules: [{54C6E86E-A197-4A81-92E0-DEAF5199DA6E}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS183F\EasyInst64.exe => No File FirewallRules: [{204F9343-EE4F-4634-BB20-62ADA967895D}] => (Allow) C:\Users\lynnh\AppData\Local\Temp\7zS183F\EasyInst64.exe => No File FirewallRules: [{C249B94C-B0D5-44C8-9FF0-1B3D3016294F}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe => No File FirewallRules: [{319631E8-A64B-49CD-BD61-D7BEB6A489E9}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe => No File FirewallRules: [{74863AD4-48CD-4BB7-843E-F1ED23CD2C12}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16010.9126.2116.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe => No File FirewallRules: [TCP Query User{4FB77D83-9EF3-4111-B380-34A5197FE039}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [UDP Query User{FA64690A-14D7-406E-BE07-2590DEBECE25}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4FCA66BA-625B-4180-B7BC-901498D7AE0B}] => (Allow) C:\Program Files\HP\HP LaserJet M14-M17\bin\EWSProxy.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{37FCD950-4A0D-4DDF-9212-2399E40F8BF0}] => (Allow) C:\Program Files\HP\HP LaserJet M14-M17\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{D78C38A3-4552-4DDF-BCAB-6A52D3139CB0}] => (Allow) LPort=5357 FirewallRules: [{FFED7DCF-646B-4AD5-90B6-DA24A60CCA8D}] => (Allow) C:\Program Files\HP\HP LaserJet M14-M17\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.) FirewallRules: [{1ACB576E-621D-47CE-905F-AC59D84EFAA0}] => (Allow) C:\Users\lynnh\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.) FirewallRules: [{2EC80453-E83A-4942-A6D4-5D0979E8BED9}] => (Allow) C:\Users\lynnh\AppData\Roaming\Zoom\bin\airhost.exe => No File FirewallRules: [{45F17CEA-8B75-4F5B-9990-2811AB5C1843}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [{8701460B-7B53-4940-ABB4-6CB9C995D642}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [{8ED4A52C-ADFA-46F6-B73B-2C271B4D7193}] => (Allow) C:\Program Files (x86)\MediaMonkey 5\MediaMonkeyEngine.exe (Ventis Media, Inc. -> Ventis Media Inc.) FirewallRules: [{5999E8F1-FD4B-4D98-BFD2-0363DC27B894}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{F8BB7D9B-6FB7-4932-821F-0831128A8FB5}] => (Allow) C:\Program Files (x86)\HP\Diagnostics\PSDR\SoftPaq\Binaries\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{CE3B7F47-EAF7-4A39-AAA8-EAAE34152EDB}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{F485DFEA-9151-41DB-9EA4-466A3681C459}] => (Allow) C:\hp\Diagnostics\PSDR\HPDiagnosticCoreUI.exe (HP Inc. -> HP Development Company, L.P.) FirewallRules: [{D3211B04-781B-4311-9685-16F81AA97D40}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{F3EC768D-2F4B-4E3D-A97E-7F6903C514ED}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{4B3FC29D-E167-494B-B374-F912153AAB66}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{B0F388D2-550A-4F6E-9F80-376AADC02AEF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{113515F6-241D-46A2-8BB8-D7BF299D990C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D8D0A460-28E5-4F49-83A3-B880D9B6F48D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22273.905.1632.1008_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D548B989-DC7F-4160-9172-3F8B3757E47C}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\107.0.1418.24\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) ==================== Restore Points ========================= 25-10-2022 12:11:58 Startup Restore Point 27-10-2022 16:41:53 Startup Restore Point 29-10-2022 17:46:59 Startup Restore Point ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (10/29/2022 05:47:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dwm.exe, version: 10.0.22000.1, time stamp: 0x7cbe2305 Faulting module name: ism.dll, version: 10.0.22000.1098, time stamp: 0x4a6b2dbf Exception code: 0xc000041d Fault offset: 0x0000000000017586 Faulting process id: 0x5fc Faulting application start time: 0x01d8ebe856b70541 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\SYSTEM32\ism.dll Report Id: 6d0765c6-6c7e-4017-8d94-8b23300f4695 Faulting package full name: Faulting package-relative application ID: Error: (10/29/2022 05:46:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dwm.exe, version: 10.0.22000.1, time stamp: 0x7cbe2305 Faulting module name: ism.dll, version: 10.0.22000.1098, time stamp: 0x4a6b2dbf Exception code: 0xc0000005 Fault offset: 0x0000000000017586 Faulting process id: 0x5fc Faulting application start time: 0x01d8ebe856b70541 Faulting application path: C:\WINDOWS\system32\dwm.exe Faulting module path: C:\WINDOWS\SYSTEM32\ism.dll Report Id: 7cbe0e18-dd23-45db-b26a-07887ee7c37c Faulting package full name: Faulting package-relative application ID: Error: (10/27/2022 05:02:40 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (10/27/2022 05:02:40 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x8007045b, A system shutdown is in progress. . Error: (10/27/2022 05:02:40 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (10/25/2022 11:50:51 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: spoolsv.exe, version: 10.0.22000.1042, time stamp: 0xdc09892d Faulting module name: HPM1210LM.DLL, version: 2009.1120.1.13810, time stamp: 0x4b062c75 Exception code: 0xc0000005 Fault offset: 0x0000000000002370 Faulting process id: 0x2c0c Faulting application start time: 0x01d8e891e3aacf41 Faulting application path: C:\WINDOWS\System32\spoolsv.exe Faulting module path: C:\WINDOWS\System32\HPM1210LM.DLL Report Id: 261174d1-df1c-40db-b859-493d779f8213 Faulting package full name: Faulting package-relative application ID: Error: (10/25/2022 09:36:28 AM) (Source: Firefox Default Browser Agent) (EventID: 12007) (User: ) Description: Event-ID 12007 Error: (10/25/2022 09:36:28 AM) (Source: Firefox Default Browser Agent) (EventID: 0) (User: ) Description: Event-ID 0 System errors: ============= Error: (10/31/2022 03:17:18 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E0FF2BCA-6B6A-47D4-BE9A-3A0AB6C415E3} because another computer on the network has the same name. The server could not start. Error: (10/31/2022 03:09:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-M8HV5LP) Description: The server {8CFC164F-4BE5-4FDD-94E9-E2AF73ED4A19} did not register with DCOM within the required timeout. Error: (10/31/2022 03:08:05 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E0FF2BCA-6B6A-47D4-BE9A-3A0AB6C415E3} because another computer on the network has the same name. The server could not start. Error: (10/30/2022 05:23:38 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E0FF2BCA-6B6A-47D4-BE9A-3A0AB6C415E3} because another computer on the network has the same name. The server could not start. Error: (10/30/2022 05:23:35 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{10A4B16E-31A7-4D3F-8B0B-8AC77D12A0B1} because another computer on the network has the same name. The server could not start. Error: (10/30/2022 04:50:35 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E0FF2BCA-6B6A-47D4-BE9A-3A0AB6C415E3} because another computer on the network has the same name. The server could not start. Error: (10/30/2022 04:50:32 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{10A4B16E-31A7-4D3F-8B0B-8AC77D12A0B1} because another computer on the network has the same name. The server could not start. Error: (10/30/2022 03:59:25 PM) (Source: Server) (EventID: 2505) (User: ) Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E0FF2BCA-6B6A-47D4-BE9A-3A0AB6C415E3} because another computer on the network has the same name. The server could not start. Windows Defender: ================ Date: 2022-10-27 16:32:46 Description: Microsoft Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=PUA:Win32/Presenoker&threatid=242420&enterprise=0 Name: PUA:Win32/Presenoker Severity: Low Category: Potentially Unwanted Software Path: file:_D:\v9.1\解霸_v9.1.exe Detection Origin: Local machine Detection Type: FastPath Detection Source: Real-Time Protection Process Name: C:\Windows\explorer.exe Security intelligence Version: AV: 1.377.889.0, AS: 1.377.889.0, NIS: 1.377.889.0 Engine Version: AM: 1.1.19700.3, NIS: 1.1.19700.3 Date: 2022-10-27 16:16:21 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-10-25 11:31:38 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-10-20 15:10:11 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2022-10-18 11:36:21 Description: Microsoft Defender Antivirus scan has been stopped before completion. Scan Type: Antimalware Scan Parameters: Quick Scan Event[0] Date: 2022-07-16 12:31:25 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.371.60.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.19400.3 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2022-05-18 16:10:45 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.363.2053.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.19200.5 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2022-05-16 19:42:54 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.363.2053.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.19200.5 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2022-03-12 17:17:19 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.359.1623.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18900.3 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Date: 2022-03-10 16:36:27 Description: Microsoft Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.359.1623.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.18900.3 Error code: 0x80240016 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =============== Date: 2022-10-31 15:11:23 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_1c41cc68747d972b\igd10iumd64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2022-10-30 12:35:33 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2209.7-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== BIOS: Insyde F.38 07/30/2021 Motherboard: HP 8486 Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz Percentage of memory in use: 55% Total physical RAM: 8026.16 MB Available physical RAM: 3566.94 MB Total Virtual: 9306.16 MB Available Virtual: 4661.13 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:66.25 GB) (Model: SAMSUNG MZNLN128HAHQ-000H1) NTFS \\?\Volume{0c0895b5-5c7e-4625-ba7e-281fca1da99b}\ (Windows RE tools) (Fixed) (Total:0.96 GB) (Free:0.38 GB) NTFS \\?\Volume{25542d50-26a3-44ff-afae-41867286fe1d}\ () (Fixed) (Total:0.25 GB) (Free:0.18 GB) FAT32 ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (Size: 119.2 GB) (Disk ID: A50E1C7D) Partition: GPT. ==================== End of Addition.txt =======================