Recently, my computer is very slow and ads are appearing on the right side of the screen even if I don't open any browser. Please help. Below is the log.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-06-2025
Ran by dnguyen (administrator) on DNGUYEN-NB (Dell Inc. Latitude 5500) (08-06-2025 15:40:16)
Running from C:\Users\dnguyen\Desktop\FRST64.exe
Loaded Profiles: dnguyen
Platform: Microsoft Windows 11 Pro Version 24H2 26100.4061 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe ->) (Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud Helper.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe <20>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> ) C:\Program Files (x86)\TeamViewer\crashpad_handler.exe <2>
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe ->) (OpenJS Foundation -> Node.js) C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(C:\Program Files\Adobe\Adobe Creative Cloud Experience\libs\node.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\js\node_modules\adobe-cr\build\Release\Adobe Crash Processor.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\Adobe Desktop Common\HEX\Creative Cloud UI Helper.exe <4>
(C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.UserProcess.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\DCF\Dell.Update.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> ) C:\Program Files\Dell\DTP\DiagnosticsSubAgent\Dell.TechHub.Diagnostics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.CoreServices.Client.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\AnalyticsSubAgent\Dell.TechHub.Analytics.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\DataManagerSubAgent\Dell.TechHub.DataManager.SubAgent.exe
(C:\Program Files\Dell\TechHub\Dell.TechHub.exe ->) (Dell Technologies Inc. -> Dell, Inc.) C:\Program Files\Dell\DTP\InstrumentationSubAgent\Dell.TechHub.Instrumentation.SubAgent.exe
(C:\Users\dnguyen\AppData\Local\WebEx\WebexHost.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\dnguyen\AppData\Local\WebEx\WebEx64\Meetings\atmgr.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_cbb03399d84fb105\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_cbb03399d84fb105\igfxEM.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe <8>
(explorer.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(explorer.exe ->) (Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(explorer.exe ->) (Cisco WebEx LLC -> Cisco Webex LLC) C:\Users\dnguyen\AppData\Local\WebEx\WebexHost.exe
(explorer.exe ->) (FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenBroker64.exe
(explorer.exe ->) (Global Relay Communications Inc.) [File not signed] C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\Global Relay.exe <5>
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <15>
(explorer.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\ApntEx.exe
(services.exe ->) ("STMicroelectronics Srl" -> ) C:\Windows\System32\drivers\DellFFDPWmiService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Dell Inc. -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
(services.exe ->) (Dell Technologies Inc. -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(services.exe ->) (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(services.exe ->) (Dell Technologies Inc. -> Dell) C:\Program Files\Dell\TechHub\Dell.TechHub.exe
(services.exe ->) (Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(services.exe ->) (FileOpen Systems Inc. -> FileOpen Systems Inc.) C:\Program Files\FileOpen\Services\FileOpenManager64.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_cbb03399d84fb105\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_8a3f88e34f6b8385\jhi_service.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_8d952ce997b81e9f\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a86553666349ef35\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_a86553666349ef35\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_1ba1a3d98a7c36a2\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_b966ea70c5407e74\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\McCSPServiceHost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe <3>
(services.exe ->) (Smart Sound Technology -> Intel) C:\Windows\System32\cAVS\Intel® Audio Service\IntelAudioService.exe
(services.exe ->) (TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(services.exe ->) (WatchGuard Technologies, Inc. -> ) C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSysSvc64.exe
(services.exe ->) (Xerox Corporation -> Xerox Corporation) C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25042.38.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc\AdobeNotificationClient.exe
(svchost.exe ->) (Adobe Systems Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(svchost.exe ->) (Microsoft Windows -> ) C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\WindowsCopilotRuntimeActions.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\NgcIso.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Shift Technologies Inc. -> Shift) C:\Users\dnguyen\AppData\Local\Shift\chromium\shift.exe <9>
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_c607c18cb15933d8\RtkAudUService64.exe [1958816 2023-10-31] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo8de.inf_amd64_b4d0b189ff2aba03\WavesSvc64.exe [1774584 2021-02-19] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [FileOpenBroker] => C:\Program Files\FileOpen\Services\FileOpenBroker64.exe [1193736 2019-04-01] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [9240456 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Adobe CCXProcess] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [133128 2025-05-29] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX2] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNMNSST2.exe [271496 2017-11-02] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [1145256 2025-04-11] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\SYSTEM\...\Terminal Server: [fDenyTSConnections] = 0 <==== ATTENTION
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-05-29] (Google LLC -> Google LLC.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-05-29] (Google LLC -> Google LLC.)
HKU\S-1-5-21-2518690825-769682799-679259177-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-05-29] (Google LLC -> Google LLC.)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-05-29] (Google LLC -> Google LLC.)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [CCXProcess] => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2025-05-29] (Adobe Inc. -> Adobe Inc.)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [CiscoMeetingDaemon] => C:\Users\dnguyen\AppData\Local\WebEx\WebexHost.exe [7292504 2025-04-03] (Cisco WebEx LLC -> Cisco Webex LLC)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [Microsoft Edge Update] => C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\MicrosoftEdgeUpdateCore.exe [268856 2025-05-25] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [34143128 2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [ShiftAutoLaunch_92D828328D7A84690BAF6D02164CDE81] => C:\Users\dnguyen\AppData\Local\Shift\chromium\shift.exe [3036528 2025-01-07] (Shift Technologies Inc. -> Shift)
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\Run: [Global Relay] => C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\Global Relay.exe [176386048 2024-05-16] (Global Relay Communications Inc.) [File not signed]
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\109.0.3.0\GoogleDriveFS.exe [66710112 2025-05-29] (Google LLC -> Google LLC.)
HKLM\...\Windows x64\Print Processors\Canon TS6200 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDEO.DLL [482816 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [203936 2021-12-24] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\Canon BJ Language Monitor TS6200 series: C:\WINDOWS\system32\CNMLMEO.DLL [1303040 2018-07-17] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Xerox Virtualization Port: C:\WINDOWS\system32\x5lrsl.dll [129024 2019-01-25] (Microsoft Windows Hardware Compatibility Publisher -> Xerox Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5360E19F-B8B2-4F71-9FEB-029927282F37}] -> C:\Program Files\Capital IQ\Office Plug-in\ToggleAddinHelper.exe [2019-08-14] (The McGraw-Hill Companies) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\137.0.7151.69\Installer\chrmstp.exe [2025-06-06] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{26600250-2380-4d8f-911a-e6f278d922c7}] -> C:\Program Files (x86)\FactSet\fdswFixExcel.exe [2019-07-03] (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {040A8E59-B145-479C-9C14-40E23F20B0BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1580992 2025-03-21] (Adobe Inc. -> Adobe Inc.)
Task: {E3F4401E-635B-4D9A-9C33-9C5EAFADC97D} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [10752424 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {386B98E1-7E04-4863-B6BA-586DB4F76504} - System32\Tasks\Adobe-Genuine-Software-Integrity-Scheduler-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [11065256 2025-01-14] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {E6FF34A3-E55F-4B3B-A7C8-97B0F6730E63} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\FrameworkAgents\SupportAssistInstaller.exe [1256104 2025-04-04] (Dell Technologies Inc. -> Dell Inc.) -> C:\Program Files\Dell\SupportAssistAgent\bin\AutoUpdate
Task: {098ABF37-F13D-4337-B8A4-9FB9C165AE59} - System32\Tasks\DropboxSystem\DropboxUpdater\DropboxUpdaterTaskSystem123.0.6299.109{0EA174DA-96EF-4C4D-984B-76B3A1958837} => C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
Task: {56FED4B2-3E34-4A9B-ADE3-0EF9579406CD} - System32\Tasks\G2MUpdateTask-S-1-5-21-3155752975-2384182229-592542832-1120 => C:\Users\dnguyen\AppData\Local\GoToMeeting\19992\g2mupdate.exe [34872 2024-07-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {CA189B95-F92C-4A02-B39F-C63E130BEB46} - System32\Tasks\G2MUploadTask-S-1-5-21-3155752975-2384182229-592542832-1120 => C:\Users\dnguyen\AppData\Local\GoToMeeting\19992\g2mupload.exe [34872 2024-07-23] (LogMeIn, Inc. -> LogMeIn, Inc.)
Task: {692D0DB3-E541-447D-8D3A-EB6A5DB30705} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem138.0.7194.0{2D78E465-9066-4FAA-AF97-E7715336D0F9} => C:\Program Files (x86)\Google\GoogleUpdater\138.0.7194.0\updater.exe [7080032 2025-05-22] (Google LLC -> Google LLC)
Task: {7BB8F4B8-50B5-4309-8772-4B4A2C959100} - System32\Tasks\Launch Adobe CCXProcess => C:\Program Files\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe [194048 2025-05-29] (Adobe Inc. -> Adobe Inc.)
Task: {731CB1A6-CC12-4214-AC79-49C4BA22C988} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {AD2A6E35-C19B-4676-9D35-9AB44610116A} - System32\Tasks\Microsoft\Office\Office Background Push Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16\opushutil.exe [68312 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {4D15B9FD-65D3-40C6-BBA0-27A040B4F46C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28955376 2025-05-28] (Microsoft Corporation -> Microsoft Corporation)
Task: {B255C8E1-9030-470C-88DA-1E95B2046E89} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {CB98F21B-A870-47B2-BBD8-54662683D626} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {38AA1A23-C733-42BF-AB1D-1883CC864F04} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [225992 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {7EC0B444-C3F4-4A65-825E-7375DD25BE20} - System32\Tasks\Microsoft\Office\Office Startup Boost => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {9EDCD354-E87D-4D3A-A381-134B5E0BAE51} - System32\Tasks\Microsoft\Office\Office Startup Boost Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309960 2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BE32ECF-D4DF-4943-81B1-29B6AC9593B4} - System32\Tasks\Microsoft\Windows\Clip\ClipESU => %SystemRoot%\system32\clipesu.exe (No File)
Task: {9B9A4E2A-883C-438B-8D32-C405CB012DAC} - System32\Tasks\Microsoft\Windows\GroupPolicy\{3E0A038B-D834-4930-9981-E89C9BFF83AA} => C:\WINDOWS\system32\gpupdate.exe [57344 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
Task: {4DC7BEE1-EE6C-465C-AAFC-BDB98590B658} - System32\Tasks\Microsoft\Windows\GroupPolicy\{A7719E0F-10DB-4640-AD8C-490CC6AD5202} => C:\WINDOWS\system32\gpupdate.exe [57344 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => %SystemRoot%\System32\MbaeParserTask.exe (No File)
Task: {322946D9-1BE3-44CC-AFB2-D84DD57A3FCE} - System32\Tasks\Microsoft\Windows\PI\SecureBootEncodeUEFI => %WINDIR%\system32\SecureBootEncodeUEFI.exe (No File)
Task: {AACA006E-7E94-4333-ADBD-82EEBA1F8781} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\MusUx_LogonUpdateResults => %systemroot%\system32\MusNotification.exe LogonUpdateResults (No File)
Task: {6118E001-A372-490B-8C26-27696CDDE2BB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {B2D10C3F-714F-4DA2-B695-DB68982E07D0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {9ADC6CBD-E9D8-49CF-925E-6594B89B3FB0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {267B5BED-7AE6-4611-88ED-C520CFDC8BD3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D78157B5-2DB1-45EC-BE06-3C7DC5983346} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4D4B8F2D-A5FD-42BC-9866-69795BC721D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpCmdRun.exe [1753416 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {B366055D-A7F2-443A-9016-FAB22F5217B8} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3155752975-2384182229-592542832-1120Core => C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B5BFDFB9-DB64-4E80-9DB7-D26119075E70} - System32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3155752975-2384182229-592542832-1120UA => C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe [205744 2022-10-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F9E3524-629D-4281-9C62-AE4E2EBE4AA0} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [664784 2020-09-30] (Mozilla Corporation -> Mozilla Foundation)
Task: {E4476F52-E6F3-4E6B-9FC5-3103C7ED67B3} - System32\Tasks\OneDrive Startup Task-S-1-5-21-3155752975-2384182229-592542832-1120 => C:\Users\dnguyen\AppData\Local\Microsoft\OneDrive\25.091.0512.0001\OneDriveLauncher.exe [684880 2025-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {6C7B7E09-B8C0-4DA2-AA88-B95E7A188784} - System32\Tasks\ShiftLaunchTask => C:\Users\dnguyen\AppData\Local\Shift\chromium\shift.exe [3036528 2025-01-07] (Shift Technologies Inc. -> Shift)
Task: {F86419A8-42FB-482A-B13E-A05FC8B6FD1F} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - New or Changed => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [419928 2025-01-30] (Xerox Corporation -> Xerox Corporation)
Task: {176186A9-F379-4E8F-8172-243F724AE10E} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - Periodic Refresh => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [419928 2025-01-30] (Xerox Corporation -> Xerox Corporation)
Task: {F807B093-0C90-458C-B4F4-0E171F2DE290} - System32\Tasks\Xerox XeroxPrintExperience Printer Configuration - User Logon => c:\program files\xerox\xeroxprintexperience\xeroxprintexperience\XeroxPrinterConfiguration.exe [419928 2025-01-30] (Xerox Corporation -> Xerox Corporation)
Task: {28922743-72B5-4BF2-B80C-CA11071755AE} - System32\Tasks\Xerox\Xerox PowerENGAGE => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) -> C:\Program Files (x86)\Xerox PowerENGAGE\\/boot /LSRC=autolaunch
Task: {66DA9D4A-CA1F-4E78-8111-CB7067522F08} - System32\Tasks\Xerox\Xerox PowerENGAGE Update => C:\Program Files (x86)\Xerox PowerENGAGE\xeroxreg.exe [117984 2016-09-13] (Aviata Inc -> Aviata Inc) -> C:\Program Files (x86)\Xerox PowerENGAGE\\/updatecheck /LSRC=autolaunch
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3155752975-2384182229-592542832-1120.job => C:\Users\dnguyen\AppData\Local\GoToMeeting\19992\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3155752975-2384182229-592542832-1120.job => C:\Users\dnguyen\AppData\Local\GoToMeeting\19992\g2mupload.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{159f92c9-a38e-4c43-b711-ab85093fe8e6}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{159f92c9-a38e-4c43-b711-ab85093fe8e6}: [DhcpDomain] attlocal.net
Tcpip\..\Interfaces\{159f92c9-a38e-4c43-b711-ab85093fe8e6}\94E647562796D6028434025374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{159f92c9-a38e-4c43-b711-ab85093fe8e6}\94E647562796D6028434025374: [DhcpDomain] lan1
Tcpip\..\Interfaces\{772ed5ea-91c4-4d74-9571-26219a4d854e}: [DhcpNameServer] 192.168.10.11 192.168.10.7 192.168.10.254
Edge:
=======
Edge Profile: C:\Users\dnguyen\AppData\Local\Microsoft\Edge\User Data\Default [2025-06-06]
Edge Extension: (Google Docs Offline) - C:\Users\dnguyen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-03-26]
Edge Extension: (Edge relevant text changes) - C:\Users\dnguyen\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-07]
FireFox:
========
FF DefaultProfile: qw186etw.default
FF ProfilePath: C:\Users\dnguyen\AppData\Roaming\Mozilla\Firefox\Profiles\qw186etw.default [2020-10-09]
FF ProfilePath: C:\Users\dnguyen\AppData\Roaming\Mozilla\Firefox\Profiles\v14oxpbk.default-release [2021-09-17]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-07-31]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2025-04-11] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2025-04-11] (Adobe Inc. -> Adobe Systems)
FF Plugin HKU\S-1-5-21-3155752975-2384182229-592542832-1120: @ringcentral.com/RingCentralMeetingsPlugin -> C:\Users\dnguyen\AppData\Roaming\RingCentralMeetings\bin\nprcmsplugin.dll [2020-12-01] (RingCentral, Inc. -> RingCentral Video Communications, Inc. and RingCentral Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-07-01]
CHR Profile: C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1 [2025-06-08]
CHR Notifications: Profile 1 -> hxxps://aoschat.apple.com; hxxps://app.usemotion.com; hxxps://app.zoom.us; hxxps://calendar.google.com; hxxps://expense.zoho.com; hxxps://infograpia.com; hxxps://invernessderm.com; hxxps://mail.google.com; hxxps://meet.google.com; hxxps://member.angieslist.com; hxxps://myvpostpay.verizon.com; hxxps://postmates.com; hxxps://propertymetrics.com; hxxps://support.cloud.google.com; hxxps://voice.google.com; hxxps://www.360researchreports.com; hxxps://www.bizjournals.com; hxxps://www.bloomberg.com; hxxps://www.expensify.com; hxxps://www.fortunebusinessinsights.com; hxxps://www.idahostatesman.com; hxxps://www.mining-technology.com; hxxps://www.singaporeair.com; hxxps://www.spearmintlove.com; hxxps://www.vietnamairlines.com; hxxps://www.wallstreetoasis.com; hxxps://www.wvtm13.com
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://jfnbinkigiaagnpppbjiiinonlinkcef/first.html"
CHR Extension: (Adobe Acrobat: PDF edit, convert, sign tools) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2025-06-06]
CHR Extension: (Gyazo - Share new screenshots. Instantly.) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ffdaeeijbbijklfcpahbghahojgfgebo [2025-05-29]
CHR Extension: (iCloud Bookmarks) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkepacicchenbjecpbpbclokcabebhah [2024-03-07]
CHR Extension: (Google Docs Offline) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-05-29]
CHR Extension: (Ahrefs SEO Toolbar: On-Page and SERP Tools) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgmoccdbjhknikckedaaebbpdeebhiei [2025-05-30]
CHR Extension: (Simple Search Page) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jfnbinkigiaagnpppbjiiinonlinkcef [2019-09-05]
CHR Extension: (Cisco Webex Extension) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-08-29]
CHR Extension: (Zoom Chrome Extension) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kgjfgplpablkjnlkjmjdecgdpfankdle [2025-05-29]
CHR Extension: (Focus To-Do: Pomodoro Timer & To Do List) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ngceodoilcgpmkijopinlkmohnfifjfb [2024-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Extension: (Scribe: AI Documentation, SOPs & Screenshots) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\okfkdaglfjjjfefdcppliegebpoegaii [2025-06-07]
CHR Profile: C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-07-14]
CHR Notifications: Profile 2 -> hxxps://calendar.google.com
CHR Extension: (Slides) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-06-29]
CHR Extension: (Adobe Acrobat) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-06-29]
CHR Extension: (Sheets) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-06-29]
CHR Extension: (Google Docs Offline) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-29]
CHR Extension: (Application Launcher For Drive (by Google)) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2021-06-29]
CHR Extension: (Chrome Web Store Payments) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-06-29]
CHR Extension: (Chrome Media Router) - C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-29]
CHR Profile: C:\Users\dnguyen\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-01]
CHR HKU\S-1-5-21-3155752975-2384182229-592542832-1120\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKU\S-1-5-21-3155752975-2384182229-592542832-1120\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [174520 2025-03-21] (Adobe Inc. -> Adobe Inc.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [944040 2025-04-11] (Adobe Inc. -> Adobe Inc.)
R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [867216 2019-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13724376 2025-05-28] (Microsoft Corporation -> Microsoft Corporation)
R2 DbxSvc; C:\WINDOWS\System32\DbxSvc.exe [58984 2025-04-29] (Dropbox, Inc -> Dropbox, Inc.)
S3 dcpm-notify; C:\Program Files\Dell\CommandPowerManager\NotifyService.exe [313440 2019-01-09] (Dell Inc -> Dell Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [459456 2025-02-14] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [153792 2025-02-14] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [481984 2025-02-14] (Dell Technologies Inc. -> Dell Technologies Inc.)
R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [59616 2025-01-31] (Dell Inc. -> )
S3 Dell.CommandPowerManager.Service; C:\Windows\system32\dllhost.exe /Processid:{085A74E0-8705-4481-8B64-17ED44BB07D1} [50504 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [51648 2024-11-14] (Dell Technologies Inc. -> )
R2 DellFFDPWmiService; C:\WINDOWS\System32\drivers\DellFFDPWmiService.exe [32528 2020-02-17] ("STMicroelectronics Srl" -> )
R2 DellTechHub; C:\Program Files\Dell\TechHub\Dell.TechHub.exe [153288 2025-02-20] (Dell Technologies Inc. -> Dell)
S3 DropboxElevationService; C:\Program Files (x86)\Dropbox\Client\225.4.4896\DropboxElevationService.exe [1659280 2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterInternalService123.0.6299.109; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
S2 DropboxUpdaterService123.0.6299.109; C:\Program Files\Dropbox\DropboxUpdater\123.0.6299.109\updater.exe [5895032 2025-03-21] (Dropbox, Inc -> Dropbox, Inc.)
R2 FileOpenManager; C:\Program Files\FileOpen\Services\FileOpenManager64.exe [359408 2019-04-01] (FileOpen Systems Inc. -> FileOpen Systems Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\McCSPServiceHost.exe [2226608 2019-06-13] (McAfee, LLC. -> McAfee, LLC.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MpDefenderCoreService.exe [2050904 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [148648 2025-04-04] (Dell Technologies Inc. -> Dell Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [20995376 2025-05-22] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\NisSrv.exe [4525976 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [110056 2021-03-11] (WatchGuard Technologies, Inc. -> )
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25040.2-0\MsMpEng.exe [278304 2025-05-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XeroxPrintJobEventManagerService; C:\Program Files\Xerox\XeroxPrintExperience\CommonFiles\XeroxPrintJobEventManagerService.exe [527960 2025-01-30] (Xerox Corporation -> Xerox Corporation)
S3 XeroxProdRegManager; C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [293608 2016-09-13] (Aviata Inc -> Aviata, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [363920 2019-11-05] (Microsoft Windows Hardware Compatibility Publisher -> Alps Electric Co., Ltd.)
R3 DellInstrumentation; C:\WINDOWS\System32\drivers\DellInstrumentation.sys [35896 2025-02-13] (Microsoft Windows Hardware Compatibility Publisher -> Dell)
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_a9790eceb25abaff\e1d.sys [622160 2024-05-23] (Intel Corporation -> Intel Corporation)
R2 googledrivefs31931; C:\Program Files\Google\Drive File Stream\Drivers\31931\googledrivefs31931.sys [386256 2025-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [27136 2018-05-06] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-09] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [19984 2025-05-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-27] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606568 2025-05-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100736 2025-05-25] (Microsoft Windows -> Microsoft Corporation)
R3 WiMan; C:\WINDOWS\System32\DriverStore\FileRepository\wiman.inf_amd64_ed5a224638687261\WiMan\WiMan.sys [171960 2024-08-12] (Intel Corporation -> Intel Corporation)
R3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
R3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2025-03-28] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-08 15:40 - 2025-06-08 15:42 - 000044756 _____ C:\Users\dnguyen\Desktop\FRST.txt
2025-06-08 15:40 - 2025-06-08 15:40 - 000000000 ____D C:\Users\dnguyen\Desktop\FRST-OlderVersion
2025-06-08 15:39 - 2025-06-08 15:41 - 000000000 ____D C:\FRST
2025-06-08 15:38 - 2025-06-08 15:40 - 002406912 _____ (Farbar) C:\Users\dnguyen\Desktop\FRST64.exe
2025-06-08 09:56 - 2025-06-08 09:58 - 000091176 _____ C:\Users\dnguyen\Desktop\Addition.txt
2025-06-08 09:55 - 2025-06-08 09:55 - 002406912 _____ (Farbar) C:\Users\dnguyen\Downloads\FRST64 (1).exe
2025-06-07 23:07 - 2025-06-07 23:09 - 000089393 _____ C:\Users\dnguyen\Downloads\Addition.txt
2025-06-07 23:03 - 2025-06-07 23:07 - 000063698 _____ C:\Users\dnguyen\Downloads\FRST.txt
2025-06-07 14:03 - 2025-06-07 14:03 - 007824272 _____ (Roblox Corporation) C:\Users\dnguyen\Downloads\RobloxPlayerInstaller-HKJJRVFJ9H.exe
2025-06-06 09:02 - 2025-06-06 09:02 - 000154903 _____ C:\Users\dnguyen\Downloads\Jeylon Williams - Interim Health Services - Contract.pdf
2025-05-29 22:27 - 2025-05-29 22:27 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2025-05-29 18:31 - 2025-05-29 18:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2025-05-14 23:44 - 2025-05-14 23:44 - 000008267 _____ C:\Users\dnguyen\Downloads\Payroll_2025_05_14_232.csv
2025-05-13 23:35 - 2025-06-08 01:05 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-05-13 23:29 - 2025-05-13 23:29 - 000030998 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-05-13 23:29 - 2025-05-13 23:29 - 000030998 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-06-08 15:43 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-06-08 15:37 - 2025-03-27 21:15 - 000791330 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-06-08 15:37 - 2024-04-01 02:24 - 000000000 ____D C:\WINDOWS\INF
2025-06-08 15:35 - 2021-04-23 08:21 - 000000000 ____D C:\Users\dnguyen\AppData\Local\D3DSCache
2025-06-08 15:35 - 2019-09-23 09:58 - 000000000 ____D C:\Users\dnguyen\AppData\Roaming\Dropbox
2025-06-08 15:35 - 2019-09-23 09:58 - 000000000 ____D C:\Users\dnguyen\AppData\Local\Dropbox
2025-06-08 15:34 - 2024-04-24 21:50 - 000000000 ____D C:\Users\dnguyen\AppData\Roaming\Global Relay
2025-06-08 15:34 - 2024-04-01 02:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-06-08 15:34 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-06-08 15:34 - 2019-09-05 10:09 - 000000000 ____D C:\Users\dnguyen\AppData\Local\Packages
2025-06-08 15:34 - 2019-08-07 08:26 - 000000000 ____D C:\ProgramData\Packages
2025-06-08 15:34 - 2019-08-07 08:19 - 000000000 ____D C:\Program Files (x86)\Dell Digital Delivery Services
2025-06-08 15:33 - 2025-03-02 12:05 - 000000000 ___RD C:\Users\dnguyen\OneDrive - Blair Building
2025-06-08 15:33 - 2024-04-01 02:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-06-08 15:33 - 2019-10-23 15:00 - 000000000 ____D C:\Users\dnguyen\AppData\Local\WebEx
2025-06-08 15:33 - 2019-09-05 10:09 - 000000000 __SHD C:\Users\dnguyen\IntelGraphicsProfiles
2025-06-08 15:32 - 2025-03-27 21:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-06-08 15:32 - 2025-03-27 21:13 - 000001606 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-06-08 15:32 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-06-08 15:32 - 2024-04-01 02:21 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2025-06-08 15:32 - 2021-04-22 18:49 - 000012288 ___SH C:\DumpStack.log.tmp
2025-06-08 15:32 - 2019-09-06 10:52 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2025-06-08 15:32 - 2019-08-07 08:17 - 000000000 ____D C:\Intel
2025-06-08 14:32 - 2025-03-27 21:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-06-08 12:31 - 2019-10-01 08:27 - 000000000 ___HD C:\Users\Public\Documents\AdobeGCData
2025-06-08 07:01 - 2020-09-08 10:49 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-06-08 07:01 - 2020-09-08 10:49 - 000002278 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-06-07 22:36 - 2025-03-27 21:16 - 000003538 _____ C:\WINDOWS\system32\Tasks\Launch Adobe CCXProcess
2025-06-07 20:34 - 2019-09-05 14:35 - 000000000 ____D C:\Users\dnguyen\AppData\Roaming\Microsoft\Word
2025-06-07 15:05 - 2019-09-05 15:17 - 000000000 ____D C:\Users\dnguyen\AppData\Roaming\Microsoft\Excel
2025-06-07 08:48 - 2025-03-27 21:16 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3155752975-2384182229-592542832-1120
2025-06-07 08:48 - 2025-03-27 21:16 - 000003574 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-3155752975-2384182229-592542832-1120
2025-06-07 08:48 - 2025-03-27 21:16 - 000003356 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3155752975-2384182229-592542832-1120
2025-06-07 08:48 - 2022-02-21 08:08 - 000002387 _____ C:\Users\dnguyen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-06-05 22:30 - 2019-09-05 09:38 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2025-06-05 22:30 - 2019-09-05 09:38 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2025-05-30 13:23 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-05-30 13:10 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\Registration
2025-05-29 22:28 - 2025-03-27 21:11 - 000000000 ____D C:\Users\dnguyen
2025-05-29 22:26 - 2025-03-27 21:13 - 000001607 _____ C:\WINDOWS\system32\config\VSMIDK
2025-05-29 22:26 - 2019-08-02 22:18 - 000000000 ____D C:\Program Files\Microsoft Office
2025-05-29 22:20 - 2019-09-13 16:54 - 000000000 ____D C:\Users\dnguyen\Documents\Outlook Files
2025-05-29 18:33 - 2019-09-05 10:09 - 000000000 ____D C:\Users\dnguyen\AppData\Roaming\Adobe
2025-05-29 18:32 - 2019-09-23 09:58 - 000000000 ____D C:\Program Files (x86)\Dropbox
2025-05-29 18:30 - 2021-01-26 09:30 - 000002175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2025-05-25 15:38 - 2019-08-02 22:15 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-05-25 14:55 - 2025-03-27 21:16 - 000003800 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3155752975-2384182229-592542832-1120UA
2025-05-25 14:55 - 2025-03-27 21:16 - 000003738 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskUserS-1-5-21-3155752975-2384182229-592542832-1120Core
2025-05-25 14:55 - 2025-03-27 21:16 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-05-25 14:55 - 2025-03-27 21:16 - 000003410 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-05-25 14:52 - 2019-10-13 17:36 - 000000000 ____D C:\Program Files\Common Files\Adobe
2025-05-14 03:48 - 2025-03-27 21:10 - 000491480 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-05-14 03:47 - 2024-04-01 03:03 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-05-14 03:47 - 2024-04-01 03:03 - 000000000 ____D C:\WINDOWS\InboxApps
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\UUS
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\DDFs
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\Provisioning
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-05-14 03:47 - 2024-04-01 02:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-05-13 23:29 - 2025-03-27 21:13 - 003369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-05-13 23:22 - 2019-09-05 08:07 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-05-13 23:19 - 2019-09-05 08:07 - 214836568 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Files in the root of some directories ========
2019-09-16 15:34 - 2019-09-16 15:34 - 000000410 _____ () C:\Users\dnguyen\AppData\Local\oobelibMkey.log
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-06-2025
Ran by dnguyen (08-06-2025 15:46:22)
Running from C:\Users\dnguyen\Desktop
Microsoft Windows 11 Pro Version 24H2 26100.4061 (X64) (2025-03-28 02:17:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2518690825-769682799-679259177-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2518690825-769682799-679259177-503 - Limited - Disabled)
Guest (S-1-5-21-2518690825-769682799-679259177-501 - Limited - Disabled)
User (S-1-5-21-2518690825-769682799-679259177-1001 - Administrator - Enabled) => C:\Users\User
WDAGUtilityAccount (S-1-5-21-2518690825-769682799-679259177-504 - Limited - Disabled)
ATTENTION: Domain
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 25.001.20474 - Adobe Systems Incorporated)
Adobe Acrobat Reader (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 25.001.20474 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 6.6.0.611 - Adobe Inc.)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: 8.6.0.79 - Adobe Inc.)
Adobe Premiere Rush (HKLM-x32\...\RUSH_1_5_12) (Version: 1.5.12 - Adobe Inc.)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601110}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.56.1 - Asmedia Technology)
Canon IJ Network Scanner Selector EX2 (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX2) (Version: 2.0.10.2 - Canon Inc.)
Canon IJ Printer Assistant Tool (HKLM-x32\...\Canon IJ Printer Assistant Tool) (Version: 1.10.2.51 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.5.0.69 - Canon Inc.)
Canon TS6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_TS6200_series) (Version: 1.02 - Canon Inc.)
Cisco Webex Meetings (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\ActiveTouchMeetingClient) (Version: 41.12.6 - Cisco Webex LLC)
Dell Command | Update for Windows 10 (HKLM\...\{5669AB71-1302-4412-8DA1-CB69CD7B7324}) (Version: 3.0.1 - Dell, Inc.)
Dell Digital Delivery Services (HKLM-x32\...\{E9CD23E0-FC9B-4AE6-83A1-067FC62A39E7}) (Version: 5.5.0.0 - Dell Inc.)
Dell PointStick Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.312 - ALPS ELECTRIC CO., LTD.)
Dell Power Manager Service (HKLM\...\{18469ED8-8C36-4CF7-BD43-0FC9B1931AF8}) (Version: 3.2.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\{396C54DB-3C24-4AD5-B514-F9FCEC2B7637}) (Version: 4.8.2.29006 - Dell Inc.)
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM\...\{F5391400-4596-46A6-9D3C-9D7647230679}) (Version: 5.5.13.0 - Dell Inc.) Hidden
Dell SupportAssist OS Recovery Plugin for Dell Update (HKLM-x32\...\{2b5a1544-c837-4b31-acb8-cb096c96013f}) (Version: 5.5.13.0 - Dell Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 225.4.4896 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.983.1 - Dropbox, Inc.) Hidden
Dynamic Application Loader Host Interface Service (HKLM\...\{B4E106B6-E7FB-45CB-89DD-0D90D0CB107E}) (Version: 1.0.0.0 - Intel Corporation) Hidden
FactSet (HKLM\...\{A84568DA-FFAD-403A-9F01-37BA3533AE8E}) (Version: 2016.18.067.054 - FactSet Research Systems Inc.)
FCC 3.0.5479.1001 (current user) (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\FreeConferenceCall (current user)) (Version: 3.0.5479.1001 - FreeConferenceCall LLC)
FileOpen Client B993 (HKLM\...\FileOpenClient_is1) (Version: B993 - FileOpen Systems Inc.)
Global Relay (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\b86e6ee0-6af8-552c-a43a-e5159b27b85f) (Version: 3.5.0 - Global Relay Communications Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 137.0.7151.69 - Google LLC)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 109.0.3.0 - Google LLC)
GoTo Opener (HKLM-x32\...\{C0F33C38-345C-4C02-B161-11389350C2A5}) (Version: 1.0.533 - LogMeIn, Inc.)
GoToMeeting 10.20.0.19992 (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\GoToMeeting) (Version: 10.20.0.19992 - LogMeIn, Inc.)
Intel® Chipset Device Software (HKLM\...\{19D17223-0F9C-4155-8057-AA6F49A26E69}) (Version: 10.1.17861.8101 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{fcfc894b-0d54-4d39-826f-dcb39ce5dde7}) (Version: 10.1.17861.8101 - Intel® Corporation)
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.5.10103.7263 - Intel Corporation)
Intel® Icls (HKLM\...\{4668CFA6-6555-4A3D-BE5F-C9FBC592F14F}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® LMS (HKLM\...\{7B4E1125-9F48-46B8-8243-2E7A0CEC2E13}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1912.12.0.1249 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{7AF0AAEB-62B7-4B5D-A78D-265C2DE5EEF2}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{B4380A5C-5E86-46B5-B23E-EE67C5B40858}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{DA7C44AB-1C4B-40CF-9265-36532656DF4B}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Driver (HKLM\...\{60289AA6-1A1E-4F74-8E22-6ECEE142ECE9}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® OEM Extension (HKLM\...\{19413FA8-118C-42C3-9B78-9E4955CCE7D0}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 25.20.100.6577 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1841.2 - Intel Corporation)
Intel® Serial IO (HKLM\...\{E545DB82-E9B1-4D20-851E-514346F0F527}) (Version: 30.100.1849.1 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{00000000-0210-1033-84C8-B8D95FA3C8C3}) (Version: 21.00.0.4 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{93989715-4970-47CC-83A0-12E01431EEFA}) (Version: 17.2.7.1028 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{944a1449-c146-468f-a4d4-46ac4e9d9ce9}) (Version: 21.0.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{AF3E59AC-D274-4FA2-91C0-BB8D549FA369}) (Version: 21.0.0.2990 - Intel Corporation) Hidden
McAfee Safe Connect (HKLM-x32\...\{095c98d4-cc8d-4a11-9c82-9ed357ac4f7f}) (Version: 2.4.2 - McAfee)
McAfee Safe Connect (HKLM-x32\...\{71600119-A99D-4260-8B69-7545BB4C21C0}) (Version: 2.4.2 - McAfee) Hidden
Microsoft .NET Host - 5.0.17 (x64) (HKLM\...\{E663ED1E-899C-40E8-91D0-8D37B95E3C69}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host - 6.0.28 (x64) (HKLM\...\{CA84969C-64F9-4606-A998-E692A5DA9B9F}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host - 8.0.11 (x64) (HKLM\...\{362B4D0D-8438-44DA-86B2-FEC44E000FCA}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 5.0.17 (x64) (HKLM\...\{8BA25391-0BE6-443A-8EBF-86A29BAFC479}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.20 (x64) (HKLM\...\{76FA02FF-603F-48BB-9E3F-17ED5DB861E8}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 6.0.28 (x64) (HKLM\...\{7C4254A1-17EE-4840-B9D3-7CA9B34C75CD}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Host FX Resolver - 8.0.11 (x64) (HKLM\...\{F59C11F0-D73F-452B-8D1D-8C33B82D8507}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM\...\{5A66E598-37BD-4C8A-A7CB-A71C32ABCD78}) (Version: 40.68.31213 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 5.0.17 (x64) (HKLM-x32\...\{a699b48e-5748-4980-ad92-0b61b1d9d718}) (Version: 5.0.17.31213 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM\...\{6CE8AD8C-E6D5-4BF7-91C3-7F8106A5CD93}) (Version: 48.83.63169 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 6.0.20 (x64) (HKLM-x32\...\{403b0cfe-5969-462d-8eb2-aafde344360e}) (Version: 6.0.20.32620 - Microsoft Corporation)
Microsoft .NET Runtime - 6.0.28 (x64) (HKLM\...\{4BCC5DFD-5D10-4ACC-AAA9-8A1578A9F0C6}) (Version: 48.112.10439 - Microsoft Corporation) Hidden
Microsoft .NET Runtime - 8.0.11 (x64) (HKLM\...\{9C80213E-9079-4561-8D57-1FDD0D62251F}) (Version: 64.44.23191 - Microsoft Corporation) Hidden
Microsoft 365 Apps for business - en-us (HKLM\...\O365BusinessRetail - en-us) (Version: 16.0.18827.20128 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 137.0.3296.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 137.0.3296.68 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2518690825-769682799-679259177-1001\...\OneDriveSetup.exe) (Version: 19.174.0902.0001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\OneDriveSetup.exe) (Version: 25.091.0512.0001 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.14205 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{BD515BA9-A4E0-40EB-829A-8960477ADFA6}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{F2FB7D67-A4CE-448B-BC59-4C6DBD9F7ECB}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{042d26ef-3dbe-4c25-95d3-4c1b11b235a7}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{9dff3540-fc85-4ed5-ac84-9e3c7fd8bece}) (Version: 12.0.40664.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.40664 (HKLM\...\{010792BA-551A-3AC0-A7EF-0FAB4156C382}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.40664 (HKLM\...\{53CF6934-A98D-3D84-9146-FC4EDF3D5641}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.40664 (HKLM-x32\...\{D401961D-3A20-3AC7-943B-6139D5BD490A}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.40664 (HKLM-x32\...\{8122DAB1-ED4D-3676-BB0A-CA368196543E}) (Version: 12.0.40664 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.40.33810 (HKLM-x32\...\{5af95fd8-a22e-458f-acee-c61bd787178e}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x86) - 14.40.33810 (HKLM-x32\...\{47109d57-d746-4f8b-9618-ed6a17cc922b}) (Version: 14.40.33810.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.40.33810 (HKLM\...\{59CED48F-EBFE-480C-8A38-FC079C2BEC0F}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.40.33810 (HKLM\...\{B8B3BB4A-A10D-4F51-91B7-A64FFAC31EA7}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Additional Runtime - 14.40.33810 (HKLM-x32\...\{5EA6C998-D5AC-4ED9-89C3-9F25B17CCD3D}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X86 Minimum Runtime - 14.40.33810 (HKLM-x32\...\{0C3457A0-3DCE-4A33-BEF0-9B528C557771}) (Version: 14.40.33810 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM\...\{443A7BE8-E5BE-4514-BDAB-0A872E3E846B}) (Version: 48.112.10435 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 6.0.28 (x64) (HKLM-x32\...\{bd3c5800-9256-43b9-97a7-eb349fc38d78}) (Version: 6.0.28.33420 - Microsoft Corporation)
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM\...\{C0790AA0-0F40-4836-85B2-677B87625E63}) (Version: 64.44.23253 - Microsoft Corporation) Hidden
Microsoft Windows Desktop Runtime - 8.0.11 (x64) (HKLM-x32\...\{bd40e761-3e88-4202-9b53-26c6bed3d467}) (Version: 8.0.11.34221 - Microsoft Corporation)
Mozilla Firefox 81.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 81.0.1 (x64 en-US)) (Version: 81.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 81.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18827.20128 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8683.1 - Realtek Semiconductor Corp.)
Realtek USB Audio (HKLM-x32\...\{0A46A65D-89AC-464C-8026-3CD44960BD04}) (Version: 6.3.9600.2215 - Realtek Semiconductor Corp.)
RingCentral Meetings (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\RingCentralMeetings) (Version: 20.2 - Zoom Video Communications, Inc. and RingCentral Inc.)
S&P Capital IQ Office Plug-in (x64) 9.44.614.3810 (HKLM\...\{39AD503E-B59C-46CD-AAE2-74487FA7F661}) (Version: 9.44.614.3810 - S&P Capital IQ)
Shift 127.6.0 (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\{95fcf903-63b1-44bd-ab77-358a5bd30aae}_is1) (Version: 127.6.0 - Shift Technologies, Inc.)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.10.0093 - ST Microelectronics)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.66.5 - TeamViewer)
Update for x64-based Windows Systems (KB5001716) (HKLM\...\{DA80A019-4C3B-4DAA-ACA1-6937D7CAAF9E}) (Version: 8.94.0.0 - Microsoft Corporation)
WatchGuard Mobile VPN with SSL client 12.7 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version: - WatchGuard)
Xerox Desktop Print Experience 8.5 (HKLM\...\{16B4CC67-50F6-DD5B-CEF3-E2F2EF460494}) (Version: 8.158.0.0 - Xerox Corporation)
Xerox PowerENGAGE (HKLM-x32\...\{171BF116-713F-43AA-B236-D6188522E609}) (Version: 2.52.0016 - Xerox Inc.)
Zoom (HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\ZoomUMX) (Version: 5.17.0 (28375) - Zoom Video Communications, Inc.)
Packages:
=========
@{MicrosoftWindows.55182690.Taskbar_1000.26100.3775.0_x64__cw5n1h2txyewy?ms-resource://MicrosoftWindows.55182690.Taskbar/Resources/ProductPkgDisplayName} -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-09-16] (Adobe Systems Incorporated)
Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC [2025-04-30] ()
Adobe Notification Client -> C:\Program Files\WindowsApps\AdobeNotificationClient_6.0.0.1_x86__enpm4xejd91yc [2024-07-12] (Adobe Systems Incorporated)
Click to Do (preview) -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.CoreAI_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
Dell Command | Update -> C:\Program Files\WindowsApps\DellInc.DellCommandUpdate_3.0.160.0_x64__htrsf667h5kn2 [2019-08-07] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_5.5.0.0_x64__htrsf667h5kn2 [2025-02-21] (Dell Inc)
Dell Free Fall Data Protection -> C:\Program Files\WindowsApps\STMicroelectronicsMEMS.DellFreeFallDataProtection_1.0.27.0_x64__rp6h1c31mfy1y [2025-02-22] (STMICROELECTRONICS S.R.L.)
Dell PointStick -> C:\Program Files\WindowsApps\CirqueCorporation.DellPointStick_10.3.1.0_x64__kjn5yvbh8sxt4 [2019-08-07] (Cirque Corporation)
Dell Power Manager -> C:\Program Files\WindowsApps\DellInc.DellPowerManager_3.14.40.0_x64__htrsf667h5kn2 [2023-04-05] (Dell Inc)
Dell SupportAssist for Home PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_4.8.1.0_x64__htrsf667h5kn2 [2025-04-14] (Dell Inc)
Dropbox -> C:\Program Files (x86)\Dropbox\Client\PackageAssets [2025-05-29] (Dropbox Inc.)
Intel® Graphics Command Center -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-09] (INTEL CORP) [Startup Task]
Intel® Graphics Control Panel -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsControlPanel_3.3.0.0_x64__8j3eq9eme6ctt [2021-10-19] (INTEL CORP)
Intel® Optane™ Memory and Storage Management -> C:\Program Files\WindowsApps\AppUp.IntelOptaneMemoryandStorageManagement_18.1.1042.0_x64__8j3eq9eme6ctt [2025-05-01] (INTEL CORP)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa [2025-04-01] (Apple Inc.) [Startup Task]
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_3.0.42.0_x64__w1wdnht996qgy [2025-02-22] (LinkedIn) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-04-22] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-04-22] (Microsoft Corporation) [MS Ad]
Microsoft.Edge.GameAssist -> C:\Program Files\WindowsApps\Microsoft.Edge.GameAssist_1.0.3336.0_x64__8wekyb3d8bbwe [2025-06-05] (Microsoft Corporation)
OfficePushNotificationsUtility -> C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE16 [2025-05-30] ()
Remote Desktop -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.4010.0_x64__8wekyb3d8bbwe [2025-04-30] (Microsoft Corporation)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.150.3125.0_x64__kzf8qxf38zg5c [2025-05-05] (Skype)
Waves MaxxAudio Pro for Dell 2019 -> C:\Program Files\WindowsApps\WavesAudio.MaxxAudioProforDell2019_2.0.54.0_x64__fh4rh281wavaa [2025-03-26] (Waves Audio)
Windows Feature Experience Pack -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-05-14] (Microsoft Windows)
Xerox Print and Scan Experience -> C:\Program Files\WindowsApps\XeroxCorp.PrintExperience_9.70.10.0_x64__f7egpvdyrs2a8 [2025-06-06] (Xerox Corp)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{04271989-C4D2-7305-C520-71B827135D23} -> [OneDrive - Blair Building] => C:\Users\dnguyen\OneDrive - Blair Building [2025-03-02 12:05]
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{1019ADC7-17CB-4489-AFD5-6642C7400ACE}\localserver32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptOIEx64.exe (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{1108FD1C-492F-4251-B9DB-77F0274267B2}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.187.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{2ABD6384-2E18-40E8-8439-F06D21E0B03D}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.43\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{2EF7E390-2F7C-4F9A-9B7D-4A87B56B711D}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.173.51\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{2F81B25E-7507-4844-BFF2-77D2CC24CED4}\localserver32 -> C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Inc. -> Adobe Inc.)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{2FDB3305-19B8-4FE2-972B-ED5E97CBBD6E}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.39\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{32E26FD9-F435-4A20-A561-35D4B987CFDC}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\WebEx\WebEx64\Meetings\atucfobj.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{38971E90-14FD-44F6-AA45-1447B653F873}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.173.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{41B09861-5409-4D44-8CA4-D49FBFAA2E6F}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{4FFB4BD8-A109-4F25-A4DB-313678B19417}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{5EA43877-C6D8-4885-B77A-C0BB27E94372}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{64C6EFB9-8F79-4106-B975-067448DC768F}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.177.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{72726D01-426C-4B35-8266-B4496CAA889E}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.183.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{78C1ADF4-6DAE-4164-AEFA-4E3EAD9E750A}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{79F05C14-E714-4C12-9924-93C812894CB0}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.57\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{7C9A348D-C321-47AC-904F-150312A5430F}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.175.27\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{7EFB4924-4B93-4C43-9832-9C3D05E85214}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.59\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{81093D63-7825-417B-BFC8-ADC63FA4E53D}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{83F21C4B-8643-4A08-A29A-822AFD835037}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.193.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\GoToMeeting\19796\G2MOutlookAddin64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{997809F3-33FD-4FD6-A2ED-CEF50F3263B1}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.169.31\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{A087E49F-1F8E-4603-A200-55537B737421}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.25\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{ABF66F82-B04C-4FE4-8272-661539463FE1}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.171.37\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{AEECE333-8900-4915-9697-7A0B4034B3D8}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{B258532D-3529-4BEB-BF38-F08F98B3968C}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{BAEE998A-9C95-4966-8E52-DBCA67D8482A}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptoiEnt64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{BC4C72EF-3055-4A6D-86E1-AE4D24DB63CA}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.35\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{BFBE0943-74C5-40E0-9E80-0B808109E95D}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.163.19\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{C3741FD4-FABE-4C36-88E7-40C0C09FCE8D}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{C88B3957-621C-415B-8EE5-B688FC7EF924}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.61\psuser_64.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{CAE1760A-CB07-481B-8F9A-BC65510AF5D5}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.185.21\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20031.2\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\dnguyen\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{DAA7499A-B3AC-4419-A89B-124318504051}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.185.29\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => C:\Users\dnguyen\Dropbox [2019-09-23 10:00]
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{E3D57E77-FE71-4D06-BD34-D48820074909}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.181.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{E797BF82-EFC0-4B94-A059-AA797B10D29C}\localserver32 -> C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\notification_helper.exe (Shift) [File not signed] <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{E8791438-3525-48BF-A600-C577AD1674C2}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.173.49\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{E8D0CE8D-BC70-4025-978F-E86068362730}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptusredt64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{EA47D2DE-76CC-4138-97FF-A62F9D28A341}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptolkadd64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{EABAE40C-B27C-455A-B672-F234DD780948}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.25.14205\x64\Microsoft.Teams.MeetingAddin.DLL (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{F1CBF5EB-347F-4E4C-90AC-E43339FC34EC}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.173.55\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{F46A78BD-06FC-442C-88DF-0500F08F2379}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Microsoft\EdgeUpdate\1.3.195.45\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-3155752975-2384182229-592542832-1120_Classes\CLSID\{F6E0DEDD-F6D5-4195-BE2D-AB628A0BBDF4}\InprocServer32 -> C:\Users\dnguyen\AppData\Local\Webex\Webex\Applications\ptWbxMS64.dll (Cisco WebEx LLC -> Cisco WebEx LLC)
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-24] (Adobe Inc. -> )
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-25] () [File not signed]
ShellIconOverlayIdentifiers-x32: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-24] (Adobe Inc. -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-03-25] () [File not signed]
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\109.0.3.0\drivefsext.dll [2025-05-29] (Google LLC -> Google LLC.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.79.0.dll [2025-05-26] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2025-01-24] (Adobe Inc. -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2025-03-06] (Adobe Inc. -> Adobe Systems Inc.)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\dnguyen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) =============
2025-06-08 15:34 - 2025-06-08 15:34 - 000696832 _____ () [File not signed] \\?\C:\Users\dnguyen\AppData\Local\Temp\46588666-7b6d-4db6-a7c0-192e99e5c9f4.tmp.node
2025-06-08 15:34 - 2025-06-08 15:34 - 000707584 _____ () [File not signed] \\?\C:\Users\dnguyen\AppData\Local\Temp\be22fb0e-19d3-4e9c-b386-d2d76d8f1a15.tmp.node
2024-04-24 21:49 - 2024-05-16 16:47 - 002866176 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\ffmpeg.dll
2024-04-24 21:49 - 2024-05-16 16:47 - 000479232 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\libegl.dll
2024-04-24 21:49 - 2024-05-16 16:47 - 007671808 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\libglesv2.dll
2024-04-24 21:49 - 2024-05-16 16:47 - 005312000 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Programs\GlobalRelay\vk_swiftshader.dll
2025-03-18 07:19 - 2025-01-07 14:50 - 000494080 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\libegl.dll
2025-03-18 07:19 - 2025-01-07 14:50 - 007972352 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\libglesv2.dll
2025-03-18 07:19 - 2025-01-07 14:50 - 005323264 _____ () [File not signed] C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\vk_swiftshader.dll
2025-03-12 12:13 - 2016-10-21 16:06 - 000318976 _____ (CANON INC) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\scchmpm.dll
2025-03-12 12:13 - 2017-06-27 10:59 - 000219648 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\cnmpu2.dll
2025-03-12 12:13 - 2017-11-02 15:36 - 000008192 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_ENU.DLL
2025-03-12 12:13 - 2017-11-02 15:36 - 000104960 _____ (CANON INC.) [File not signed] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX2\CNS2_IMG.dll
2021-08-24 22:48 - 2019-02-21 11:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2025-03-18 07:19 - 2025-01-07 14:50 - 025774080 _____ (Microsoft® Corporation) [File not signed] C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\dxcompiler.dll
2018-03-08 07:18 - 2018-03-08 07:18 - 000015360 _____ (NHibernate community) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Iesi.Collections.dll
2018-02-06 17:25 - 2018-02-06 17:25 - 000176640 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.dll
2018-03-23 12:10 - 2018-03-23 12:10 - 000028160 _____ (rubicon IT GmbH) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Remotion.Linq.EagerFetching.dll
2025-03-18 07:19 - 2025-01-07 14:50 - 001335808 _____ (Shift) [File not signed] C:\Users\dnguyen\AppData\Local\Shift\chromium\132.0.1.2048\shift_elf.dll
2021-02-17 04:19 - 2021-02-17 04:19 - 000124928 _____ (Stateless Contributors) [File not signed] [File is in use] C:\Program Files\Dell\SupportAssistAgent\bin\stateless.dll
2016-12-18 08:55 - 2016-12-18 08:55 - 000097280 _____ (Tunnel Vision Laboratories, LLC) [File not signed] C:\Program Files\Dell\SupportAssistAgent\bin\Antlr3.Runtime.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
HKU\S-1-5-21-2518690825-769682799-679259177-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-2518690825-769682799-679259177-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.green-rock.com/
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-2518690825-769682799-679259177-1001 -> DefaultScope {B0FB58D0-BCF0-4389-853A-B91C304DFEA7} URL =
SearchScopes: HKU\S-1-5-21-2518690825-769682799-679259177-1001 -> {B0FB58D0-BCF0-4389-853A-B91C304DFEA7} URL =
SearchScopes: HKU\S-1-5-21-3155752975-2384182229-592542832-1120 -> DefaultScope {B0FB58D0-BCF0-4389-853A-B91C304DFEA7} URL =
SearchScopes: HKU\S-1-5-21-3155752975-2384182229-592542832-1120 -> {B0FB58D0-BCF0-4389-853A-B91C304DFEA7} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3155752975-2384182229-592542832-1120 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2025-04-24] (Adobe Inc. -> Adobe Systems Incorporated)
Handler: fdstp2 - {EDA30510-6AD8-11d2-A1A4-00805F0F0690} - C:\Program Files (x86)\FactSet\COMShim_x64.dll [2019-07-03] (FactSet Research Systems Inc. -> FactSet Research Systems)
Handler-x32: fdstp2 - {EDA30510-6AD8-11d2-A1A4-00805F0F0690} - C:\Program Files (x86)\FactSet\fdstp.dll [2019-07-03] (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-05-30] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3155752975-2384182229-592542832-1120\...\sharepoint.com -> hxxps://blairbldg-files.sharepoint.com
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-03-18 23:49 - 2019-03-18 23:49 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2518690825-769682799-679259177-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Dell\Win LTBLUE 1920x1200.jpg
HKU\S-1-5-21-3155752975-2384182229-592542832-1120\Control Panel\Desktop\\Wallpaper -> C:\Users\dnguyen\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\13575274633763389396\133886304046837116.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet 2: TAP-Windows Adapter V9 -> tap0901.sys
Ethernet: Intel® Ethernet Connection (6) I219-V -> e1d.sys
Bluetooth Network Connection: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Intel® Wireless-AC 9560 160MHz -> Netwtw08.sys
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B9BB9FAC-5925-4F9E-AD4A-4739C0A68351}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67E6965B-27DD-4EE3-8BA7-ED79C8A1D023}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{DA6E5DA3-5238-44A4-9D43-D465C072DB12}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{C1784CFC-126A-4920-BFE0-558B69788C03}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{244DA983-3C93-4981-8309-E98A6CC2B42E}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{284B8B09-082F-412D-A905-9A5C07A913A9}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{63BE574A-F6F1-44A5-B30D-D0AF8817075C}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{C01E134E-308F-4C27-9655-F7D2757CB924}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{C596A62B-22C7-4983-9C8A-8EE27F4D9B5A}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{452D9760-C7D2-4ADC-B73E-4C08DCCDCD73}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{51A12303-E5B8-4759-BEA7-50F7132125E4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{82D23BC6-AD3E-4033-B606-F57B24A12B9B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{60A987F8-9CD2-4E19-A51F-96DAC40AEEE1}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [TCP Query User{CA1DFEF7-A6A1-429F-A2E7-39C2AB2703AD}C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe] => (Allow) C:\users\dnguyen\appdata\roaming\zoom\bin\zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{2C1F8FE7-EEF2-4C54-BACE-A0D54F9280D5}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{0DAF72FC-EB6E-431E-8C2E-0BF95A7817B2}C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\dnguyen\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{E0F0450B-9A6B-4FC6-8BEF-21F4DD8C5F18}C:\program files (x86)\factset\marquee.exe] => (Allow) C:\program files (x86)\factset\marquee.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [TCP Query User{00BA9208-3D3F-4642-BD2C-42BBE7C50C53}C:\program files (x86)\factset\marquee.exe] => (Allow) C:\program files (x86)\factset\marquee.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [UDP Query User{C4783D56-1BD8-4384-B425-D31CECD2B3F4}C:\program files (x86)\factset\fdsbrowser.exe] => (Allow) C:\program files (x86)\factset\fdsbrowser.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [TCP Query User{7A780E1D-D3B6-4C42-B7A4-4D819BB7EBD9}C:\program files (x86)\factset\fdsbrowser.exe] => (Allow) C:\program files (x86)\factset\fdsbrowser.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [UDP Query User{84F370B3-37D9-4C56-A922-5D8D47138D63}C:\program files (x86)\factset\marquee.exe] => (Allow) C:\program files (x86)\factset\marquee.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [TCP Query User{49927C42-3C97-4514-93C2-F641A1F547C2}C:\program files (x86)\factset\marquee.exe] => (Allow) C:\program files (x86)\factset\marquee.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [UDP Query User{CCA9ABEB-BABA-4C50-BDB3-064A1424F7E1}C:\program files (x86)\factset\fdsbrowser.exe] => (Allow) C:\program files (x86)\factset\fdsbrowser.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [TCP Query User{3835DCB6-B67C-4BB9-88E0-32F161B7BADD}C:\program files (x86)\factset\fdsbrowser.exe] => (Allow) C:\program files (x86)\factset\fdsbrowser.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [UDP Query User{9268D1ED-0BEB-4E71-A9FD-38E9042BA688}C:\program files (x86)\factset\fdsrealtime.exe] => (Allow) C:\program files (x86)\factset\fdsrealtime.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [TCP Query User{76A4D88D-8C96-4C2E-9F13-B22E02FFB951}C:\program files (x86)\factset\fdsrealtime.exe] => (Allow) C:\program files (x86)\factset\fdsrealtime.exe (FactSet Research Systems Inc. -> FactSet Research Systems, Inc.)
FirewallRules: [{99C7081C-5F53-42F4-87C9-DE9B54BE6A2A}] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{ABFD7DC5-997D-4BBB-A7D8-8694541C3D4D}] => (Block) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{BC146E71-F6BA-48E8-B345-67F42E7D3F67}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{5187A9CD-2C1D-42BF-AC69-9AB28A17D790}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{90201798-4380-4265-B124-641775BF59CD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{EF813311-C6BB-4300-A054-D864C1A99124}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{3862F048-E742-49A5-8F8E-CA136ECBFEEC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{8E7B037D-8074-4994-8E4C-ED561AD363D1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{653D24FF-44BE-4EEE-A9F7-A956D6A09CC5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7A5591FA-30DA-4617-A377-EE0AC57FB41F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{5C248C47-DB48-4689-8AC1-BD43B414BD0F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A1DD48E4-3281-4212-9053-58EAAFA0DC16}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.72.94.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{36818511-291F-46BA-9DBA-785F7FFC74F7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{680548DA-C556-43B5-BC24-971DFD57EB20}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D2887D7A-29F7-4844-8F70-3A854442C419}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4E7D0A39-7D16-4B17-BBFD-4D6B628B13B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{318EFFF2-3D60-46FB-A24C-63539BA5681E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{96C2029E-02B9-468D-B801-1D4F2A051B21}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2BAE98D9-EC87-4BDD-9CE1-5E22364A546A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E0B62CD1-093C-4203-9845-18F96905A51D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.82.404.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{9D183F56-F70F-4501-A47A-B58E0151A554}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{D8768016-4235-4323-A3C4-0BA1EB4AE802}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{362CE7B1-8CA8-4C7E-BD91-4C80B229E94D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{FF1C887E-320D-4574-AA93-77EC1FC7B2B9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.408.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1D9996F9-81D7-40BC-BD09-004F89E87BC5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{41FCCD7B-3021-4520-A7AD-F6582365D671}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{138E7A26-743A-4CBA-B0C3-EF8110CCDC1D}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{3FE529D2-3216-495E-A949-AF7267B83F1B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\iTunes.exe => No File
FirewallRules: [{04EB0091-3195-4377-B92E-204175E83A6C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{208892C6-04C9-4AE6-8C28-524AF55E7D18}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{622F1A03-2269-492A-BE90-6C1BC61CE058}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{058B7A37-F673-4422-A816-A43100A27692}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12125.8.57037.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe => No File
FirewallRules: [{BE050C8C-7248-4C03-8C97-5B29F708688D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E3DA20EF-AE53-45E5-B46E-72FB687C2051}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{32F04FE1-AA49-4548-A3C7-020A454C5A07}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F8CD0E64-A128-45B2-A2DA-7BF804BDC999}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.89.3403.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2DB137A1-9056-4102-A3CC-F49F9C2F59AA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{09CD926B-D6F1-4F8E-995A-3A2920AAC1F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6B569438-D3BC-4BB9-8A5B-3BB4D4707FF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{FA839E69-1838-4780-B6BF-9032D3BFF28D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.90.3407.0_x86__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{3F857343-26A8-4FE4-8105-B0B39F0054BF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A65D5DCD-37A4-4A4E-AAFB-7C79015185F4}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{0CDF2D2B-BE7B-4EE2-BA06-ABDA60A50314}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{6D691B48-4C8E-4B05-9A60-65A6908B077F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.98.3206.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{862D03D7-C136-41DF-82E7-50F108BD435B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{FA8C48E3-64AC-47AB-8F75-606EBEE700AF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{19F4A5FF-1C22-48A6-BE6F-41F348EF8EDF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{1BCBCBC8-C42E-4D98-AB13-98BD2394F98E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.104.3207.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{7FF742B7-B24A-4C08-8892-5E0D8BAD34F5}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8CF75B71-3657-404E-BD5A-064A699180A7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{EE47D5A9-A878-4543-96D4-99C6475FBB48}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{429CCC6E-7D36-42CB-AB4D-95A6FCAD5787}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.105.3214.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C4130052-4916-4525-9EAA-153B775DEBBE}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{88304EA1-7427-42F3-8B0E-07EE8472C7F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E6382157-36CA-43A6-86BA-A0B5AA3805A0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{DA172889-6A45-4699-8D10-779653FF5236}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.116.3213.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [TCP Query User{250D2A8D-B207-472E-8F9E-B1B9B82C7355}C:\users\dnguyen\appdata\local\programs\globalrelay\global relay.exe] => (Allow) C:\users\dnguyen\appdata\local\programs\globalrelay\global relay.exe (Global Relay Communications Inc.) [File not signed]
FirewallRules: [UDP Query User{89492718-EF85-4AB7-A87C-9051AAEE70E1}C:\users\dnguyen\appdata\local\programs\globalrelay\global relay.exe] => (Allow) C:\users\dnguyen\appdata\local\programs\globalrelay\global relay.exe (Global Relay Communications Inc.) [File not signed]
FirewallRules: [{198E9BCB-EE35-44F7-887D-B4BCD6C50431}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{BB35B4A7-934D-43CD-A8BE-A74729FADA26}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{753B9FD2-1224-4252-A6B8-E2483BE179B6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{C9D03A23-A196-471E-AEB0-BA08F8D78E8F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.123.3203.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2A1148F5-A781-43C1-ABF2-FB51668A6463}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2F467CEA-67B9-40DF-9C57-6AF18BE7A537}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{ABEED0D4-9D90-4CF3-BCDF-7BF009E50295}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{E3A1C3F5-0EB5-45CA-9352-91A45F3B1B74}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.124.3204.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{085A1AEF-F737-432F-AFBD-3EE7EFCDBEAF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{812C6FE8-C203-42BC-8451-60AACE9115A7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{2BD7C280-1EA7-471E-9F22-6FE57B43A467}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8BA3237B-0B24-407D-B599-D661818643D8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.131.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{9FABD40B-2872-4876-B1B1-846BCB1CFEF1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{A2E04AD0-2C19-40FD-AD3F-59AF1A6FFA5B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{F0A831C8-EF53-4890-8C0F-EC12169DA311}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{8A370CC1-B167-4190-9C7B-49D8DC7B41CA}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.134.3202.0_x64__kzf8qxf38zg5c\Skype\Skype.exe => No File
FirewallRules: [{4FBFD46D-A602-4F74-BF83-8BDD4AF46F95}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{644D9165-A087-4655-945E-65FF020CFBAF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_25031.702.3408.1909_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2B2A25B-1A23-4AC7-AC06-CAA8AB497771}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{15AE83B4-DE5E-4C75-9FDE-F1D1BFEDF6AA}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{43A6D15F-8453-459C-8389-A4A0A9349A1F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{292E428D-FD05-40E2-BD9E-BA26A0656C0C}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{D4791D33-E3EE-4D94-BBA0-3B65755EC986}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{40424E5C-F40E-4BFB-B346-4A230B40133B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B48DA1FB-6951-4DA8-9998-46C4CC00D4C2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{871EA54E-F85B-4311-B787-3EBA0A963612}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12137.1.3025.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{33F53536-468E-4460-AE5D-277950B25A6B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{111616D3-7E11-4CC4-AA4F-8F47FC77DA92}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{343B7036-3E0F-43C2-B6A2-F7C4A7809F23}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{03202163-7F21-44B1-85C9-A6F728973C5C}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CDB90410-D192-4A23-88CF-543D1043678E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A790DBC1-F3BA-49BD-8C69-200310A3D203}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{3C026FDE-7CD3-415F-A402-91C7DD486247}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{C527411C-1BD9-4FC0-8A42-513372677F2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{802971DA-DA58-440E-8B52-6610773E28E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C2FA1B05-329E-4672-9311-243E4C777F27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F0CA3D1A-9008-4363-AC88-7E891CE30B4C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{5F2449FF-AC9A-44A0-B03C-192F2680F18F}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7467D9E2-AAD6-4408-BE38-53252E00AF44}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25122.1415.3698.6812_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9342B35C-F071-40A9-AF59-526A010EB631}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{25AC536D-69D6-4485-B37C-C4A0187DA866}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\137.0.3296.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (06/08/2025 03:35:29 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: ntdll.dll, version: 10.0.26100.4061, time stamp: 0xb156cd48
Exception code: 0xc0000409
Fault offset: 0x000b1f40
Faulting process id: 0x4f94
Faulting application start time: 0x1dbd8b4d472f98c
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 3d833635-0047-4426-9159-a28fa389e9dd
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2025 03:35:12 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: KERNELBASE.dll, version: 10.0.26100.4061, time stamp: 0xc24bdd22
Exception code: 0xe06d7363
Fault offset: 0x0015df24
Faulting process id: 0x4f94
Faulting application start time: 0x1dbd8b4d472f98c
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 132d8331-2345-40a2-8bcf-d18bfb2c1066
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2025 03:34:22 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: ntdll.dll, version: 10.0.26100.4061, time stamp: 0xb156cd48
Exception code: 0xc0000409
Fault offset: 0x000b1f40
Faulting process id: 0x3e1c
Faulting application start time: 0x1dbd8b4b0d44f0a
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 9bb6884f-d257-4aa7-95bb-49b3714251ca
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2025 03:34:12 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: KERNELBASE.dll, version: 10.0.26100.4061, time stamp: 0xc24bdd22
Exception code: 0xe06d7363
Fault offset: 0x0015df24
Faulting process id: 0x3e1c
Faulting application start time: 0x1dbd8b4b0d44f0a
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: 7dea385f-bde7-4d49-9c47-9395280b6f77
Faulting package full name:
Faulting package-relative application ID:
Error: (06/08/2025 02:58:51 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program OTL.exe version 3.2.69.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Error: (06/07/2025 10:57:20 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: ntdll.dll, version: 10.0.26100.4061, time stamp: 0xb156cd48
Exception code: 0xc0000409
Fault offset: 0x000b1f40
Faulting process id: 0x555c
Faulting application start time: 0x1dbd82965e25752
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 629b16a2-837d-4482-880f-344c83083f15
Faulting package full name:
Faulting package-relative application ID:
Error: (06/07/2025 10:57:07 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: KERNELBASE.dll, version: 10.0.26100.4061, time stamp: 0xc24bdd22
Exception code: 0xe06d7363
Fault offset: 0x0015df24
Faulting process id: 0x555c
Faulting application start time: 0x1dbd82965e25752
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: ed044a7f-d682-465f-98d1-c69ac5c9bd01
Faulting package full name:
Faulting package-relative application ID:
Error: (06/07/2025 10:46:39 PM) (Source: Application Error) (EventID: 1000) (User: GR)
Description: Faulting application name: Acrobat.exe, version: 25.1.20474.0, time stamp: 0x680ab9e2
Faulting module name: ntdll.dll, version: 10.0.26100.4061, time stamp: 0xb156cd48
Exception code: 0xc0000409
Fault offset: 0x000b1f40
Faulting process id: 0x5d84
Faulting application start time: 0x1dbd827ec546ec5
Faulting application path: C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrobat.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: afdea45d-9681-4ca3-9fea-b520496d6d00
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (06/08/2025 03:34:48 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: GR)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (06/08/2025 03:34:48 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: NT AUTHORITY)
Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
Error: (06/08/2025 03:33:04 PM) (Source: NETLOGON) (EventID: 5719) (User: )
Description: This computer was not able to set up a secure session with a domain
controller in domain GR due to the following:
We can't sign you in with this credential because your domain isn't available. Make sure your device is connected to your organization's network and try again. If you previously signed in on this device with another credential, you can sign in with that credential.
This may lead to authentication problems. Make sure that this
computer is connected to the network. If the problem persists,
please contact your domain administrator.
ADDITIONAL INFO
If this computer is a domain controller for the specified domain, it
sets up the secure session to the primary domain controller emulator in the specified
domain. Otherwise, this computer sets up the secure session to any domain controller
in the specified domain.
Error: (06/08/2025 03:32:15 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (06/08/2025 03:32:15 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (06/08/2025 03:32:15 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (06/08/2025 03:32:15 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (06/08/2025 03:32:15 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Windows Defender:
================
Date: 2025-06-08 15:27:51
Description:
Microsoft Defender Antivirus has detected malware or other potentially unwanted software.
For more information please see the following:
Name: HackTool:Win32/DefenderControl!pz
Severity: High
Category: Tool
Path: file:_C:\Users\dnguyen\Downloads\DefenderControl\DefenderControl\DefenderControl.exe
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\RuntimeBroker.exe
Security intelligence Version: AV: 1.429.419.0, AS: 1.429.419.0, NIS: 1.429.419.0
Engine Version: AM: 1.1.25040.1, NIS: 1.1.25040.1
Date: 2025-06-07 21:25:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-06-07 09:22:27
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-06-05 16:08:14
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
Date: 2025-05-31 18:56:19
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Stop Reason: Scheduled scan was skipped because the last successful scan was within the last 7 days
CodeIntegrity:
===============
Date: 2025-06-08 15:35:23
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\225.4.4896\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-05-15 14:55:37
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\224.4.4811\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-05-14 19:06:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\223.4.4909\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-15 17:06:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\222.4.5042\vulkan-1.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-09 10:09:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\Dropbox.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Dropbox\Client\221.4.5365\vulkan-1.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. 1.10.1 12/18/2020
Motherboard: Dell Inc. 0M14W7
Processor: Intel® Core™ i5-8265U CPU @ 1.60GHz
Percentage of memory in use: 34%
Total physical RAM: 32615.09 MB
Available physical RAM: 21348.38 MB
Total Virtual: 34663.09 MB
Available Virtual: 23860.12 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:236.63 GB) (Free:66.21 GB) (Model: KBG40ZNS256G NVMe TOSHIBA 256GB) NTFS
\\?\Volume{ed124017-51e8-43c9-9128-273a678b2a7b}\ () (Fixed) (Total:1.04 GB) (Free:0.11 GB) NTFS
\\?\Volume{f13f1d9a-225c-43d2-9340-94e704373070}\ (ESP) (Fixed) (Total:0.66 GB) (Free:0.6 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: C0382A13)
Partition: GPT.
==================== End of Addition.txt =======================
Sign In
Create Account
