Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I need to completely remove McAfee from my laptop then use a free anti

Started by DanielJacksonSG1 , Yesterday, 04:55 PM

  • Please log in to reply

#1
DanielJacksonSG1
Posted Yesterday, 04:55 PM

DanielJacksonSG1

    New Member

  • Member
  • Pip
  • 2 posts

Hello, I am Daniel Jackson with SG-1.

I am good with ancient Egyptian hieroglyphics, hieratic, cuneiform and Sumerian, but not so much with a laptop.

McAfee is super expensive. I need to completely remove it from my laptop then I would appreciate any suggestions you have for what is the best free antivirus I can use on my laptop.

Thanks very much in advance, and I realize your forum is extremely busy.

 


  • 0

Advertisements

#2
DR M
Posted Today, 01:18 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,437 posts

Hi, Daniel.
 
To make it easier for me to see what programs are installed in your system, please do the following:

Download Farbar Recovery Scan Tool and save it to your desktop. --> IMPORTANT

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your antivirus software detects the tool as malicious, it’s safe to allow FRST to run. It is a false-positive detection.

If English is not your primary language, right click on FRST.exe/FRST64.exe and rename to FRSTEnglish.exe/FRST64English.exe

  • Double-click the FRST icon to run the tool. When the tool opens click Yes to disclaimer.
  • Press Scan button and wait for a while.
  • The scanner will produced two logs on your Desktop: FRST.txt and Addition.txt.
  • Please attach the content of these two logs in your next reply.

  • 0

#3
DanielJacksonSG1
Posted 38 minutes ago

DanielJacksonSG1

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts

This is the FRST.txt log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by ebber (administrator) on KBENEBBERLY (HP HP ENVY Laptop 17-cr1xxx) (14-06-2025 17:58:52)
Running from C:\Users\ebber\OneDrive\Desktop\FRST64.exe
Loaded Profiles: ebber
Platform: Microsoft Windows 11 Home Version 24H2 26100.4351 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(BF1EBE36-CE63-490E-9764-7C90171096C0 -> Portrait Displays, Inc.) C:\Program Files\WindowsApps\PortraitDisplays.HPDisplayControl_4.9.25.0_x64__2dgmkzkw4h30c\win32\DisplayControl.exe
(C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(C:\Program Files\Google\Chrome\Application\chrome.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <2>
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe ->) (Portrait Displays, Inc. -> Portrait Displays) C:\Program Files\Portrait Displays\HP Display Control Service\CTHelper.exe
(C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityHost.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.10401.30.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe <26>
(C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\crashpad_handler.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(cmd.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.30.150.1\extnhost\mc-extn-browserhost.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\AppHelperCap.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\BridgeCommunication.exe
(DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_helper.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6\Win32\HPEnhancedLighting.Bg.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6\SystemEventUtility\HPSystemEventUtilityBackground.exe
(ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <44>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corp.) C:\Users\ebber\AppData\Local\Temp\bwp2924e372-2c15-4632-8e4c-38ac6c56fe9f\UnInstDaemon.exe
(explorer.exe ->) (Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(explorer.exe ->) (Wisdom Software Inc. -> Wisdom Software Inc.) C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <9>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc; HP Development Company, L.P.) C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
(services.exe ->) (Intel Corporation -> ) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_3de31b09a0024837\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_3befaa646f991169\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_d00a882b6000b511\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_f3c201b4c28c14d0\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel) C:\Windows\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe <2>
(services.exe ->) (Portrait Displays, Inc. -> HP Inc.) C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe <3>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnhService.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_45.52519.3041.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\Win32Process\HPCC.Bg.BackgroundApp.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.BingWallpaper_1.1.414.0_x86__8wekyb3d8bbwe\BingWallpaper.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\CrossDeviceResume.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2523.1.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_45.52519.3041.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.) C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\HpSystemManagement.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\Overlay\OverlayHelper.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\ProgramData\McAfee\WPS\content\neo-core\25.4.0.277\mc-neo-host.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Users\ebber\AppData\Local\Microsoft\OneDrive\25.095.0518.0002\FileCoAuth.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Windows\System32\SynTPEnh.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe [1971496 2024-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-08-09] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\RunOnce: [msedge_cleanup_{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}] => C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\Installer\setup.exe [7395880 2025-06-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-19\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-20\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\Run: [HPCC_InstallationBooster] => C:\System.sav\util\HPCC\HpccLauncher.exe [458248 2020-12-29] (HP Inc. -> HP Inc.)
HKU\S-1-5-20\...\RunOnce: [OMENCC_InstallationBooster] => C:\system.sav\util\OMENCC_InstallationBooster.exe [16424 2020-03-07] (HP Inc. -> )
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [HPSEU_Host_Launcher] => C:\System.sav\util\HPSEU\HpseuHostLauncher.exe [545288 2025-03-13] (HP Inc. -> HP Inc.)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [MicrosoftEdgeAutoLaunch_250CBDCFE7A16A0711E03CEAFFB8F27D] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --win-session-start [4141136 2025-06-06] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [ScreenHunter 7 Free] => C:\Program Files (x86)\ScreenHunter 7 Free\ScreenHunter7Free.exe [35355360 2023-01-30] (Wisdom Software Inc. -> Wisdom Software Inc.)
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\Run: [BingWallpaperDaemon] => C:\Users\ebber\AppData\Local\Temp\bwp2924e372-2c15-4632-8e4c-38ac6c56fe9f\UnInstDaemon.exe [51232 2025-06-14] (Microsoft Corporation -> Microsoft Corp.) <==== ATTENTION
HKU\S-1-5-18\...\RunOnce: [Application Restart #2] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #3] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #4] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKU\S-1-5-18\...\RunOnce: [Application Restart #5] => C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6\SysWin32Process\HPCC.Bg.BackgroundSys.exe [198672 2024-06-14] (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
HKLM\...\Print\Monitors\PDF-XChange Lite Port Monitor: C:\windows\system32\pxcpmL.dll [840024 2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\137.0.7151.104\Installer\chrmstp.exe [2025-06-13] (Google LLC -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{AFE6A462-C574-4B8A-AF43-4CC60DF4563B}] -> C:\Program Files\BraveSoftware\Brave-Browser\Application\137.1.79.123\Installer\chrmstp.exe [2025-06-11] (Brave Software, Inc. -> Brave Software, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {75100218-8908-472D-8733-A87F27B41719} - System32\Tasks\BraveSoftwareUpdateTaskMachineCore{8F703643-4FF8-47FE-B994-D8C83F222E6A} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {F1A645B1-C505-4FA9-BFB5-7FB13B0337A1} - System32\Tasks\BraveSoftwareUpdateTaskMachineUA{1B25F4C3-C003-4697-ADE3-DC3C7DA38D02} => C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
Task: {A7E7E491-9208-4AB0-B881-DF8372507A61} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{1559089A-7DD1-494A-BCAE-4C00F5586A59} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {86C58079-973F-49A8-A84C-B585C904847E} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{CA2A62C3-23A4-4D83-871D-75FB1E662CF0} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {08E626D2-CA20-4977-97EF-45C137954578} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1004040 2025-04-22] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {A48115E6-D91F-4C2A-BE9E-2DB0D3ED1171} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-04-22] (HP Inc. -> HP Inc.)
Task: {68504BF1-9966-4BBA-A284-CB8A55ABAD91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1173512 2025-04-22] (HP Inc. -> HP Inc.)
Task: {604B3123-09C7-4960-80F5-D80B9A49A1C0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1173512 2025-04-22] (HP Inc. -> HP Inc.)
Task: {B0191D3C-7DAC-43B1-857A-77CB669A59B9} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [102400 2025-02-09] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {476A3BF9-C894-4402-83C1-07146AE0DFB8} - System32\Tasks\HPOneAgentRepairTask => C:\ProgramData\Package Cache\{211CE8D5-1B28-4C83-AC2E-F057818A0356}\HPOneAgent.exe [1169696 2025-05-21] (HP Inc. -> HP Inc; HP Development Company, L.P.)
Task: {2712BE0B-E5F2-4A26-89B1-91CDDAC2C74C} - System32\Tasks\McAfee\WPS\McAfee Anti-tracker notification => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {13B41224-DE3D-49F4-8CC1-DE78C33C73B0} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {13B41224-DE3D-49F4-8CC1-DE78C33C73B0} - System32\Tasks\McAfee\WPS\McAfee Anti-Tracker Scanner => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {0DDDE7BB-4878-40A1-BC04-16BD2732B376} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {0DDDE7BB-4878-40A1-BC04-16BD2732B376} - System32\Tasks\McAfee\WPS\McAfee Cloud Configuration Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {B902C55E-AC3E-4AFD-8D9C-F31DF35913B3} - System32\Tasks\McAfee\WPS\McAfee Fake Alert Blocker => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {4D17A55E-91C3-4E58-B33D-0E73763703C2} - System32\Tasks\McAfee\WPS\McAfee Health Check => C:\Program Files\McAfee\wps\1.30.150.1\sustainability\mc-sustainability.exe [958720 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {6764E29C-90AC-4511-BF82-5D55082A0848} - System32\Tasks\McAfee\WPS\McAfee Hotfix => C:\Program Files\McAfee\wps\1.30.150.1\dad\mc-dad.exe [2709112 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {501DD779-E4E9-4C0C-89E2-6A27276C518F} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {501DD779-E4E9-4C0C-89E2-6A27276C518F} - System32\Tasks\McAfee\WPS\McAfee Message Check => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {ABDD479D-5FB1-4619-A20F-97CFC2291356} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {ABDD479D-5FB1-4619-A20F-97CFC2291356} - System32\Tasks\McAfee\WPS\McAfee PC Optimizer Task => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {4B5B0DA1-1FC2-4E27-8A8D-6F4D58E7F86F} - System32\Tasks\McAfee\WPS\McAfee restart of PC => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {08100D9D-5EA4-49FB-A1E9-01DB7174139A} - System32\Tasks\McAfee\WPS\McAfee Scheduled AV Scan => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {04DD6079-523B-490D-810D-E7E9F683581D} - System32\Tasks\McAfee\WPS\McAfee Scheduled Tracker Remover => 1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D
Task: {430D36AC-6BE1-4052-99A3-ED5A2F601D0A} - System32\Tasks\McAfee\wps\McAfee Updater => {81A7CB63-BB07-4DAD-8E72-07B3A9BB08E2} C:\Program Files\McAfee\wps\1.30.150.1\mc-update.exe [3377984 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {5513117B-02C1-4657-9BE9-C591F7A5B283} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {5513117B-02C1-4657-9BE9-C591F7A5B283} - System32\Tasks\McAfee\WPS\McAfee Virus Definition Update => {1A62D23B-93C2-468A-B6B0-FFB2A23C1C0D} C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
Task: {5C188182-44F9-4B10-BC27-8C34250FDBCA} - System32\Tasks\McAfee\WPS\McAfee Windows Notification Token => \\?\C:\Program Files\McAfee\WPS\1.30.150.1\mc-wns-client\mc-wns-client.exe [1068712 2025-06-05] (McAfee, LLC -> )
Task: {DC0C2792-0BC4-4472-A2AB-EA2F3271BDE4} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955368 2025-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {96A63655-94E9-4B87-8D46-496AD40CEA61} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\opushutil.exe [68344 2025-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {F574F893-C610-449D-90FE-54C2577AFC97} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955368 2025-06-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {068BEF0F-5D43-46C1-898F-34EB508983FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {7E9D80AD-4EAD-4879-91EA-473D7C5CFAD7} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {15B35A6F-6622-4910-B046-CFB5C965D234} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [225992 2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {1F0444FD-2789-4F04-9044-3303E6012452} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {3393200B-E745-43C1-8C97-91A9E88F4EFA} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-06-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {0F64CCEB-1474-4DD5-8114-246B504C2C1B} - System32\Tasks\Microsoft\Windows\Hotpatch\Monitoring => C:\WINDOWS\system32\cmd.exe [376832 2025-05-29] (Microsoft Windows -> Microsoft Corporation) -> /d /c %systemroot%\system32\hpatchmonTask.cmd
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe  (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe  (No File)
Task: {55DC37A4-8F4C-4843-B0D0-CD3D67C3F4EC} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [1005096 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files\NVIDIA Corporation\NvContainer\-d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {379DD0EE-3F5B-4320-BF8E-F7E6D55C2B4B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3345448 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F22DC5DC-4B50-4618-9926-D05A5D0404A4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [649256 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation) -> C:\Program Files (x86)\NVIDIA Corporation\NvNode\--launcher=TaskScheduler
Task: {00AAC600-499B-464C-A66A-833E717C7263} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {636BFAEC-20EF-41EF-96A3-14A2520A6E9A} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {D6F2C9A6-04C8-4CFF-8DB5-8D09D32E7212} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FA9E95E3-0BBD-4C19-A08B-B18F79CBAA96} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1665064 2023-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {338F16D1-C077-4F22-9FDB-74DD5B053136} - System32\Tasks\OmenInstallMonitor => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73224 2025-06-13] (HP Inc. -> HP Inc.)
Task: {81971C4D-99B8-4B7E-A9F9-6714782718AD} - System32\Tasks\OmenInstallMonitorCustomEvent => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73224 2025-06-13] (HP Inc. -> HP Inc.)
Task: {40E4C3C7-E5B1-4E9E-94EF-DF7F230E4493} - System32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73224 2025-06-13] (HP Inc. -> HP Inc.)
Task: {DF044B65-355C-4155-A858-C4127BEAE1B8} - System32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\OmenInstallMonitor\OmenInstallMonitor.exe [73224 2025-06-13] (HP Inc. -> HP Inc.)
Task: {3872364E-56AA-421C-9B99-2F8BD68B6543} - System32\Tasks\OmenOverlay => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-06-13] (HP Inc. -> HP Inc.)
Task: {32A7438F-4F10-475B-AE98-84156A2B0F42} - System32\Tasks\OmenOverlayCustomEvent => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-06-13] (HP Inc. -> HP Inc.)
Task: {386B2DBC-5A74-4016-AEFE-0270420EA537} - System32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-06-13] (HP Inc. -> HP Inc.)
Task: {939A29C6-9C84-4EE9-BCDD-63B265EB0C85} - System32\Tasks\OmenOverlay-sid-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Program Files\HP\Overlay\OverlayHelper.exe [67592 2025-06-13] (HP Inc. -> HP Inc.)
Task: {CCBE387B-F788-47E9-9984-44CCA994F7FB} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3824051874-4122554679-839923353-1001 => C:\Users\ebber\AppData\Local\Microsoft\OneDrive\25.095.0518.0002\OneDriveLauncher.exe [684344 2025-06-13] (Microsoft Corporation -> Microsoft Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}: [DhcpDomain] lan1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}\D49735075636472757D6759664969333D22374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8c304686-c335-4604-95ee-09a6056609cc}\D49735075636472757D6759664969333D22374: [DhcpDomain] lan1
 
Edge: 
=======
Edge Profile: C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-14]
Edge Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\amnbcmdbanbkjhnfoeceemmmdiepnbpp [2025-03-05]
Edge Extension: (Google Docs Offline) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-06-11]
Edge Extension: (Edge relevant text changes) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-06-13]
Edge Extension: (Capital One Shopping: Save Now) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kiiaghlmeikbpmeabhilfphikfcefljn [2025-05-21]
Edge Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lgecefcjlholabgliikbfdifhdfbfnma [2024-11-13]
 
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
FF Plugin HKU\S-1-5-21-3824051874-4122554679-839923353-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
 
Chrome: 
=======
CHR Profile: C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default [2025-06-14]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://push.getbeamer.com; hxxps://truthsocial.com; hxxps://www.freelancer.com
CHR HomePage: Default -> hxxps://www.google.com/
CHR Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-06-11]
CHR Extension: (TweetPeek AI - Grow Twitter with Real People!) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlilfchmnodlgipheijbmpbonmlfgaml [2025-05-21]
CHR Extension: (Trust Wallet) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjidjbpglichdcondbcbdnbeeppgdph [2025-06-11]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-06-11]
CHR Extension: (Supernova) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\gegpgpjbmbggplclldecdbpcmopmlbll [2024-06-14]
CHR Extension: (Google Docs Offline) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-30]
CHR Extension: (Coinbase Wallet extension) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnfanknocfeofbddgcijnmhnfnkdnaad [2025-06-11]
CHR Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2025-06-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2024-06-14]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
 
Brave: 
=======
BRA Profile: C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default [2025-05-21]
BRA Extension: (Honey: Automatic Coupons & Rewards) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2025-04-30]
BRA Extension: (McAfee® WebAdvisor) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2025-05-12]
BRA Extension: (Similarweb - Website Traffic & SEO Checker) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\hoklmmgfnpapgjgcpechhaamimifchmp [2025-04-19]
BRA Extension: (Capital One Shopping: Save Now) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\Default\Extensions\nenlahapcbofgnanklpelkaejcehkggg [2025-05-14]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block First Party Filters (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\adcocjohghhfpidemphmcmlmhnfgikei [2025-05-21]
BRA Extension: (Brave Local Data Files Updater) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\afalakplffnnnlkncjhbmahjfjhmlkal [2025-05-21]
BRA Extension: (Brave NTP background images) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\aoojcmojmmcbpfgoecoadbdpnagfchel [2025-04-19]
BRA Extension: (Brave Ad Block Updater (Fanboy's Mobile Notifications (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\bfpgedeaaibpoidldhjcknekahbikncb [2025-05-21]
BRA Extension: (Brave Ad Block Updater (EasyList Cookie (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\cdbbhgbmjhfnhnmgeddbliobbofkgdhe [2025-05-21]
BRA Extension: (Brave NTP sponsored images) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\gccbbckogglekeggclmmekihdgdpdgoe [2025-05-21]
BRA Extension: (Brave Ad Block Updater (Regional Catalog)) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\gkboaolpopklhgplhaaiboijnklogmbc [2025-05-14]
BRA Extension: (Brave NTP Super Referrer mapping table) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\heplpbhjcbmiibdlchlanmdenffpiibo [2024-10-28]
BRA Extension: (Brave Ads Resources) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\iblokdlgekdjophgeonmanpnjihcjkjj [2024-12-06]
BRA Extension: (Brave Ad Block Updater (Brave Ad Block Updater (plaintext))) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\iodkpdagapdfkphljnddpjlldadblomo [2025-05-21]
BRA Extension: (Brave Ad Block Updater (Resources)) - C:\Users\ebber\AppData\Local\BraveSoftware\Brave-Browser\User Data\mfddibmblmbccpadfndgakiopmmhebop [2025-04-19]
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 brave; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
S3 BraveElevationService; C:\Program Files\BraveSoftware\Brave-Browser\Application\137.1.79.123\elevation_service.exe [3205712 2025-06-11] (Brave Software, Inc. -> Brave Software, Inc.)
S3 bravem; C:\Program Files (x86)\BraveSoftware\Update\BraveUpdate.exe [167440 2024-10-28] (Brave Software, Inc. -> BraveSoftware Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724400 2025-06-02] (Microsoft Corporation -> Microsoft Corporation)
R2 dptftcs; C:\WINDOWS\System32\DriverStore\FileRepository\dtt_sw.inf_amd64_3ea1838906a8645a\ipfsvc.exe [546416 2023-06-13] (Intel Corporation -> Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [475680 2023-04-14] (HP Inc. -> HP Inc.)
R2 hp-one-agent-service; C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe [2372648 2025-03-11] (HP Inc. -> HP Inc; HP Development Company, L.P.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\AppHelperCap.exe [928888 2025-05-06] (HP Inc. -> HP Inc.)
S3 hpatchmon; C:\WINDOWS\system32\hpatchmon.dll [173472 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
R2 HPDCService; C:\Program Files\Portrait Displays\HP Display Control Service\DisplayControlService.exe [375072 2022-10-31] (Portrait Displays, Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\DiagsCap.exe [927328 2025-05-06] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\NetworkCap.exe [923256 2025-05-06] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [243664 2025-05-01] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_f2bc3e822f15dc0b\x64\SysInfoCap.exe [928352 2025-05-06] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_bdc4c744cf4529f4\x64\TouchpointAnalyticsClientService.exe [631448 2025-03-27] (HP Inc. -> HP Inc.)
S2 Intel® Platform License Manager Service; C:\WINDOWS\System32\DriverStore\FileRepository\iclsclient.inf_amd64_fc84dfa25a6a7727\lib\PlatformLicenseManagerService.exe [741488 2023-12-14] (Intel Corporation -> Intel® Corporation)
R2 IntelAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\intcoed.inf_amd64_33284f5d2f7b1562\AS\IAS\IntelAudioService.exe [531800 2023-07-25] (Intel Corporation -> Intel)
R2 ipfsvc; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_uf.exe [3006560 2023-12-08] (Intel Corporation -> Intel Corporation)
R2 mc-fw-host; C:\Program Files\McAfee\WPS\1.30.150.1\mc-fw-host.exe [2714552 2025-06-05] (McAfee, LLC -> McAfee, LLC)
S3 mc-wps-update; C:\Program Files\McAfee\wps\1.30.150.1\mc-update.exe [3377984 2025-06-05] (McAfee, LLC -> McAfee, LLC)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [945264 2025-05-28] (McAfee, LLC -> McAfee, LLC)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2025-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\Display.NvContainer\NVDisplay.Container.exe [1275016 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2025-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2025-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 csaudio; C:\WINDOWS\System32\DriverStore\FileRepository\csaudio.inf_amd64_cb776c844df61367\csaudio.sys [376728 2023-10-06] (Cirrus Logic Inc -> Windows ® Win 7 DDK provider)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2025-02-09] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 HpReadHWData; C:\WINDOWS\system32\drivers\HpReadHWData.sys [58952 2025-03-05] (HP Inc. -> Windows ® Win 7 DDK provider)
R3 HpSpsNotification; C:\WINDOWS\System32\DriverStore\FileRepository\hpspsnotification.inf_amd64_15be15983f897eb1\HpSpsNotification.sys [57232 2022-11-22] (HP Inc. -> HP Development Company, L.P.)
R3 iaLPSS2_GPIO2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_gpio2_adl.inf_amd64_f138ad86bb3bd676\iaLPSS2_GPIO2_ADL.sys [141400 2024-02-20] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_I2C_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_i2c_adl.inf_amd64_f860ba3068379bd3\iaLPSS2_I2C_ADL.sys [211544 2024-01-01] (Intel Corporation -> Intel Corporation)
R3 iaLPSS2_UART2_ADL; C:\WINDOWS\System32\DriverStore\FileRepository\ialpss2_uart2_adl.inf_amd64_f164184a7c0fc2ae\iaLPSS2_UART2_ADL.sys [319472 2024-01-01] (Intel Corporation -> Intel Corporation)
R3 IntelGNA; C:\WINDOWS\System32\DriverStore\FileRepository\gna.inf_amd64_6f93b7542fd3ead9\gna.sys [88656 2023-08-28] (Intel Corporation -> Intel Corporation)
R3 ipf_acpi; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_acpi.inf_amd64_21b95771f6ee4839\ipf_acpi.sys [88160 2023-12-08] (Intel Corporation -> Intel Corporation)
R3 ipf_cpu; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_cpu.sys [85600 2023-12-08] (Intel Corporation -> Intel Corporation)
R3 ipf_lf; C:\WINDOWS\System32\DriverStore\FileRepository\ipf_cpu.inf_amd64_7b0f1310c58d1db9\ipf_lf.sys [484960 2023-12-08] (Intel Corporation -> Intel Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [140728 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
S0 mfeelam; C:\WINDOWS\System32\DRIVERS\mfeelam.sys [19536 2025-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R0 mfesec; C:\WINDOWS\System32\DRIVERS\mfesec.sys [76568 2025-06-05] (McAfee, LLC -> McAfee, LLC)
R3 NvModuleTracker; C:\WINDOWS\System32\DriverStore\FileRepository\nvmoduletracker.inf_amd64_0c1cc60a4b422185\NvModuleTracker.sys [45656 2023-06-21] (Nvidia Corporation -> NVIDIA Corporation)
R3 nvpcf; C:\WINDOWS\System32\drivers\nvpcf.sys [246504 2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
S3 PlutonHeci; C:\WINDOWS\System32\DriverStore\FileRepository\pluton-heci.inf_amd64_f74945e2fcb1d3d7\pluton-heci.sys [75168 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 polarbear-split-tunneling; C:\Program Files\McAfee\WPS\1.30.150.1\vpn\Drivers\x64\SplitTunnelingDriver.sys [29176 2025-06-05] (Microsoft Windows Hardware Compatibility Publisher -> )
R1 rtf64; C:\WINDOWS\system32\DRIVERS\rtf64x64.sys [67496 2022-07-29] (Realtek Semiconductor Corp. -> Realtek)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [51192 2024-11-26] (OpenVPN Inc. -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-03-28] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2025-05-29] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2025-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2025-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2025-02-11] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-06-14 17:58 - 2025-06-14 17:59 - 000046642 _____ C:\Users\ebber\OneDrive\Desktop\FRST.txt
2025-06-14 17:58 - 2025-06-14 17:59 - 000000000 ____D C:\FRST
2025-06-14 17:56 - 2025-06-14 17:56 - 002406912 _____ (Farbar) C:\Users\ebber\OneDrive\Desktop\FRST64.exe
2025-06-11 13:37 - 2025-06-11 13:37 - 000011216 _____ C:\Users\ebber\AppData\LocalLow\ccbecb1b7187d410eed62fbaf3d3604906b456a9fbf866b988b9354e7636b8cd
2025-06-11 13:37 - 2025-06-11 13:37 - 000000026 _____ C:\Users\ebber\AppData\LocalLow\cb966a040e4f47ee4eb860912631db29d96f8690dcbb1911c18735388d584fec
2025-06-11 00:52 - 2025-06-11 00:52 - 000869086 _____ C:\Users\ebber\OneDrive\Desktop\ewx-20151031.pdf
2025-06-09 19:43 - 2025-06-09 19:43 - 001700268 _____ C:\Users\ebber\OneDrive\Desktop\Decoding-Hieroglyphics.pdf
2025-06-02 22:25 - 2025-06-02 22:25 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-05-28 23:17 - 2025-05-28 23:17 - 000086640 _____ C:\Users\ebber\OneDrive\Desktop\SecondSemnehSesostrisIII Has LOTS hieroglyphics.pdf
2025-05-28 23:05 - 2025-05-28 23:05 - 000154242 _____ C:\Users\ebber\OneDrive\Desktop\urkIV-009 Inscription of Ahmose Pen Nekhbet.pdf
2025-05-28 23:02 - 2025-05-28 23:02 - 000037227 _____ C:\Users\ebber\OneDrive\Desktop\urkIV-036 (1) Amenmose stone naos.pdf
2025-05-28 23:02 - 2025-05-28 23:02 - 000035917 _____ C:\Users\ebber\OneDrive\Desktop\urkIV-022 Ineni Third Inscription.pdf
2025-05-28 23:01 - 2025-05-28 23:01 - 000037227 _____ C:\Users\ebber\OneDrive\Desktop\urkIV-036.pdf
2025-05-28 23:01 - 2025-05-28 23:01 - 000016769 _____ C:\Users\ebber\OneDrive\Desktop\AmenhotepIVinscription (1).pdf
2025-05-28 21:16 - 2025-06-13 22:28 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-28 21:04 - 2025-05-28 21:04 - 000016769 _____ C:\Users\ebber\OneDrive\Desktop\AmenhotepIVinscription.pdf
2025-05-28 20:57 - 2025-05-28 20:57 - 000033224 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-05-28 20:57 - 2025-05-28 20:57 - 000033224 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-05-28 20:57 - 2025-05-28 20:57 - 000001555 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2025-05-21 01:59 - 2025-05-21 01:59 - 000002264 _____ C:\Users\ebber\AppData\LocalLow\0eb01894d97a597c8e67b2447e2e058ef74fa337d1ce4a941affc5db70623964
2025-05-21 01:10 - 2025-05-21 01:59 - 000000298 _____ C:\Users\ebber\AppData\LocalLow\50a52d9cff10aef8e5ec5b99fdfb9c61fa654f8c00f083140a063ccd3f5e3149
2025-05-21 01:10 - 2025-05-21 01:57 - 000267510 _____ C:\Users\ebber\AppData\LocalLow\2bf8876ac4e9a2fae37e5447a2c80d64ef5c8f0888a4690dc3a1dcf04dfe8567
2025-05-21 01:10 - 2025-05-21 01:57 - 000075717 _____ C:\Users\ebber\AppData\LocalLow\54edb900bbaf9a6250d3b15024989d4230f951988c7671c6385c9b7169da48c5
2025-05-21 01:10 - 2025-05-21 01:11 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\039c1df6b221e3b5c0c897176f8f2f4ebf3ba3dfd893e11214f79dba2e59a95b
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2025-06-14 17:58 - 2024-04-01 02:24 - 000000000 ____D C:\WINDOWS\INF
2025-06-14 17:52 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-14 17:50 - 2025-02-10 17:43 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-14 17:50 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-06-14 17:50 - 2024-04-01 02:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-14 17:22 - 2024-06-14 04:17 - 001631608 _____ C:\Users\ebber\AppData\LocalLow\5fc18818885154e2f8f5ba65eec1eefad757bab62ecbde0aab33b042f4d9d547
2025-06-14 17:22 - 2024-06-14 04:17 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\9561ed9a0b78144747fa26e4c4fd2a49defb5e38fac37da7863fcf98aeb7cb48
2025-06-14 17:22 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-14 17:12 - 2023-10-27 11:17 - 000000000 ____D C:\ProgramData\NVIDIA
2025-06-14 17:10 - 2025-04-13 14:12 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\4af974a5b3cbccf9299e0cf1a4759e9648b7915a15ad536112578cebabd900bc
2025-06-14 17:10 - 2024-06-13 18:48 - 000000000 ____D C:\Users\ebber\AppData\Local\D3DSCache
2025-06-14 17:09 - 2024-06-14 04:16 - 000000000 ____D C:\Users\ebber\AppData\Local\OGH
2025-06-14 17:09 - 2024-06-14 00:15 - 000016811 _____ C:\Users\ebber\AppData\LocalLow\ef54eddb2ded8674d924a92863f229125f4b7962e4f7fe0c46c7682970b66a1d
2025-06-14 17:08 - 2025-04-13 14:12 - 000233824 _____ C:\Users\ebber\AppData\LocalLow\fed02538cf65e1ba11b1d2090b3d63048ca4335e270fb637b60c7640091dd69e
2025-06-14 17:08 - 2024-04-01 02:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-14 17:07 - 2025-04-17 22:18 - 000000000 ___RD C:\Users\ebber\OneDrive\Desktop\screenshots Apr17 2025
2025-06-14 17:07 - 2024-06-14 04:15 - 000093452 _____ C:\Users\ebber\AppData\LocalLow\d9ec534cb2b823c433950a0b29f3bf43af91d7e4baf3bdf47287f351b9b522df
2025-06-14 17:07 - 2024-06-13 21:51 - 000000000 ____D C:\Users\ebber\OneDrive\Desktop\ScreenHunter
2025-06-14 17:07 - 2024-06-13 18:49 - 000000000 ___RD C:\Users\ebber\OneDrive
2025-06-14 17:06 - 2025-04-08 22:27 - 000011216 _____ C:\Users\ebber\AppData\LocalLow\23d447464b4fc860c55866c9014cfe65cae751636972d516a4c65a579a72e8ae
2025-06-13 21:55 - 2024-06-13 21:54 - 000000000 ____D C:\Users\ebber\AppData\Local\CrashDumps
2025-06-13 20:33 - 2025-02-10 17:47 - 000842280 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-06-13 20:32 - 2024-06-14 15:31 - 000310465 _____ C:\Users\ebber\AppData\LocalLow\d7ab55b136db7af61d358961466174c44b88e0abcf74413efc14283cf253191f
2025-06-13 20:32 - 2024-06-14 15:31 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\0d8ce0cf35aa7c7d3119ff805ea411913e9063dbbfde48d90472b24757f677cb
2025-06-13 20:28 - 2025-02-10 17:47 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-13 20:28 - 2025-02-10 17:46 - 000003358 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-06-13 20:28 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-06-13 20:28 - 2022-11-02 23:32 - 000012288 ___SH C:\DumpStack.log.tmp
2025-06-13 20:27 - 2024-04-01 02:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-06-13 20:03 - 2025-03-05 18:17 - 000004482 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitorCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 20:03 - 2025-03-05 18:17 - 000004078 _____ C:\WINDOWS\system32\Tasks\OmenInstallMonitor-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 20:02 - 2025-03-05 18:17 - 000004422 _____ C:\WINDOWS\system32\Tasks\OmenOverlayCustomEvent-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 20:02 - 2025-03-05 18:17 - 000004020 _____ C:\WINDOWS\system32\Tasks\OmenOverlay-sid-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 20:01 - 2024-06-14 04:15 - 000035813 _____ C:\Users\ebber\AppData\LocalLow\1dc6c00a8ccb1ba456966b5f470493e9b53380f303883ce5012e6c64eb5a9a36
2025-06-13 17:42 - 2025-03-14 22:55 - 000002386 _____ C:\Users\ebber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-06-13 17:42 - 2025-02-10 17:47 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 17:42 - 2025-02-10 17:47 - 000003570 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 17:42 - 2025-02-10 17:47 - 000003370 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3824051874-4122554679-839923353-1001
2025-06-13 13:39 - 2023-10-27 11:17 - 000000000 ____D C:\ProgramData\Package Cache
2025-06-12 19:39 - 2024-06-13 19:01 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-12 16:07 - 2024-06-16 04:54 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\10a4dca5d4e4c061e5be589b05c7453a289bc5897d5dfde751f9ade306a1ddcc
2025-06-12 13:29 - 2024-06-13 18:39 - 000000000 ____D C:\Users\ebber\AppData\Local\Packages
2025-06-12 13:29 - 2022-11-02 23:35 - 000000000 ____D C:\ProgramData\Packages
2025-06-12 05:32 - 2025-02-10 17:43 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-06-12 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-06-11 13:37 - 2024-10-28 16:47 - 000002371 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brave.lnk
2025-06-11 05:32 - 2025-02-10 17:43 - 000493432 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-06-11 05:31 - 2025-02-09 15:03 - 000000000 ____D C:\Users\ebber
2025-06-11 05:31 - 2024-04-01 03:08 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-06-11 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-06-11 05:31 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-06-11 02:44 - 2025-02-10 17:47 - 003383808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-06-10 14:25 - 2024-06-13 22:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-06-10 14:20 - 2024-06-13 22:36 - 216824056 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-06-09 20:59 - 2024-06-14 04:54 - 000000130 _____ C:\Users\ebber\AppData\LocalLow\aae5869fa0bec4d8d27610345766f7ef02e2889cb0620366db786ae3c9e60f86
2025-06-09 20:47 - 2024-06-14 04:54 - 000032382 _____ C:\Users\ebber\AppData\LocalLow\96b4e09f9d106d02c2df9d25efab0623acb10b2aa352982ff915d2fb958abe41
2025-06-09 18:47 - 2023-07-07 05:29 - 000000000 ____D C:\Program Files\Microsoft Office
2025-06-08 07:53 - 2022-11-02 23:32 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-05 06:29 - 2024-04-01 02:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-06-05 06:29 - 2023-10-27 11:27 - 000076568 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfesec.sys
2025-06-05 06:29 - 2023-10-27 11:27 - 000019536 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeelam.sys
2025-05-29 23:19 - 2024-06-28 17:10 - 000000000 ____D C:\Users\ebber\OneDrive\Desktop\keb
2025-05-29 19:17 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ___RD C:\Program Files\Windows Defender
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\UUS
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\Com
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-05-29 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\BrowserCore
2025-05-21 05:32 - 2025-02-09 14:59 - 000000000 ____D C:\WINDOWS\InboxApps
2025-05-21 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-05-21 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-05-21 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-05-21 05:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-05-21 02:14 - 2025-02-10 17:47 - 000003844 _____ C:\WINDOWS\system32\Tasks\HPOneAgentRepairTask
2025-05-21 01:56 - 2025-02-10 17:47 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2025-05-21 01:48 - 2025-04-25 00:40 - 000000000 ____D C:\Users\ebber\AppData\Roaming\Code
2025-05-19 03:35 - 2025-02-10 17:47 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-19 03:35 - 2025-02-10 17:47 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
 
==================== Files in the root of some directories ========
 
2025-04-30 00:55 - 2025-04-30 00:55 - 000067389 _____ () C:\Users\ebber\AppData\Local\recently-used.xbel
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
==================== End of FRST.txt ========================
 
 
 
 
 
 
This is the Addition.txt log:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by ebber (14-06-2025 17:59:44)
Running from C:\Users\ebber\OneDrive\Desktop
Microsoft Windows 11 Home Version 24H2 26100.4351 (X64) (2025-02-10 22:48:11)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
(If an entry is included in the fixlist, it will be removed.)
 
Administrator (S-1-5-21-3824051874-4122554679-839923353-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3824051874-4122554679-839923353-503 - Limited - Disabled)
ebber (S-1-5-21-3824051874-4122554679-839923353-1001 - Administrator - Enabled) => C:\Users\ebber
Guest (S-1-5-21-3824051874-4122554679-839923353-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3824051874-4122554679-839923353-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Brave (HKLM-x32\...\BraveSoftware Brave-Browser) (Version: 137.1.79.123 - Brave Software Inc)
GIMP 2.10.38-1 (HKLM\...\GIMP-2_is1) (Version: 2.10.38 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 137.0.7151.104 - Google LLC)
Greenshot 1.2.10.6 (HKLM\...\Greenshot_is1) (Version: 1.2.10.6 - Greenshot)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Display Control Service (HKLM\...\{08EE20F5-7351-4CFD-9447-F0CD26C63974}) (Version: 4.9.25.0 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP One Agent (HKLM\...\{211CE8D5-1B28-4C83-AC2E-F057818A0356}) (Version: 1.1.807.4021 - HP Inc.)
HP One Agent (HKLM\...\{DBDA024D-1557-4B59-BB57-F8724C1B1752}) (Version: 1.1.807.4021 - HP Inc.) Hidden
McAfee (HKLM\...\McAfee.WPS) (Version: 1.30.150.1 - McAfee, LLC)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.18827.20140 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.83 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\OneDriveSetup.exe) (Version: 25.095.0518.0002 - Microsoft Corporation)
Microsoft OneNote - en-us (HKLM\...\OneNoteFreeRetail - en-us) (Version: 16.0.18827.20140 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.22.27821 (HKLM-x32\...\{3BDE80F7-7EC9-448E-8160-4ADA0CDA8879}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.22.27821 (HKLM-x32\...\{1E6FC929-567E-4D22-9206-C5B83F0A21B9}) (Version: 14.22.27821 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.100.0 - Microsoft Corporation)
NVIDIA FrameView SDK 1.3.8513.32290073 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.3.8513.32290073 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.27.0.120 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.27.0.120 - NVIDIA Corporation)
NVIDIA Graphics Driver 561.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 561.19 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.21.0713 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.21.0713 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 30.1.0 - OBS Project)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20140 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{BBC2626A-CCCB-4D0F-B15C-24C1810657EB}) (Version: 10.3.1.387 - PDF-XChange Co Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{eee0c750-4cc3-4bc2-b74a-6e6352aa6e26}) (Version: 10.3.1.387 - PDF-XChange Co Ltd.)
ScreenHunter 7 Free (HKLM-x32\...\ScreenHunter 7 Free_is1) (Version: 7.0.485 - Wisdom Software Inc.)
Telegram Desktop (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.3.1 - Telegram FZ-LLC)
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.1028 - McAfee, LLC)
 
Chrome apps:
============
Hero Wars (HKU\S-1-5-21-3824051874-4122554679-839923353-1001\...\9d09f2680c51e0f26bcc740cd8c5a3ff) (Version: 1.0 - Google\Chrome)
 
Packages:
=========
@{MicrosoftWindows.54792954.Filons_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.54792954.Filons/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.54792954.Filons_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.54792954.Filons/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3624.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-29] ()
@{MicrosoftWindows.56978801.Voiess_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.56978801.Voiess/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.56978801.Voiess_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.56978801.Voiess/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.57058570.Speion_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57058570.Speion/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.57058570.Speion_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57058570.Speion/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.57074914.Livtop_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57074914.Livtop/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.57074914.Livtop_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.57074914.Livtop/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4061.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4202.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
@{MicrosoftWindows.Client.CoreAI_1000.26100.4343.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.Client.CoreAI/AIXHost/ClickToDo/AppDisplayName} -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-08] (INTEL CORP) [Startup Task]
Aquile Reader -> C:\Program Files\WindowsApps\21676OptimiliaStudios.AquileReader_1.1.48.0_x64__k42naep6bwmrc [2025-05-10] (Optimilia Studios)
Bang & Olufsen Audio Control -> C:\Program Files\WindowsApps\AD2F1837.BangOlufsenAudioControl_1.47.308.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.)
Bing Wallpaper -> C:\Program Files\WindowsApps\Microsoft.BingWallpaper_1.1.414.0_x86__8wekyb3d8bbwe [2025-06-14] (Microsoft Corporation) [Startup Task]
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.33.0_x64__xbfy0k16fey96 [2025-06-07] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2025-01-18] (HP Inc.)
HP Command Center -> C:\Program Files\WindowsApps\AD2F1837.HPThermalControl_1.11.60.0_x64__v10z8vjag6ke6 [2024-06-14] (HP Inc.)
HP Display Control -> C:\Program Files\WindowsApps\PortraitDisplays.HPDisplayControl_4.9.25.0_x64__2dgmkzkw4h30c [2024-06-14] (HP Inc.) [Startup Task]
HP Enhanced Lighting -> C:\Program Files\WindowsApps\AD2F1837.HPEnhance_1.4.4.0_x64__v10z8vjag6ke6 [2024-08-14] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.2.0_x64__v10z8vjag6ke6 [2025-03-13] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-06-14] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_159.2.1145.0_x64__v10z8vjag6ke6 [2025-06-03] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.45.11.0_x64__v10z8vjag6ke6 [2025-06-03] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\AD2F1837.HPSystemEventUtility_3.1.28.0_x64__v10z8vjag6ke6 [2025-03-26] (HP Inc.)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-01] (Microsoft Corporation)
Ink.Handwriting.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.en-US.1.0_0.850.1840.0_x86__8wekyb3d8bbwe [2025-05-01] (Microsoft Corporation)
Ink.Handwriting.Main.en-US.1.0 -> C:\Program Files\WindowsApps\Microsoft.Ink.Handwriting.Main.en-US.1.0.1_0.850.1840.0_x64__8wekyb3d8bbwe [2025-05-03] (Microsoft Corporation)
Journal -> C:\Program Files\WindowsApps\Microsoft.MicrosoftJournal_1.23306.1292.0_x64__8wekyb3d8bbwe [2025-01-18] (Microsoft Corporation)
McAfee -> C:\Program Files\McAfee\WPS\1.30.150.1 [2025-06-05] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2504.16004.0_x64__8wekyb3d8bbwe [2025-04-21] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-16] (Microsoft Corporation)
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-05] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_45.52519.3041.0_x64__v10z8vjag6ke6 [2025-05-20] (HP Inc.) [Startup Task]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.968.0_x64__56jybvy8sckqj [2025-06-12] (NVIDIA Corp.)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16 [2025-06-09] ()
OMEN Gaming Hub -> C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6 [2025-06-13] (HP Inc.) [Startup Task]
Screenshot Capturing Tool -> C:\Program Files\WindowsApps\34317GoodJobApps.ScreenshotCapturingTool_1.0.10.0_x64__rxkvjcfxv2hyw [2025-01-18] (Good Job Apps)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0 [2025-06-05] (Spotify AB) [Startup Task]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2523.1.0_x64__cv1g1gvanyjgm [2025-06-12] (WhatsApp Inc.) [Startup Task]
WinAppRuntime.Main.1.4 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.4_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corp.)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-22] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.498.2246.0_x64__8wekyb3d8bbwe [2025-06-03] (Microsoft Corp.)
Windows App Runtime DDLM 4000.1082.2259.0-x6 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x6_4000.1082.2259.0_x64__8wekyb3d8bbwe [2024-06-14] (Microsoft Corporation)
Windows App Runtime DDLM 4000.1082.2259.0-x8 -> C:\Program Files\WindowsApps\Microsoft.WinAppRuntime.DDLM.4000.1082.2259.0-x8_4000.1082.2259.0_x86__8wekyb3d8bbwe [2024-06-14] (Microsoft Corporation)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.54792954.Filons_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.56978801.Voiess_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57058570.Speion_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.57074914.Livtop_cw5n1h2txyewy [2025-06-12] (Microsoft Windows)
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3824051874-4122554679-839923353-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.30.150.1\mc-ctxmnu.dll [2025-06-05] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2024-06-17] (TRACKER SOFTWARE PRODUCTS (CANADA) LIMITED -> PDF-XChange Co Ltd.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_5c197d2d97068bef\nvshext.dll [2024-12-12] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\WPS\1.30.150.1\mc-ctxmnu.dll [2025-06-05] (McAfee, LLC -> McAfee, LLC)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\ebber\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_phphaedkpbogpiocfjddpladjkgbbflg\Hero Wars.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=phphaedkpbogpiocfjddpladjkgbbflg
ShortcutWithArgument: C:\Users\ebber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Hero Wars.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=phphaedkpbogpiocfjddpladjkgbbflg
 
==================== Loaded Modules (Whitelisted) =============
 
2024-06-13 21:50 - 2016-04-26 15:10 - 000116908 _____ () [File not signed] C:\Program Files (x86)\ScreenHunter 7 Free\libgcc_s_dw2-1.dll
2025-05-29 19:34 - 2025-05-29 19:34 - 000869376 _____ (.NET Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.T417b639d#\f5c911ad45327053735435f3fe03b6b0\Microsoft.Toolkit.Uwp.Notifications.ni.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000440320 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\2d70a2d044f21be30baf78121199320f\LauncherSDK.ni.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000038400 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\4f7984a4c26efbf55f686da8b16aa462\Logging.ni.dll
2025-05-21 18:34 - 2025-05-21 18:34 - 000153600 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\d28337c50ce6e833c97e1b1d1306d515\RpcClient.ni.dll
2025-05-21 18:33 - 2025-05-21 18:33 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\d0bc9039722cdf7f534582c5140e55a8\Newtonsoft.Json.ni.dll
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) =============
 
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-04-22] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-04-22] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-06-03] (Microsoft Corporation -> Microsoft Corporation)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2022-05-07 00:24 - 2025-06-11 05:31 - 000000822 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3824051874-4122554679-839923353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ebber\AppData\Local\Packages\Microsoft.BingWallpaper_8wekyb3d8bbwe\LocalState\images\Bing\20250614_OBGA.AdobeStock_89583408_bing.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
Network Binding:
=============
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel® Wi-Fi 6E AX211 160MHz -> Netwtw14.sys
McAfee VPN: TAP-Windows Adapter V9 -> tap0901.sys
 
nt_rtf64: Realtek LightWeight Filter (NDIS6.40)
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
MSCONFIG\Services: GoogleUpdaterInternalService132.0.6833.0 => 2
MSCONFIG\Services: GoogleUpdaterService132.0.6833.0 => 2
MSCONFIG\Services: SECOMNService => 2
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{79D12F1E-AB0D-4ED9-B400-D5F9E419DA6F}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1905.3048.7590_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E30AD8E5-B2BD-4D28-9E5B-B3E9CE8EE823}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24193.1905.3048.7590_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{21B29240-DC97-487F-AA31-DF85551CF247}] => (Allow) C:\Program Files\BlueStacks_nxt\BlueStacksAppplayerWeb.exe => No File
FirewallRules: [{B9B2ECC4-3058-4421-8CC8-3BF12A377680}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{81B65A78-FEEB-4078-BE00-E9104A4F9F75}] => (Allow) C:\Program Files (x86)\BlueStacks X\Cloud Game.exe => No File
FirewallRules: [{B211C5EB-F8CF-4BB6-B3C8-3FE37AB17F0F}] => (Allow) C:\Program Files (x86)\BlueStacks X\BlueStacksWeb.exe => No File
FirewallRules: [{880D96A6-4961-4135-8DDD-7D7B3EDD7781}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A7D6E18E-66FC-42FA-9663-DC54901F2018}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{315935E2-D259-4389-80AF-B19BAA5BF788}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{264AF2B8-9A2F-4D46-9890-1A8F3F072E41}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BC322C9-08C6-487F-8304-6B7E30790693}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{D01D4130-5716-4A6D-89BE-7E0FAB43BF12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{5EE698F2-1721-4354-879B-88347A23C31D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D4DD0C43-7B1D-4AFE-9D58-299F6255570E}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{DD158CD4-DE2D-40C6-8BD6-F79F7F108E71}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F39D5E5B-1849-43A1-AD73-C02981FE07E3}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{32709039-B936-4E35-8A00-302825F0E234}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6166CF79-E043-4C0F-A608-CE1E564AED46}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{16203F85-542B-45B6-94E0-4CF35B1BF5FF}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{382D0E1E-039C-40E2-A1A0-C38C18680951}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{A982A04E-B69D-4E2F-8FB5-DAF975DCC68F}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsBackupClient.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{644477B2-446D-4D1B-9072-C3105FE5C0C2}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{617A8DCF-D30B-493A-A0F4-5EB144AB3A86}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3F19F36D-4266-4D1C-BD26-4D95165F7E82}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B9D6910C-316D-4E15-9802-3CB6B00A016C}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7FFCA3AD-82B1-41F3-9454-627F7C53A8DD}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{E2B93FFA-7CA8-40FE-9341-3C5A1305F4F0}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{D891B518-94AF-4CDB-A58E-6AB0621D178F}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6A02D1E1-6CC0-4601-8135-D69A5E453010}] => (Allow) C:\WINDOWS\SystemApps\MicrosoftWindows.Client.OOBE_cw5n1h2txyewy\OobeHostApp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{74ADC48E-8BE4-4622-A0F0-6EA87EBC7F83}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F5ECE607-91D9-414E-A195-7DCD5409A790}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FCCBA489-B55D-4D39-BD2A-FA86438795E3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{94866F9E-94FA-4F22-805C-2E5B2F10E0E9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{593187CF-43CC-43F1-94AF-EEB89A00D2B0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{708D5F46-345E-4EB1-BFF4-E02AA13CB386}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8FD3797C-2090-473D-B8BE-99864FA50056}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F7DDE93-4C78-4437-A868-62D9D9A57891}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D57CC47D-2ED6-4E88-AF7F-E1354BA57278}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D2BA644D-3883-4908-A80B-DA6DCB756EF2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.265.255.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{87827C8A-06AC-4222-8B7B-CA95E6A41B69}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{934196BC-1EC9-4270-B61B-8FA9B8DD1500}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BE5DB0C-8330-4037-9967-8EF765D463B5}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{22BE6D72-553A-40A4-B5E6-4836429C0BC2}] => (Allow) C:\Program Files\BraveSoftware\Brave-Browser\Application\brave.exe (Brave Software, Inc. -> Brave Software, Inc.)
FirewallRules: [{DAF3D5BA-17B2-40F8-93E0-58741534FF3F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{DE52973C-3E30-485B-AFB4-B2D35416C847}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{C4BEA817-BCFC-445A-944A-AF094BCE9413}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9E258F23-E370-4E33-8DAC-F9C05ADC6B3D}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{447DAC74-B1BD-433E-BF6C-7C5961A5A25F}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{1120BCAC-0B8F-40E6-B48B-EFE70E3D2CAE}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{61763F31-27CA-45E8-8CFC-F42120B01BEF}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{9E3C2B9F-0EAB-4492-B36E-76403E77F4B2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{761482B2-BB75-4446-9ECE-673C75619AE2}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{CE7CFC78-34DD-4DD2-A0D8-DF4232A5AC10}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{215DB7E8-9A8D-46CE-9806-985CBF1BECD8}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{B251A108-ACB2-49F1-B0E6-125A2D121289}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{34EC9499-E65F-443C-AD83-A1564C2F914C}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{F32AB521-7A7F-4F37-9802-B47071FC81D5}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{C97B45F0-5B87-4211-8C88-20D523F9BAFA}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\HP.Omen.OmenCommandCenter.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{09EC14EC-2810-4D18-BDFF-6EF9636FC64A}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{ECFB366F-72E5-4DD1-8689-86159DD84560}] => (Allow) C:\Program Files\WindowsApps\AD2F1837.OMENCommandCenter_1101.2505.11.0_x64__v10z8vjag6ke6\OmenCommandCenterApp\OmenCommandCenterBackground.exe (ED346674-0FA1-4272-85CE-3187C9C86E26 -> HP Inc.)
FirewallRules: [{5E701483-05FB-456A-B2E2-CF872E162A00}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.83\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled (Total:952.72 GB) (Free:807.35 GB) (85%)
 
==================== Faulty Device Manager Devices ============
 
==================== Event log errors: ========================
 
Application errors:
==================
Error: (06/14/2025 05:50:39 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/14/2025 05:41:41 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/14/2025 05:11:47 PM) (Source: Windows App Runtime) (EventID: 22) (User: )
Description: Event-ID 22
 
Error: (06/14/2025 05:06:45 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/14/2025 05:06:45 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/14/2025 04:41:11 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/14/2025 04:41:10 AM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
Error: (06/13/2025 10:24:42 PM) (Source: IPF) (EventID: 17) (User: NT AUTHORITY)
Description: Event-ID 17
 
 
System errors:
=============
Error: (06/14/2025 05:06:52 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft...?linkid=2169931
 
Error: (06/14/2025 05:06:45 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {a2c41e42-357e-4070-90c8-40f9b98a1f08}, had event 74
 
Error: (06/14/2025 04:41:10 AM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: )
Description: Miniport Microsoft Wi-Fi Direct Virtual Adapter #4, {a2c41e42-357e-4070-90c8-40f9b98a1f08}, had event 74
 
Error: (06/13/2025 08:33:22 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error -1878589247. For more information, please see https://go.microsoft...?linkid=2169931
 
Error: (06/13/2025 08:28:21 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 22) (User: NT AUTHORITY)
Description: The event logging service encountered an error while initializing publishing resources for channel Microsoft-Windows-USBVideo/Analytic. If channel type is Analytic or Debug, then this could mean there was an error initializing logging resources as well.
 
Error: (06/13/2025 08:27:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (06/13/2025 08:27:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
Error: (06/13/2025 08:27:43 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {A463FCB9-6B1C-4E0D-A80B-A2CA7999E25D} did not register with DCOM within the required timeout.
 
 
CodeIntegrity:
===============
Date: 2025-06-14 17:23:28
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.30.150.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements. 
 
 
==================== Memory info =========================== 
 
BIOS: Insyde F.20 03/26/2024
Motherboard: HP 8BE8
Processor: 13th Gen Intel® Core™ i7-1355U
Percentage of memory in use: 44%
Total physical RAM: 32479.05 MB
Available physical RAM: 18182.27 MB
Total Virtual: 77535.05 MB
Available Virtual: 62430.95 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:952.72 GB) (Free:807.35 GB) (Model: KBG50ZNV1T02 KIOXIA) (Protected) NTFS
 
\\?\Volume{2b82aef0-5333-4954-95b4-8b0066ca85ac}\ () (Fixed) (Total:0.87 GB) (Free:0.09 GB) NTFS
\\?\Volume{2ed64874-5aaf-4a5d-991d-6000d5d3bfdc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Size: 953.9 GB) (Disk ID: 8C197999)
 
Partition: GPT.
 
==================== End of Addition.txt =======================
 
 
 
 
 
 
 
 
 

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

22 user(s) are reading this topic

0 members, 22 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP