Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I need to completely remove McAfee from my laptop then use a free anti

Started by DanielJacksonSG1 , Jun 13 2025 04:55 PM

  • Please log in to reply

#16
DR M
Posted Yesterday, 01:38 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,449 posts

Excellent, Daniel!

 

Is there any other issue/question/concern regarding this computer? 


  • 0

Advertisements

#17
DanielJacksonSG1
Posted Yesterday, 01:22 PM

DanielJacksonSG1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts
Yes. I get at least one message every 6 days or so from iolo.com. Iolo is advising me that my Registry is getting corrupted and how I need to download Iolo to fix it.

https://www.reddit.c...ucts_from_iolo/
  • 0

#18
DR M
Posted Today, 12:20 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,449 posts

OK, it's time to check fresh FRST logs.

 

Run the tool, as you did before, and attach the 2 logs (Addition and FRST). 

 

(To attach the files, click on the More Reply Options at the bottom right of the reply area, and then choose Attach File)

 

In case you get the warning by Iolo, please take a photo (or screenshot) and attach it in your next reply.


  • 0

#19
DanielJacksonSG1
Posted Today, 01:27 AM

DanielJacksonSG1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Well I ran FRST but tried and tried and tried and tried to attach the files but it just would not work.


  • 0

#20
DR M
Posted Today, 01:50 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,449 posts

You can copy and paste them then.

 

But why can't you attach them? Are you getting any errors?


  • 0

#21
DanielJacksonSG1
Posted Today, 05:59 PM

DanielJacksonSG1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

When I tried to attach them, the interface said no files had been selected.

 

 

FRST.txt

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-07-2025
Ran by ebber (administrator) on KBENEBBERLY (HP HP ENVY Laptop 17-cr1xxx) (05-07-2025 01:55:26)
Running from C:\Users\ebber\OneDrive\Desktop\FRST64.exe
Loaded Profiles: ebber
Platform: Microsoft Windows 11 Home Version 24H2 26100.4484 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(BF1EBE36-CE63-490E-9764-7C90171096C0 -> Portrait Displays, Inc.) C:\Program Files\WindowsApps\PortraitDisplays.HPDisplayControl_4.9.25.0_x64__2dgmkzkw4h30c\win32\DisplayControl.exe
(C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe ->) (Portrait Displays, Inc. -> Portrait Displays) C:\Program Files\Portrait Displays\HP Display Control Service\CTHelper.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.40.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.40.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\crashpad_handler.exe
(DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointGpuInfo.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.40.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Users\ebber\AppData\Local\Temp\bwp2924e372-2c15-4632-8e4c-38ac6c56fe9f\UnInstDaemon.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Wisdom Software Inc. -> Wisdom Software Inc.) C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe
(Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2025.11040.23001.0_x64__8wekyb3d8bbwe\Photos.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25153.1010.3727.5483_x64__8wekyb3d8bbwe\ms-teams.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3de31b09a0024837\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3befaa646f991169\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d00a882b6000b511\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Portrait Displays, Inc. -> HP Inc.) C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_46.52524.4209.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\Win32Process\HPCC.Bg.BackgroundApp.exe
(sihost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2505.23002.0_x64__8wekyb3d8bbwe\MicrosoftSecurityApp\MicrosoftSecurityApp.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWallpaper_1.1.416.0_x86__8wekyb3d8bbwe\BingWallpaper.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25061.25.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2526.2.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_46.52524.4209.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\HpSystemManagement.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.DesktopAppInstaller_1.26.400.0_x64__8wekyb3d8bbwe\WindowsPackageManagerServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ebber\AppData\Local\Microsoft\OneDrive\25.105.0601.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (VS REVO GROUP OOD -> VS Revo Group Ltd.) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe [1971496 2024-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [MicrosoftEdgeAutoLaunch_250CBDCFE7A16A0711E03CEAFFB8F27D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4113464 2025-07-01] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [ScreenHunter 7 Free] => C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe [35355360 2023-01-30] (Wisdom Software Inc. -> Wisdom Software Inc.)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [BingWallpaperDaemon] => C:\Users\ebber\AppData\Local\Temp\bwp2924e372-2c15-4632-8e4c-38ac6c56fe9f\UnInstDaemon.exe [51256 2025-07-01] (Microsoft Corporation -> Microsoft Corp.) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #5] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\windows\system32\pxcpmL.dll [840024 2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\138.0.7204.97\Installer\chrmstp.exe [2025-06-30] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\138.1.80.115\Installer\chrmstp.exe [2025-07-01] (Brave Software, Inc. -> Brave Software, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {75100218-8908-472D-8733-A87F27B41719} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{8F703643-4FF8-47FE-B994-D8C83F222E6A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {F1A645B1-C505-4FA9-BFB5-7FB13B0337A1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{1B25F4C3-C003-4697-ADE3-DC3C7DA38D02} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A7E7E491-9208-4AB0-B881-DF8372507A61} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{1559089A-7DD1-494A-BCAE-4C00F5586A59} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {86C58079-973F-49A8-A84C-B585C904847E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{CA2A62C3-23A4-4D83-871D-75FB1E662CF0} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {08E626D2-CA20-4977-97EF-45C137954578} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-06-19] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {A48115E6-D91F-4C2A-BE9E-2DB0D3ED1171} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [480264 2025-06-19] (HP Inc. -> HP Inc.)
Task: {68504BF1-9966-4BBA-A284-CB8A55ABAD91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1174536 2025-06-19] (HP Inc. -> HP Inc.)
Task: {604B3123-09C7-4960-80F5-D80B9A49A1C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1174536 2025-06-19] (HP Inc. -> HP Inc.)
Task: {B0191D3C-7DAC-43B1-857A-77CB669A59B9} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2025-06-27] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {476A3BF9-C894-4402-83C1-07146AE0DFB8} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{20A9EF5E-995B-4CA0-B028-79FBDCD99773}\HPOneAgent.exe [1169752 2025-07-04] (HP Inc. -> HP Inc; HP Development Company, L.P.)
Task: {B54F3794-BD5A-4035-8A2E-DC3A26A13CC1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28952664 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E17FB5B-53B7-4052-A9DD-BECAFD7AF14B} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [69128 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {0798B3EB-3706-4130-8CDD-DA879C062349} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28952664 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {C10C9FF7-90A9-4E81-8DA0-E56D6870F459} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {00B9CC0C-C592-4ADD-A161-556345078AC1} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {2A364FE7-48B3-47CD-BF4B-EEFD4A730795} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [225992 2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C511E62C-994A-4991-992D-757B313008C7} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF4B7E13-9524-4054-AC95-AA652B010211} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [310752 2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {844140EC-E35C-490F-B175-859B13C21AF5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {26486E04-AAE5-480A-9B7C-B2055BE06ECF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B9CB35C4-B321-46F6-8AFA-00AA1F1EA6D3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {372FBB97-56BA-4D20-811A-6C7F694DF3B7} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpCmdRun.exe [1757568 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {04BFA4D5-3962-47DA-A001-47C8E8E7756F} - System32\Tasks\Microsoft\Windows\WindowsAI\Settings\InitialConfiguration => {2886e5fb-4f01-4a89-9a0e-5d6a9c8048ac} C:\WINDOWS\system32\SettingsConfigTask.dll [200704 2025-06-27] (Microsoft Windows -> Microsoft Corporation)
Task: {55DC37A4-8F4C-4843-B0D0-CD3D67C3F4EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {379DD0EE-3F5B-4320-BF8E-F7E6D55C2B4B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F22DC5DC-4B50-4618-9926-D05A5D0404A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {00AAC600-499B-464C-A66A-833E717C7263} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {636BFAEC-20EF-41EF-96A3-14A2520A6E9A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6F2C9A6-04C8-4CFF-8DB5-8D09D32E7212} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA9E95E3-0BBD-4C19-A08B-B18F79CBAA96} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {338F16D1-C077-4F22-9FDB-74DD5B053136} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73168 2025-07-02] (HP Inc. -> HP Inc.)
Task: {81971C4D-99B8-4B7E-A9F9-6714782718AD} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73168 2025-07-02] (HP Inc. -> HP Inc.)
Task: {81725292-2995-4721-8A02-7111F8115E86} - System32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73168 2025-07-02] (HP Inc. -> HP Inc.)
Task: {B7AEFF1F-AE64-4EEE-B4AA-68D8AACF3A79} - System32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73168 2025-07-02] (HP Inc. -> HP Inc.)
Task: {3872364E-56AA-421C-9B99-2F8BD68B6543} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67536 2025-07-02] (HP Inc. -> HP Inc.)
Task: {32A7438F-4F10-475B-AE98-84156A2B0F42} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67536 2025-07-02] (HP Inc. -> HP Inc.)
Task: {90E2D82D-23A7-4053-A066-61DBCEAF4554} - System32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67536 2025-07-02] (HP Inc. -> HP Inc.)
Task: {B778ACA1-6076-4420-820E-128521C4F1A6} - System32\Tasks\OmenOverlay-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67536 2025-07-02] (HP Inc. -> HP Inc.)
Task: {CCBE387B-F788-47E9-9984-44CCA994F7FB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Users\ebber\AppData\Local\Microsoft\OneDrive\25.105.0601.0002\OneDriveLauncher.exe [684352 2025-06-27] (Microsoft Corporation -> Microsoft Corporation)
Task: {D9B65B78-1838-4FEF-83D2-4819B966CB60} - System32\Tasks\VS Revo Group\RevoHelperFreeStartup => C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUninHelper.exe [4053672 2024-12-10] (VS REVO GROUP OOD -> VS Revo Group Ltd.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}: [DhcpDomain] lan1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}\D49735075636472757D6759664969333D22374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}\D49735075636472757D6759664969333D22374: [DhcpDomain] lan1
 
Edge: 
=======
Edge Profile: C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default [2025-07-05]
Edge Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2025-03-05]
Edge Extension: (Google Docs Offline) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-11]
Edge Extension: (Edge relevant text changes) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-06-13]
Edge Extension: (Capital One Shopping: Save Now) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2025-06-27]
Edge Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lgecefcjlholabgliikbfdifhdfbfnma [2025-07-03]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
 
Chrome: 
=======
CHR Profile: C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default [2025-07-05]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://push.getbeamer.com; hxxps://truthsocial.com; hxxps://www.freelancer.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-06-11]
CHR Extension: (TweetPeek AI - Grow Twitter with Real People!) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlilfchmnodlgipheijbmpbonmlfgaml [2025-07-03]
CHR Extension: (Trust Wallet) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2025-06-27]
CHR Extension: (Supernova) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgpjbmbggplclldecdbpcmopmlbll [2024-06-14]
CHR Extension: (Google Docs Offline) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-27]
CHR Extension: (Coinbase Wallet extension) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfanknocfeofbddgcijnmhnfnkdnaad [2025-07-03]
CHR Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2025-06-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-14]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
Brave: 
=======
BRA Profile: C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-06-16]
BRA Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-06-16]
BRA Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2025-06-16]
BRA Extension: (Capital One Shopping: Save Now) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2025-06-16]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-06-16]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-06-16]
BRA Extension: (Brave NTP background images) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-06-16]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-06-16]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-06-16]
BRA Extension: (Brave NTP sponsored images) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2025-06-16]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-06-16]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-10-28]
BRA Extension: (Brave Ads Resources) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2025-06-16]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-06-16]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-06-16]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\138.1.80.115\elevation_service.exe [3186704 2025-07-01] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13725240 2025-06-20] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe [546416 2023-06-13] (Intel Corporation -> Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [2435112 2025-06-10] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\AppHelperCap.exe [930424 2025-06-19] (HP Inc. -> HP Inc.)
R2 HPDCService; C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe [375072 2022-10-31] (Portrait Displays, Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\DiagsCap.exe [928864 2025-06-19] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\NetworkCap.exe [924792 2025-06-19] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-05-01] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_1466604327697633\x64\SysInfoCap.exe [929376 2025-06-19] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe [631448 2025-03-27] (HP Inc. -> HP Inc.)
S2 Intel® Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel® Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe [531800 2023-07-25] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe [3006560 2023-12-08] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9577376 2025-07-03] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-07-03] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MpDefenderCoreService.exe [2071592 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\NisSrv.exe [4513624 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25050.5-0\MsMpEng.exe [278328 2025-06-16] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 csaudio; C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_cb776c844df61367\csaudio.sys [376728 2023-10-06] (Cirrus Logic Inc -> Windows ® Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2025-02-09] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [58952 2025-03-05] (HP Inc. -> Windows ® Win 7 DDK provider)
R3 HpSpsNotification; C:\WINDOWS\System32\DriverStore\FileRepository\hpspsnotification.inf_amd64_15be15983f897eb1\HpSpsNotification.sys [57232 2022-11-22] (HP Inc. -> HP Development Company, L.P.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_f138ad86bb3bd676\iaLPSS2_GPIO2_ADL.sys [141400 2024-02-20] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_f860ba3068379bd3\iaLPSS2_I2C_ADL.sys [211544 2024-01-01] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_f164184a7c0fc2ae\iaLPSS2_UART2_ADL.sys [319472 2024-01-01] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_6f93b7542fd3ead9\gna.sys [88656 2023-08-28] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_21b95771f6ee4839\ipf_acpi.sys [88160 2023-12-08] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_cpu.sys [85600 2023-12-08] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_lf.sys [484960 2023-12-08] (Intel Corporation -> Intel Corporation)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [330112 2025-06-16] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140688 2025-06-27] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-07-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\Drivers\farflt11.sys [241872 2025-07-03] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80960 2025-07-04] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [242752 2025-07-03] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [190136 2025-07-04] (Malwarebytes Inc -> Malwarebytes)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-06-21] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [246504 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
R3 RevoProcessDetector; C:\WINDOWS\System32\DRIVERS\RevoProcessDetector.sys [19504 2024-03-28] (Microsoft Windows Hardware Compatibility Publisher -> VS Revo Group)
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-29] (Realtek Semiconductor Corp. -> Realtek)
S3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2024-11-26] (OpenVPN Inc. -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 usb-platformdetection; C:\WINDOWS\System32\DriverStore\FileRepository\usb-platformdetection.inf_amd64_0f001fe089215073\usb-platformdetection.sys [53248 2025-06-27] (Microsoft Windows -> )
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20032 2025-06-16] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [612768 2025-06-16] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-06-16] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-07-05 01:54 - 2025-07-05 01:54 - 000000000 ___RD C:\Users\ebber\OneDrive\Desktop\FRST-OlderVersion
2025-07-04 01:23 - 2025-07-04 01:23 - 000190136 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-07-04 01:18 - 2025-07-04 01:18 - 000001435 _____ C:\Users\ebber\OneDrive\Desktop\Malwarebytes Scan Report 2025-07-03 050326.txt
2025-07-03 04:21 - 2025-07-03 04:21 - 000000000 ____D C:\Users\Default\AppData\Local\Malwarebytes
2025-07-02 23:19 - 2025-07-02 23:20 - 000000000 ____D C:\AdwCleaner
2025-07-02 23:18 - 2025-07-02 23:19 - 009566696 _____ (Malwarebytes) C:\Users\ebber\OneDrive\Desktop\AdwCleaner.exe
2025-07-02 22:56 - 2025-07-02 22:57 - 000241872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-07-02 22:55 - 2025-07-05 01:45 - 000000000 ____D C:\Users\ebber\AppData\Local\Malwarebytes
2025-07-02 22:55 - 2025-07-02 22:55 - 000002100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-07-02 22:54 - 2025-07-02 22:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-07-02 22:54 - 2025-07-02 22:54 - 000000000 ____D C:\Program Files\Malwarebytes
2025-07-02 22:52 - 2025-07-02 22:53 - 002827496 _____ (Malwarebytes) C:\Users\ebber\OneDrive\Desktop\MBSetup.exe
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary.pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (6).pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (5).pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (4).pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (3).pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (2).pdf
2025-06-28 19:47 - 2025-06-28 19:47 - 003029796 _____ C:\Users\ebber\OneDrive\Desktop\ancient_egypt_dictionary (1).pdf
2025-06-27 05:31 - 2025-06-27 05:31 - 000000000 ____D C:\WINDOWS\system32\ruxim
2025-06-27 00:35 - 2025-07-04 18:40 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-06-27 00:22 - 2025-06-27 00:22 - 005878177 _____ C:\Users\ebber\OneDrive\Desktop\27ed82c9-a18b-4d89-b1e9-c3b5378d9e8e Owned vs Rented Land.pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (9).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (8).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (7).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (6).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (5).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (4).pdf
2025-06-26 23:06 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (3).pdf
2025-06-26 23:05 - 2025-06-26 23:06 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (2).pdf
2025-06-26 23:05 - 2025-06-26 23:05 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom.pdf
2025-06-26 23:05 - 2025-06-26 23:05 - 184882257 _____ C:\Users\ebber\OneDrive\Desktop\Ancient_Egypt_Transformed_The_Middle_Kingdom (1).pdf
2025-06-26 22:53 - 2025-06-26 22:53 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (7).pdf
2025-06-26 22:53 - 2025-06-26 22:53 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (6).pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073.pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (5).pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (4).pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (3).pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (2).pdf
2025-06-26 22:52 - 2025-06-26 22:52 - 000560960 _____ C:\Users\ebber\OneDrive\Desktop\p16028coll12_14073 (1).pdf
2025-06-26 21:36 - 2025-06-26 21:36 - 000033519 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-06-26 21:36 - 2025-06-26 21:36 - 000033519 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-06-26 21:35 - 2025-06-26 21:35 - 000073956 _____ C:\WINDOWS\SysWOW64\ctac.json
2025-06-26 21:35 - 2025-06-26 21:35 - 000073956 _____ C:\WINDOWS\system32\ctac.json
2025-06-25 22:22 - 2025-06-25 22:22 - 000042466 _____ C:\Users\ebber\OneDrive\Desktop\Tips to Write a Good Essay.pdf
2025-06-25 22:16 - 2025-06-25 22:16 - 005878177 _____ C:\Users\ebber\OneDrive\Desktop\27ed82c9-a18b-4d89-b1e9-c3b5378d9e8e Owned vs rented land ebook.pdf
2025-06-18 04:12 - 2025-07-05 01:50 - 000000000 ___RD C:\Users\ebber\OneDrive\Desktop\screenshots Apr17 2025
2025-06-17 20:54 - 2025-06-17 21:09 - 000000000 ___RD C:\Users\ebber\OneDrive\Desktop\Roman
2025-06-17 20:47 - 2025-06-17 21:03 - 000000000 ___RD C:\Users\ebber\OneDrive\Desktop\Egyptian Hieroglyphs
2025-06-16 17:21 - 2025-07-03 00:17 - 000014495 _____ C:\Users\ebber\OneDrive\Desktop\Fixlog.txt
2025-06-16 04:44 - 2025-06-16 04:44 - 000006740 _____ C:\Users\ebber\AppData\LocalLow\c082cf647b6b0746ccb5a2004a30f16c4332bb28069bc7c4b5d5f45c53ee525e
2025-06-15 22:47 - 2025-06-15 22:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\VS Revo Group
2025-06-15 22:47 - 2025-06-15 22:47 - 000000000 ____D C:\Users\ebber\AppData\Local\VS Revo Group
2025-06-15 22:47 - 2025-06-15 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2025-06-15 22:47 - 2025-06-15 22:47 - 000000000 ____D C:\Program Files\VS Revo Group
2025-06-15 22:45 - 2025-06-15 22:45 - 011511496 _____ (VS Revo Group ) C:\Users\ebber\OneDrive\Desktop\revosetup.exe
2025-06-14 17:59 - 2025-06-15 23:10 - 000041148 _____ C:\Users\ebber\OneDrive\Desktop\Addition.txt
2025-06-14 17:58 - 2025-07-05 01:56 - 000043290 _____ C:\Users\ebber\OneDrive\Desktop\FRST.txt
2025-06-14 17:58 - 2025-07-05 01:55 - 000000000 ____D C:\FRST
2025-06-14 17:56 - 2025-07-05 01:54 - 002407936 _____ (Farbar) C:\Users\ebber\OneDrive\Desktop\FRST64.exe
2025-06-11 13:37 - 2025-06-11 13:37 - 000011216 _____ C:\Users\ebber\AppData\LocalLow\ccbecb1b7187d410eed62fbaf3d3604906b456a9fbf866b988b9354e7636b8cd
2025-06-11 13:37 - 2025-06-11 13:37 - 000000026 _____ C:\Users\ebber\AppData\LocalLow\cb966a040e4f47ee4eb860912631db29d96f8690dcbb1911c18735388d584fec
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-07-05 01:55 - 2024-06-14 04:16 - 000000000 ____D C:\Users\ebber\AppData\Local\OGH
2025-07-05 01:52 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-07-05 01:51 - 2024-06-14 15:31 - 000000298 _____ C:\Users\ebber\AppData\LocalLow\0d8ce0cf35aa7c7d3119ff805ea411913e9063dbbfde48d90472b24757f677cb
2025-07-05 01:50 - 2024-06-14 15:31 - 000381469 _____ C:\Users\ebber\AppData\LocalLow\d7ab55b136db7af61d358961466174c44b88e0abcf74413efc14283cf253191f
2025-07-05 01:48 - 2024-04-01 02:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-07-05 00:37 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-07-04 23:52 - 2024-06-14 04:17 - 001671301 _____ C:\Users\ebber\AppData\LocalLow\5fc18818885154e2f8f5ba65eec1eefad757bab62ecbde0aab33b042f4d9d547
2025-07-04 21:49 - 2025-02-10 17:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-07-04 18:40 - 2024-04-01 02:24 - 000000000 ____D C:\WINDOWS\INF
2025-07-04 18:23 - 2024-06-14 04:17 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\9561ed9a0b78144747fa26e4c4fd2a49defb5e38fac37da7863fcf98aeb7cb48
2025-07-04 16:34 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-07-04 16:10 - 2023-10-27 11:17 - 000000000 ____D C:\ProgramData\NVIDIA
2025-07-04 16:07 - 2025-04-13 14:12 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\4af974a5b3cbccf9299e0cf1a4759e9648b7915a15ad536112578cebabd900bc
2025-07-04 16:05 - 2025-04-13 14:12 - 000241467 _____ C:\Users\ebber\AppData\LocalLow\fed02538cf65e1ba11b1d2090b3d63048ca4335e270fb637b60c7640091dd69e
2025-07-04 16:05 - 2024-06-14 04:15 - 000093452 _____ C:\Users\ebber\AppData\LocalLow\d9ec534cb2b823c433950a0b29f3bf43af91d7e4baf3bdf47287f351b9b522df
2025-07-04 16:05 - 2024-06-13 21:51 - 000000000 ____D C:\Users\ebber\OneDrive\Desktop\ScreenHunter
2025-07-04 16:04 - 2025-04-08 22:27 - 000011216 _____ C:\Users\ebber\AppData\LocalLow\23d447464b4fc860c55866c9014cfe65cae751636972d516a4c65a579a72e8ae
2025-07-04 16:04 - 2024-06-13 18:49 - 000000000 ___RD C:\Users\ebber\OneDrive
2025-07-04 02:04 - 2024-06-14 04:54 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\aae5869fa0bec4d8d27610345766f7ef02e2889cb0620366db786ae3c9e60f86
2025-07-04 01:29 - 2025-02-10 17:47 - 000842280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-07-04 01:28 - 2024-06-14 04:54 - 000032382 _____ C:\Users\ebber\AppData\LocalLow\96b4e09f9d106d02c2df9d25efab0623acb10b2aa352982ff915d2fb958abe41
2025-07-04 01:23 - 2025-02-10 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-07-04 01:23 - 2025-02-10 17:46 - 000004234 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-07-04 01:23 - 2025-02-10 17:43 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-07-04 01:23 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-07-04 01:23 - 2022-11-02 23:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-07-04 01:22 - 2024-04-01 02:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-07-03 20:29 - 2025-02-10 17:47 - 000003842 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2025-07-03 20:29 - 2023-10-27 11:17 - 000000000 ____D C:\ProgramData\Package Cache
2025-07-03 20:28 - 2024-06-13 21:54 - 000000000 ____D C:\Users\ebber\AppData\Local\CrashDumps
2025-07-03 18:29 - 2024-06-13 18:48 - 000000000 ____D C:\Users\ebber\AppData\Local\D3DSCache
2025-07-03 15:56 - 2022-11-02 23:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-07-03 04:24 - 2024-04-01 02:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-07-03 04:23 - 2025-03-05 18:17 - 000004482 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-07-03 04:23 - 2025-03-05 18:17 - 000004422 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-07-03 04:23 - 2025-03-05 18:17 - 000004080 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-07-03 04:23 - 2025-03-05 18:17 - 000004020 _____ C:\WINDOWS\system32\Tasks\OmenOverlay-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-07-03 04:22 - 2024-06-14 04:15 - 000035813 _____ C:\Users\ebber\AppData\LocalLow\1dc6c00a8ccb1ba456966b5f470493e9b53380f303883ce5012e6c64eb5a9a36
2025-07-02 22:55 - 2024-06-13 18:39 - 000000000 ____D C:\Users\ebber\AppData\Local\Packages
2025-07-02 22:55 - 2024-04-01 02:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-07-02 22:55 - 2022-11-02 23:35 - 000000000 ____D C:\ProgramData\Packages
2025-07-02 20:21 - 2024-06-13 19:08 - 000000000 ____D C:\Users\ebber\AppData\Local\HP
2025-07-02 04:41 - 2023-07-07 05:29 - 000000000 ____D C:\Program Files\Microsoft Office
2025-07-01 18:23 - 2024-10-28 16:47 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-06-30 16:55 - 2024-06-13 19:01 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-29 11:36 - 2024-06-14 00:15 - 000016811 _____ C:\Users\ebber\AppData\LocalLow\ef54eddb2ded8674d924a92863f229125f4b7962e4f7fe0c46c7682970b66a1d
2025-06-27 18:22 - 2025-03-14 22:55 - 000002386 _____ C:\Users\ebber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-06-27 18:22 - 2025-02-10 17:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-27 18:22 - 2025-02-10 17:47 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-27 18:22 - 2025-02-10 17:47 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-27 14:44 - 2024-06-16 04:54 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\10a4dca5d4e4c061e5be589b05c7453a289bc5897d5dfde751f9ade306a1ddcc
2025-06-27 14:40 - 2025-02-10 17:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2025-06-27 05:32 - 2025-02-10 17:43 - 000493432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\InstallShield
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-06-27 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-06-27 05:31 - 2024-04-01 02:21 - 000000000 ____D C:\WINDOWS\servicing
2025-06-26 21:35 - 2025-02-10 17:47 - 003384320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-06-24 22:11 - 2025-03-18 06:45 - 000403832 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_8.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 002918800 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 000817528 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 000272784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 000244088 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 000166264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-06-24 22:11 - 2024-11-22 21:59 - 000121232 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-06-24 22:11 - 2024-11-22 21:59 - 000076152 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-06-18 14:29 - 2024-06-28 17:10 - 000000000 ____D C:\Users\ebber\OneDrive\Desktop\keb
2025-06-16 18:50 - 2022-11-02 23:32 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-06-16 12:39 - 2024-06-13 21:09 - 000000000 ____D C:\Users\ebber\AppData\Local\Greenshot
2025-06-11 05:31 - 2025-02-09 15:03 - 000000000 ____D C:\Users\ebber
2025-06-11 05:31 - 2024-04-01 03:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-06-11 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-06-10 14:25 - 2024-06-13 22:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-10 14:20 - 2024-06-13 22:36 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
 
==================== Files in the root of some directories ========
 
2025-04-30 00:55 - 2025-04-30 00:55 - 000067389 _____ () C:\Users\ebber\AppData\Local\recently-used.xbel
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================

  • 0

#22
DanielJacksonSG1
Posted Today, 06:00 PM

DanielJacksonSG1

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

This is Addition.txt

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2025
Ran by ebber (05-07-2025 01:57:10)
Running from C:\Users\ebber\OneDrive\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4484 (X64) (2025-02-10 22:48:11)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3824051874-4122554679-839923353-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3824051874-4122554679-839923353-503 - Limited - Disabled)
ebber (S-1-5-21-3824051874-4122554679-839923353-1001 - Administrator - Enabled) => C:\Users\ebber
Guest (S-1-5-21-3824051874-4122554679-839923353-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3824051874-4122554679-839923353-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 138.1.80.115 - Brave Software Inc)
GIMP 2.10.38-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 138.0.7204.97 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Display Control Service (HKLM\...\{08EE20F5-7351-4CFD-9447-F0CD26C63974}) (Version: 4.9.25.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP One Agent (HKLM\...\{20A9EF5E-995B-4CA0-B028-79FBDCD99773}) (Version: 1.1.901.7762 - HP Inc.)
HP One Agent (HKLM\...\{E0747DDE-41AF-4017-9CF8-2F84A2CCC5A2}) (Version: 1.1.901.7762 - HP Inc.) Hidden
Malwarebytes version 5.3.3.198 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.3.3.198 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18827.20176 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 138.0.3351.65 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.93 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\OneDriveSetup.exe) (Version: 25.105.0601.0002 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.18827.20176 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.100.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 561.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 561.19 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20176 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{BBC2626A-CCCB-4D0F-B15C-24C1810657EB}) (Version: 10.3.1.387 - PDF-XChange Co Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{eee0c750-4cc3-4bc2-b74a-6e6352aa6e26}) (Version: 10.3.1.387 - PDF-XChange Co Ltd.)
Revo Uninstaller 2.5.8 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.5.8 - VS Revo Group, Ltd.)
ScreenHunter 7 Free (HKLM-x32\...\ScreenHunter 7 Free_is1) (Version: 7.0.485 - Wisdom Software Inc.)
Telegram Desktop (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.3.1 - Telegram FZ-LLC)
 
Chrome apps:
============
Hero Wars (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\9d09f2680c51e0f26bcc740cd8c5a3ff) (Version: 1.0 - Google\Chrome)
 
Packages:
=========
@{MicrosoftWindows.54792954.Filons_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.54792954.Filons/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.54792954.Filons_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.54792954.Filons/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.54792954.Filons_1000.26100.4351.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.54792954.Filons/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.56978801.Voiess_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.56978801.Voiess/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.56978801.Voiess_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.56978801.Voiess/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.56978801.Voiess_1000.26100.4351.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.56978801.Voiess/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57058570.Speion_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57058570.Speion/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57058570.Speion_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57058570.Speion/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57058570.Speion_1000.26100.4351.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57058570.Speion/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57074914.Livtop_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57074914.Livtop/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57074914.Livtop_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57074914.Livtop/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.57074914.Livtop_1000.26100.4351.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57074914.Livtop/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4351.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-08] (INTEL CORP) [Startup Task]
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.49.0_x64__k42naep6bwmrc [2025-07-02] (Optimilia Studios)
Bang & Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.47.308.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.)
Bing Wallpaper -> C:\Program Files\WindowsApps\Microsoft.BingWallpaper_1.1.416.0_x86__8wekyb3d8bbwe [2025-07-01] (Microsoft Corporation) [Startup Task]
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.34.0_x64__xbfy0k16fey96 [2025-06-19] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.)
HP Command Center -> C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6 [2024-06-14] (HP Inc.)
HP Display Control -> C:\Program Files\WindowsApps\PortraitDisplays.HPDisplayControl_4.9.25.0_x64__2dgmkzkw4h30c [2024-06-14] (HP Inc.) [Startup Task]
HP Enhanced Lighting -> C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6 [2024-08-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.8.0.0_x64__v10z8vjag6ke6 [2025-07-02] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-06-14] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_159.2.1145.0_x64__v10z8vjag6ke6 [2025-06-03] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.46.17.0_x64__v10z8vjag6ke6 [2025-06-26] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.40.0_x64__v10z8vjag6ke6 [2025-06-17] (HP Inc.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-01] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x86__8wekyb3d8bbwe [2025-05-01] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-03] (Microsoft Corporation)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.25150.49.0_x64__8wekyb3d8bbwe [2025-06-19] (Microsoft Corporation)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes\Anti-Malware [2025-07-03] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2505.23002.0_x64__8wekyb3d8bbwe [2025-06-17] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20610.576.0_x64__8wekyb3d8bbwe [2025-06-19] (Microsoft Corporation)
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_46.52524.4209.0_x64__v10z8vjag6ke6 [2025-06-26] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-12] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-07-02] ()
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6 [2025-07-02] (HP Inc.) [Startup Task]
Screenshot Capturing Tool -> C:\Program Files\WindowsApps\34317GoodJobApps.ScreenshotCapturingTool_1.0.10.0_x64__rxkvjcfxv2hyw [2025-01-18] (Good Job Apps)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0 [2025-06-18] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2526.2.0_x64__cv1g1gvanyjgm [2025-07-02] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.522.1444.0_x64__8wekyb3d8bbwe [2025-06-25] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-06-14] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074904.InpApp_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-27] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3824051874-4122554679-839923353-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-03] (Malwarebytes Inc -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\nvshext.dll [2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-07-03] (Malwarebytes Inc -> Malwarebytes)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_phphaedkpbogpiocfjddpladjkgbbflg\Hero Wars.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=phphaedkpbogpiocfjddpladjkgbbflg
ShortcutWithArgument: C:\Users\ebber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hero Wars.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=phphaedkpbogpiocfjddpladjkgbbflg
 
==================== Loaded Modules (Whitelisted) =============
 
2024-06-13 21:50 - 2016-04-26 15:10 - 000116908 _____ () [File not signed] C:\Program Files (x86)\ScreenHunter 7 Free\libgcc_s_dw2-1.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000440320 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\2d70a2d044f21be30baf78121199320f\LauncherSDK.ni.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000038400 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\4f7984a4c26efbf55f686da8b16aa462\Logging.ni.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000153600 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\d28337c50ce6e833c97e1b1d1306d515\RpcClient.ni.dll
2025-05-21 18:33 - 2025-05-21 18:33 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d0bc9039722cdf7f534582c5140e55a8\Newtonsoft.Json.ni.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\ebber\OneDrive\Desktop\AdwCleaner.exe:MBAM.Zone.Identifier [214]
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) =============
 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-06-19] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-06-19] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-07-02] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2022-05-07 00:24 - 2025-06-11 05:31 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Network ===========================
 
(Currently there is no automatic fix for this section.)
 
DNS Servers: 192.168.1.1
Windows Firewall is enabled.
 
Network Binding:
=============
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel® Wi-Fi 6E AX211 160MHz -> Netwtw14.sys
 
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ebber\AppData\Local\Packages\Microsoft.BingWallpaper_8wekyb3d8bbwe\LocalState\images\Bing\20250704_OHR.SeattleFireworks_EN-US0523563675_UHD_bing.jpg
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows Defender\Features => (TamperProtection: 1) (TamperProtectionSource: 5)
HKLM\SOFTWARE\Microsoft\Windows Defender\Real-Time Protection => (DpaDisabled: 0)
 
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: GoogleUpdaterInternalService132.0.6833.0 => 2
MSCONFIG\Services: GoogleUpdaterService132.0.6833.0 => 2
MSCONFIG\Services: SECOMNService => 2
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{79D12F1E-AB0D-4ED9-B400-D5F9E419DA6F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1905.3048.7590_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E30AD8E5-B2BD-4D28-9E5B-B3E9CE8EE823}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1905.3048.7590_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21B29240-DC97-487F-AA31-DF85551CF247}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{B9B2ECC4-3058-4421-8CC8-3BF12A377680}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{81B65A78-FEEB-4078-BE00-E9104A4F9F75}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{B211C5EB-F8CF-4BB6-B3C8-3FE37AB17F0F}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{880D96A6-4961-4135-8DDD-7D7B3EDD7781}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7D6E18E-66FC-42FA-9663-DC54901F2018}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{315935E2-D259-4389-80AF-B19BAA5BF788}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{264AF2B8-9A2F-4D46-9890-1A8F3F072E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BC322C9-08C6-487F-8304-6B7E30790693}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D01D4130-5716-4A6D-89BE-7E0FAB43BF12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5EE698F2-1721-4354-879B-88347A23C31D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4DD0C43-7B1D-4AFE-9D58-299F6255570E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DD158CD4-DE2D-40C6-8BD6-F79F7F108E71}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F39D5E5B-1849-43A1-AD73-C02981FE07E3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32709039-B936-4E35-8A00-302825F0E234}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6166CF79-E043-4C0F-A608-CE1E564AED46}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{16203F85-542B-45B6-94E0-4CF35B1BF5FF}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{382D0E1E-039C-40E2-A1A0-C38C18680951}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A982A04E-B69D-4E2F-8FB5-DAF975DCC68F}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{644477B2-446D-4D1B-9072-C3105FE5C0C2}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{617A8DCF-D30B-493A-A0F4-5EB144AB3A86}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3F19F36D-4266-4D1C-BD26-4D95165F7E82}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B9D6910C-316D-4E15-9802-3CB6B00A016C}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7FFCA3AD-82B1-41F3-9454-627F7C53A8DD}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E2B93FFA-7CA8-40FE-9341-3C5A1305F4F0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D891B518-94AF-4CDB-A58E-6AB0621D178F}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A02D1E1-6CC0-4601-8135-D69A5E453010}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B7C983D8-441C-4572-9F1C-5A6ADA02E65F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CB39BA5A-A6BC-44D9-B472-0C70A2878794}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8464C1DB-9419-4441-B40A-5B21C9B6D7C7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4028207B-E2DB-4204-AEF8-1618CFACCE8B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{B32FF253-25DB-4A85-BCDC-E40BC5072566}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8BA4BD16-933D-4C89-BCD5-D06732710042}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{39C557DC-D160-47DB-BC5D-8EB6FC577476}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{6A90CC04-B455-40EC-98D8-1816BBB6B1FA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{93D004C9-B9D3-4B82-B9C0-2FBFCA72E142}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{477775FE-7574-4624-AB0C-8E332FD15D0B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.266.447.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F5E92814-944B-4F07-AE05-5960F6C65B2D}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.93\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2141FEBE-F5F3-4569-ABCC-D1F373FAC479}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25153.1010.3727.5483_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A036FC65-E4D0-4650-A9C3-A30F729EA26E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25153.1010.3727.5483_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13A24484-D6AA-4A6D-A4A1-62E716F28B21}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F7CB3F7E-CB56-425F-B260-7ECBF374A680}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F17D4589-3597-403C-A85A-D2F530CC049E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8AABDB3B-30F0-4685-9B54-7652A051986B}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{300B547F-05D5-4ADD-AB92-E5476C964525}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{308F6620-B2D8-475F-A2E2-EC9102F4328C}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{871E3F86-757F-4263-B2C6-F9C22B8EBF28}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{652B3AE1-E163-4B93-9817-C9BAF48C25AC}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{578F175A-389E-45D7-854B-E29043FA80F4}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{76F86457-C389-4A5C-B423-A890C017208E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{FA433BB8-607A-488D-9C61-15F2348CDBAA}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8D2EE55F-2217-4BD5-9DED-B0AAA2AADDA9}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B35C794C-49D6-4574-B0AB-575AB5FD974E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{557A8AD0-3001-4BE7-B683-92AFEF577514}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7DEE29EC-A0CD-49EE-BB97-4963B6E049C0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DD9C267D-CF8C-4274-A5D1-69E6E20BFC85}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{2FFA48A3-CA9F-44A7-AEBE-CA5189763553}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{B5640027-C1E7-48B3-902C-0BAA49ABCDDD}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{81B99AFD-CC33-4283-9268-ACFF93325612}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B72D9161-C207-49D2-A765-C7E82095BCCC}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{BA83EB4E-AF31-4F39-B9AC-915B72CD8B02}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{08CCF7A6-F0A7-476A-AF00-42C6ACE59018}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F8880847-71E3-4209-AED3-4E2BAA1F2D34}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F8426654-F327-468E-AE71-D1422BEA54ED}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{74D29161-1594-4C87-872E-FB3994BD8E48}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{ED2D1608-A74A-4E69-AC03-4DF1E8008AAE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{074446BB-9704-4127-8FF9-538F84F08192}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{96185E60-8F5B-4E0A-BC21-4C3DEFE085CF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{E39D340D-2C5E-4350-82F6-F47EB18FF14E}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5232E745-D1DA-4BA0-B3E9-FC89AEFF0C59}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{6EFC4323-1A62-4DBB-8965-12C8E24E017F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{4073D980-7DF7-42DE-97D6-B546CA40C0C5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{928D8532-5D6E-4240-98AF-EC2016032AE1}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{D7C7CC58-91F6-4712-B8B0-D6C6C5502ED7}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2506.8.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
 
==================== Restore Points =========================
 
30-06-2025 03:20:09 Windows Update
03-07-2025 20:27:51 Windows Update
03-07-2025 20:28:00 Windows Update
03-07-2025 20:28:00 Windows Update
 
==================== Faulty Device Manager Devices ============
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (07/04/2025 06:22:59 PM) (Source: .NET Runtime) (EventID: 1000) (User: )
Description: Category: BingWallpaper.Services.BingHPImageService
EventId: 0
 
HttpRequestException exception while refreshing images
 
Exception: 
System.Net.Http.HttpRequestException: An error occurred while sending the request.
 ---> System.IO.IOException: Unable to write data to the transport connection: An existing connection was forcibly closed by the remote host..
 ---> System.Net.Sockets.SocketException (10054): An existing connection was forcibly closed by the remote host.
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.CreateException(SocketError error, Boolean forAsyncThrow)
   at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.SendAsyncForNetworkStream(Socket socket, CancellationToken cancellationToken)
   at System.Net.Sockets.Socket.SendAsyncForNetworkStream(ReadOnlyMemory`1 buffer, SocketFlags socketFlags, CancellationToken cancellationToken)
   at System.Net.Sockets.NetworkStream.WriteAsync(ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Net.Security.SslStream.WriteSingleChunk[TIOAdapter](ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Net.Security.SslStream.WriteAsyncInternal[TIOAdapter](ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[TStateMachine](TStateMachine& stateMachine)
   at System.Net.Security.SslStream.WriteAsyncInternal[TIOAdapter](ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Net.Security.SslStream.WriteAsync(ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnection.WriteToStreamAsync(ReadOnlyMemory`1 source, Boolean async)
   at System.Net.Http.HttpConnection.FlushAsync(Boolean async)
   at System.Net.Http.HttpConnection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start[TStateMachine](TStateMachine& stateMachine)
   at System.Net.Http.HttpConnection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.ExecutionContextCallback(Object s)
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.MoveNext(Thread threadPoolThread)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.MoveNext()
   at System.Threading.Tasks.AwaitTaskContinuation.RunOrScheduleAction(IAsyncStateMachineBox box, Boolean allowInlining)
   at System.Threading.Tasks.Task.RunContinuations(Object continuationObject)
   at System.Threading.Tasks.Task`1.TrySetResult(TResult result)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.SetExistingTaskResult(Task`1 task, TResult result)
   at System.Runtime.CompilerServices.AsyncValueTaskMethodBuilder`1.SetResult(TResult result)
   at System.Threading.Tasks.TaskCompletionSourceWithCancellation`1.WaitWithCancellationAsync(CancellationToken cancellationToken)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.ExecutionContextCallback(Object s)
   at System.Threading.ExecutionContext.RunFromThreadPoolDispatchLoop(Thread threadPoolThread, ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.MoveNext(Thread threadPoolThread)
   at System.Runtime.CompilerServices.AsyncTaskMethodBuilder`1.AsyncStateMachineBox`1.ExecuteFromThreadPool(Thread threadPoolThread)
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading.PortableThreadPool.WorkerThread.WorkerThreadStart()
   at System.Threading.Thread.StartCallback()
--- End of stack trace from previous location ---
 
   --- End of inner exception stack trace ---
   at System.Net.Security.SslStream.<WriteSingleChunk>g__CompleteWriteAsync|164_1[TIOAdapter](ValueTask writeTask, ProtocolToken token)
   at System.Net.Security.SslStream.WriteAsyncInternal[TIOAdapter](ReadOnlyMemory`1 buffer, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   --- End of inner exception stack trace ---
   at System.Net.Http.HttpConnection.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken)
   at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken)
   at Microsoft.Extensions.Http.Logging.LoggingHttpMessageHandler.<SendCoreAsync>g__Core|4_0(HttpRequestMessage request, Boolean useAsync, CancellationToken cancellationToken)
   at Microsoft.Extensions.Http.Logging.LoggingScopeHttpMessageHandler.<SendCoreAsync>g__Core|4_0(HttpRequestMessage request, Boolean useAsync, CancellationToken cancellationToken)
   at System.Net.Http.HttpClient.GetStringAsyncCore(HttpRequestMessage request, CancellationToken cancellationToken)
   at BingWallpaper.Services.BingHPImageService.GetBingImagesFromBwApi()
   at BingWallpaper.Services.BingHPImageService.<Refresh>b__21_0()
 
Error: (07/04/2025 04:34:28 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program WhatsApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Error: (07/04/2025 04:04:14 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (07/04/2025 04:04:13 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (07/04/2025 01:23:20 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (07/03/2025 11:34:57 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (07/03/2025 11:18:52 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (07/03/2025 10:45:11 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
 
System errors:
=============
Error: (07/05/2025 01:28:18 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft...?linkid=2169931
 
Error: (07/04/2025 04:28:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (07/04/2025 04:19:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (07/04/2025 04:17:29 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (07/04/2025 04:16:55 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {338B40F9-9D68-4B53-A793-6B9AA0C5F63B} did not register with DCOM within the required timeout.
 
Error: (07/04/2025 04:04:25 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft...?linkid=2169931
 
Error: (07/04/2025 04:04:13 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {a2c41e42-357e-4070-90c8-40f9b98a1f08}, had event 74
 
Error: (07/04/2025 01:28:18 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft...?linkid=2169931
 
 
Windows Defender:
================
Date: 2025-07-04 23:42:28
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown 
 
Date: 2025-07-03 23:24:51
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days 
 
Date: 2025-07-02 23:52:24
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown 
 
Date: 2025-07-02 23:32:22
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: RPC connection rundown 
 
Date: 2025-07-02 19:38:13
Description: 
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days 

CodeIntegrity:
===============
Date: 2025-07-05 01:58:12
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements. 
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.20 03/26/2024
Motherboard: HP 8BE8
Processor: 13th Gen Intel® Core™ i7-1355U
Percentage of memory in use: 42%
Total physical RAM: 32479.05 MB
Available physical RAM: 18533.95 MB
Total Virtual: 34527.05 MB
Available Virtual: 17205.78 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:952.72 GB) (Free:834.8 GB) (Model: KBG50ZNV1T02 KIOXIA) (Protected) NTFS
 
\\?\Volume{2b82aef0-5333-4954-95b4-8b0066ca85ac}\ () (Fixed) (Total:0.87 GB) (Free:0.09 GB) NTFS
\\?\Volume{2ed64874-5aaf-4a5d-991d-6000d5d3bfdc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 8C197999)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

8 user(s) are reading this topic

0 members, 8 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP