Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Disk Usage 100%

Started by ttbcs , Jun 24 2022 02:46 PM

  • Please log in to reply

#1
ttbcs
Posted 24 June 2022 - 02:46 PM

ttbcs

    Member

  • Member
  • PipPipPip
  • 102 posts

Hello, my computer seems to be very slow and unresponsive. This is true at startup and when coming back from sleep mode. It lasts for quite a long time. When looking at the task manager it shows 100% in the disk column with system being there most of the time. Any help in speeding things up would be appreciated.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-06-2022 01
Ran by ttbcs (administrator) on LAPTOP-TRAVIS (HP HP Pavilion Laptop 15-ck0xx) (24-06-2022 13:12:17)
Running from C:\Users\ttbcs\OneDrive\Desktop
Loaded Profiles: ttbcs
Platform: Microsoft Windows 11 Home Version 21H2 22000.739 (X64) Language: English (United States)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat DC\Acrobat\AcroCEF\AcroCEF.exe <2>
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
(C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
(C:\Program Files\McAfee\WebAdvisor\servicehost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MSC\MfeBrowserHost.exe
(C:\Program Files\Mozilla Firefox\firefox.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\browserhost.exe
(C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.425.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\102.0.1245.44\msedgewebview2.exe <7>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel\DPTF\esif_uf.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\dptf_helper.exe
(McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <10>
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (HP Inc. -> HP) C:\Windows\System32\hpservice.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\lms.inf_amd64_fddb643595e0b8d0\LMS.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(services.exe ->) (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_b5484efd38adbe8d\jhi_service.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(services.exe ->) (Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(services.exe ->) (Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(services.exe ->) (Intel® Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(services.exe ->) (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\5.0.112.0\McCSPServiceHost.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <3>
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_21_9\mcapexe.exe
(services.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(services.exe ->) (WildTangent, Inc. -> ) C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe
(svchost.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (HP Inc. -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(svchost.exe ->) (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MQS\QcShm.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22000.702_none_04dc3df74c65e3e2\TiWorker.exe
(svchost.exe ->) (Microsoft Windows) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_421.20070.425.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe
(svchost.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [701984 2017-07-13] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [HPRadioMgr] => C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe [324600 2017-04-25] (HP Inc. -> HP)
HKLM-x32\...\Run: [TeamsMachineInstaller] => C:\Program Files (x86)\Teams Installer\Teams.exe [103032624 2021-03-12] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\Run: [MicrosoftEdgeAutoLaunch_DB75890BB2C6219E955F6B80A91E685F] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3595168 2022-06-16] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-337212924-4266545201-662137970-1002\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2632064 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-337212924-4266545201-662137970-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [7097112 2022-04-07] (Adobe Inc. -> Adobe Systems Incorporated)
HKLM\...\Windows x64\Print Processors\Canon TR8500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDDL.DLL [482816 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ FAX Language Monitor TR8500 series: CNCALDL.DLL
HKLM\...\Print\Monitors\Canon BJ Language Monitor TR8500 series: C:\WINDOWS\system32\CNMLMDL.DLL [1302016 2019-01-10] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\102.0.5005.115\Installer\chrmstp.exe [2022-06-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {013176EB-AE42-492E-812E-B910443B7FD2} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {104F4244-1DF3-4ABD-BBD1-0F1F5A8785D3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {12D91D6A-C8C9-4065-9929-4AD7E19862EC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-08-04] (Google LLC -> Google LLC)
Task: {17777C60-E9CB-4CAF-AEBB-0251373F9665} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {17D867CA-B98E-45FC-90EB-882368593357} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1002 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {18B08C0D-A867-43A9-B2C4-9BC37447E3F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154456 2021-08-04] (Google LLC -> Google LLC)
Task: {36F90AEB-2128-4075-AF24-B40D0E6DEF27} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3A370D7E-E583-49B1-A69A-E7E23C456DAD} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [198696 2017-04-07] (HP Inc. -> HP Inc.)
Task: {4B4F7DC3-6C03-4E74-BDE5-A328C7785FC5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1080168 2017-04-07] (HP Inc. -> HP Inc.)
Task: {4F010BC0-A0FA-4093-B13D-DBD97C8C23ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [107368 2017-04-07] (HP Inc. -> HP Inc.)
Task: {5149CB27-897F-4FBA-9976-47A23F3DE188} - System32\Tasks\HPCeeScheduleForTanya => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {53779D08-CDB7-419A-8D00-DE67E8097A17} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1074608 2022-01-11] (McAfee, LLC -> McAfee, LLC)
Task: {548D43B4-E608-4B33-8C5A-F367FE72E5C7} - System32\Tasks\HPJumpStartLaunch => C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe [459680 2017-09-12] (HP Inc. -> )
Task: {5F9D2695-D5F3-410B-A0AF-841C6EB6497F} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {66AC8383-083B-4268-A72A-5F27934A8B64} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1362464 2017-03-13] (HP Inc. -> HP Development Company, L.P.)
Task: {6BA16330-12C1-4306-A493-6B9B743D5ABF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {6D632E8E-4CB4-4735-A0D1-CB29AD7CCF63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [208744 2017-04-07] (HP Inc. -> HP Inc.)
Task: {75A31524-25C5-4057-8841-10C78DE39F54} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {76136C7C-A4D4-4AF7-A1CA-E88BD8C6BF92} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1487392 2017-04-07] (HP Inc. -> HP Inc.)
Task: {7C47A020-A5EF-452F-A68F-14136D9E22B8} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [688560 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {7DD34EAB-60F8-4462-8F5F-B125C45BC6D0} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4724096 2022-01-06] (McAfee, LLC -> McAfee, LLC)
Task: {7F73E3B6-609B-4AA4-A0C6-492E7F9626CE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1487392 2017-04-07] (HP Inc. -> HP Inc.)
Task: {8D7C9A8C-E3FC-48FA-86A6-65681479C1D2} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115624 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {91A048DF-1E15-47A1-B8CD-A3ADE20B55E5} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [758352 2022-01-19] (McAfee, LLC -> McAfee, LLC)
Task: {931F3792-F176-4446-867F-D86D1A2446A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1080168 2017-04-07] (HP Inc. -> HP Inc.)
Task: {965B8D79-6CC2-4F70-8EAE-230CF22103B3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [6470640 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F034951-009B-422F-B80A-4E19D2769355} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.7.104\DADUpdater.exe [4089168 2022-02-08] (McAfee, LLC -> McAfee, LLC)
Task: {A161D7E6-0E67-43B4-A6BC-A6D22AF0C7A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_TH1AF2R2M7 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1080168 2017-04-07] (HP Inc. -> HP Inc.)
Task: {A221A482-5031-4077-B48A-23586BE20F6A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A33C22E9-1115-4289-9B35-9065593918FA} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.12.663\mcdatrep.exe [1889696 2021-08-07] (McAfee, Inc. -> McAfee, LLC.)
Task: {AC866CF1-D83B-4EB5-8A9C-FA6B02B5B007} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor Logon => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-05-03] (HP Inc. -> HP Inc.)
Task: {BD66A002-AE44-4F4B-9A4C-AC1F67B2C6FD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23246768 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {C0FC9877-85FB-4B81-9404-792F97CB00A8} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1004 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4214144 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3FA3CBD-74D0-434F-A1CB-6975EE3B47DD} - System32\Tasks\HPCeeScheduleForttbcs => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [99208 2016-06-24] (Hewlett-Packard Company -> HP Inc.)
Task: {C7DBCAF6-224C-4208-B3BA-F8D6FF63F244} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1564424 2021-11-18] (Adobe Inc. -> Adobe Inc.)
Task: {CCDFC0B8-01A3-4E74-A820-4F13F51D269E} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\WINDOWS\System32\MbaeParserTask.exe (No File)
Task: {CD660808-C3AE-4C23-B8AB-C076B734A7ED} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1074608 2022-01-11] (McAfee, LLC -> McAfee, LLC)
Task: {CEB2F4B3-EE58-40E7-9D6E-8B153FDB458A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [625512 2017-04-06] (HP Inc. -> HP Inc.)
Task: {D3FE27A7-F189-405D-9849-3A68FD8F92FA} - System32\Tasks\HP\HP Print Scan Doctor\Printer Health Monitor => C:\Program Files\HPPrintScanDoctor\HPPrinterHealthMonitor.exe [42144 2022-05-03] (HP Inc. -> HP Inc.)
Task: {F307EE6B-7D1E-4E6F-9F5B-8134FD6E588D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {FDE141E2-85E9-450B-ABA6-F1AFBB3C9EE4} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [26968 2021-10-06] (Garmin International, Inc. -> )
Task: {FE4B675E-C37B-422E-A83D-3DF64F512E3D} - System32\Tasks\HPAudioSwitch => C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe [1644960 2017-02-02] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForTanya.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForttbcs.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e1f5879b-723a-4aeb-ac15-a3264a5d820f}: [DhcpNameServer] 192.168.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default [2022-05-17]
Edge HomePage: Default -> hxxps://www.google.com/
Edge StartupUrls: Default -> "hxxp://www.google.com/"
Edge DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
Edge DefaultSearchKeyword: Default -> duckduckgo.com
Edge DefaultSuggestURL: Default -> hxxps://duckduckgo.com/ac/?q={searchTerms}&type=list
Edge Extension: (Google Translate) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-02]
Edge Extension: (Audio Equalizer) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ahikmoihohidpfjdmmdodfhnmjipmpci [2022-01-29]
Edge Extension: (DuckDuckGo) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\caoacbimdbbljakfhgikoodekdnlcgpk [2022-05-17]
Edge Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fclbdkbhjlgkbpfldjodgjncejkkjcme [2022-05-17]
Edge Extension: (McAfee® WebAdvisor) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\fdhgeoginicibhagdmblfikbgbkahibd [2022-05-17]
Edge Extension: (Hope Chest) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gjneklbanpnnjdeddbnkkgeljkhpblhp [2022-01-29]
Edge Extension: (Cisco Webex Extension) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ikdddppdhmjcdfgilpnbkdeggoiicjgo [2022-01-29]
Edge Extension: (Bitwarden - Free Password Manager) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jbkfoedolllekgbhcbcoahefnbanhhlh [2022-05-17]
Edge Extension: (McAfee® Web Boost) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\lamehkegphbbfdailghaeeleoajilfho [2022-01-29]
Edge Extension: (Okta Browser Plugin) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ncoafaeidnkeafiehpkfoeklhajkpgij [2022-05-11]
Edge Extension: (AdBlock — best ad blocker) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2022-05-17]
Edge Extension: (uBlock Origin) - C:\Users\ttbcs\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\odfafepnkmbhccpbejgmiehpchacaeak [2022-05-17]

FireFox:
========
FF DefaultProfile: 2p08clz4.default
FF ProfilePath: C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\2p08clz4.default [2021-12-08]
FF ProfilePath: C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release [2022-06-24]
FF Extension: (Facebook Container) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\@contain-facebook.xpi [2022-04-02]
FF Extension: (Firefox Multi-Account Containers) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\@testpilot-containers.xpi [2022-05-11]
FF Extension: (Cookie AutoDelete) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\[email protected] [2022-06-24]
FF Extension: (Open in Reader View) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\[email protected] [2021-08-09]
FF Extension: (Privacy Badger) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\[email protected] [2021-12-04]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\[email protected] [2022-06-24]
FF Extension: (Bitwarden - Free Password Manager) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{446900e4-71c2-419f-a6a7-df9c091e268b}.xpi [2022-06-24]
FF Extension: (Eno® from Capital One®) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{4d5b7a5e-5232-9e45-97f4-f8e1ca2626e5}.xpi [2022-05-11]
FF Extension: (McAfee® WebAdvisor) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2022-06-24] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
FF Extension: (Audio Equalizer) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{63d150c4-394c-4275-bc32-c464e76a891c}.xpi [2022-01-26]
FF Extension: (gray leaf) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{979aae3a-31db-479d-b7d5-95054b5a33ff}.xpi [2021-08-09]
FF Extension: (User-Agent Switcher and Manager) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{a6c4a591-f1b2-4f03-b3ff-767e5bedf4e7}.xpi [2022-06-24]
FF Extension: (Delete browsing data directly from the browser toolbar. Clear cookies, history and cache with a single click.) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{ce9f4b1f-24b8-4e9a-9051-b9e472b1b2f2}.xpi [2021-08-09]
FF Extension: (DownThemAll!) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2022-06-24]
FF Extension: (Linen Grey) - C:\Users\ttbcs\AppData\Roaming\Mozilla\Firefox\Profiles\g0yh7lll.default-release\Extensions\{f9435bf9-8040-465e-9b72-3eb1fe0f8409}.xpi [2021-08-09]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2022-01-26] (McAfee, LLC -> )
FF Plugin: @videolan.org/vlc,version=3.0.16 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2022-04-07] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2022-01-26] (McAfee, LLC -> )
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2022-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2022-03-08] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default [2022-06-07]
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Extension: (Google Translate) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2022-04-02]
CHR Extension: (Slides) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-08-07]
CHR Extension: (Audio Equalizer) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahikmoihohidpfjdmmdodfhnmjipmpci [2022-01-26]
CHR Extension: (Duolingo on the Web) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2021-08-07]
CHR Extension: (Docs) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-08-07]
CHR Extension: (Google Drive) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-07]
CHR Extension: (YouTube) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-08-07]
CHR Extension: (Color Picker) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbapocmbjilkikplhmkhhjjhmmlohffe [2022-04-02]
CHR Extension: (Google News) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2021-08-07]
CHR Extension: (Sheets) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-08-07]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2022-06-07]
CHR Extension: (Google Docs Offline) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-02]
CHR Extension: (AdBlock — best ad blocker) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-06-07]
CHR Extension: (Hope Chest) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjneklbanpnnjdeddbnkkgeljkhpblhp [2021-10-22]
CHR Extension: (Okta Browser Plugin) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\glnpjglilkicbckjpbgcfkogebgllemb [2022-06-07]
CHR Extension: (Cisco Webex Extension) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2022-01-26]
CHR Extension: (McAfee® Web Boost) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\klekeajafkkpokaofllcadenjdckhinm [2022-01-22]
CHR Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2022-06-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-07]
CHR Extension: (Bitwarden - Free Password Manager) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\nngceckbapebfimnlniiiahkandclblb [2022-06-07]
CHR Extension: (TypingClub) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\obdbgibnhfcjmmpfijkpcihjieedpfah [2021-08-07]
CHR Extension: (Weather Underground) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjejbgheonogbpfkkjigbmahaljipoej [2021-08-07]
CHR Extension: (Gmail) - C:\Users\ttbcs\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-07]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]
CHR HKU\S-1-5-21-337212924-4266545201-662137970-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
CHR HKLM-x32\...\Chrome\Extension: [klekeajafkkpokaofllcadenjdckhinm]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-11-18] (Adobe Inc. -> Adobe Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11988384 2022-06-19] (Microsoft Corporation -> Microsoft Corporation)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncHelper.exe [3373960 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1325352 2017-06-20] (HP Inc. -> HP Inc.)
R2 HPJumpStartBridge; c:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [472576 2017-09-12] (HP Inc. -> HP Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [223904 2022-05-03] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1077752 2016-09-28] (HP Inc. -> HP)
R2 hpsrv; C:\windows\system32\Hpservice.exe [38752 2016-09-26] (HP Inc. -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [33640 2017-04-07] (HP Inc. -> HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [628768 2017-07-13] (HP Inc. -> HP Inc.)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [808728 2022-06-23] (McAfee, LLC -> McAfee, LLC)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_21_9\McApExe.exe [791664 2022-01-19] (McAfee, LLC -> McAfee, LLC)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\5.0.112.0\\McCSPServiceHost.exe [2671464 2022-01-12] (McAfee, LLC -> McAfee, LLC)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [1242112 2021-09-24] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1676304 2022-01-18] (McAfee, LLC -> McAfee, LLC)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\22.111.0522.0002\OneDriveUpdaterService.exe [3812760 2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4310552 2022-01-18] (McAfee, LLC -> McAfee, LLC)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\NisSrv.exe [2909208 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WildTangentHelper; C:\Program Files (x86)\WildTangent Games\Integration\WildTangentHelperService.exe [1689984 2022-03-29] (WildTangent, Inc. -> )
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2201.10-0\MsMpEng.exe [128376 2022-02-11] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [507904 2021-12-06] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [180224 2021-12-06] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [98304 2021-06-05] (Microsoft Corporation) [File not signed]
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [74752 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Microsoft Windows Hardware Compatibility Publisher -> Silicon Laboratories)
S3 Hsp; C:\WINDOWS\System32\drivers\Hsp.sys [111960 2022-05-12] (Microsoft Windows -> Microsoft Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [574464 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [390656 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [90048 2021-09-28] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [526336 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [1088512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [638464 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [110080 2021-09-16] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118784 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [256512 2021-09-28] (McAfee, Inc. -> McAfee, LLC)
S3 usbscan; C:\WINDOWS\System32\drivers\usbscan.sys [77824 2021-06-05] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [48536 2022-02-11] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [438520 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90360 2022-02-11] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [37280 2021-11-23] (HP Inc. -> HP)
U3 aspnet_state; no ImagePath
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 13:01 - 2022-06-24 13:18 - 000000000 ____D C:\FRST
2022-06-24 12:29 - 2022-06-24 12:29 - 000000000 ___HD C:\$WinREAgent
2022-06-24 08:23 - 2022-06-24 08:24 - 000228423 _____ C:\Users\Tanya\Downloads\Dec Tanya Houston.pdf
2022-06-24 08:23 - 2022-06-24 08:24 - 000227002 _____ C:\Users\Tanya\Downloads\062322 Opposition to Petition.pdf
2022-06-19 19:11 - 2022-06-20 19:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-06-19 17:28 - 2022-06-19 17:28 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2022-06-19 17:28 - 2022-06-19 17:28 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2022-06-19 17:27 - 2022-06-19 17:27 - 000299008 _____ C:\WINDOWS\system32\EsclScan.dll
2022-06-19 17:27 - 2022-06-19 17:27 - 000180224 _____ C:\WINDOWS\system32\EsclProtocol.dll
2022-06-19 17:26 - 2022-06-19 17:26 - 000015042 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-06-19 17:21 - 2022-06-19 17:21 - 000614400 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2022-06-19 17:20 - 2022-06-19 17:20 - 000335872 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2022-06-13 20:49 - 2022-06-13 20:49 - 000000000 ____H C:\Users\Tanya\BITE3B4.tmp
2022-06-07 21:16 - 2022-06-07 21:16 - 001648640 _____ C:\Users\Tanya\OneDrive\Documents\Publication4.pub
2022-06-07 21:15 - 2022-06-07 21:15 - 000365568 _____ C:\Users\Tanya\OneDrive\Documents\Publication3.pub
2022-06-07 16:52 - 2022-06-07 16:52 - 029789466 _____ C:\Users\Tanya\Downloads\jettemplate_OZ815327.zip
2022-06-07 16:43 - 2022-06-07 16:43 - 001090701 _____ C:\Users\Tanya\Downloads\jettemplate_GB855378.pdf
2022-06-07 16:43 - 2022-06-07 16:43 - 001088958 _____ C:\Users\Tanya\Downloads\jettemplate_GB855378.zip
2022-06-06 13:42 - 2022-06-06 13:42 - 014911869 _____ C:\Users\Tanya\Downloads\jettemplate_WS806123 (1).zip
2022-06-06 13:31 - 2022-06-06 13:32 - 009296965 _____ C:\Users\Tanya\Downloads\jettemplate_DK707974.zip
2022-06-06 13:08 - 2022-06-06 13:08 - 004714777 _____ C:\Users\Tanya\Downloads\safari-favor-tags-2_629e5eb26b2245_72401996.pdf
2022-06-06 13:07 - 2022-06-06 13:07 - 003922921 _____ C:\Users\Tanya\Downloads\safari-favor-tags-2_629e5e81c15d83_00095621.pdf
2022-06-05 20:18 - 2022-06-05 20:18 - 002708043 _____ C:\Users\Tanya\Downloads\1PLEASEREAD.pdf
2022-06-05 20:16 - 2022-06-05 20:16 - 014914722 _____ C:\Users\Tanya\Downloads\jettemplate_WS806123.pdf
2022-06-05 20:11 - 2022-06-05 20:11 - 014911883 _____ C:\Users\Tanya\Downloads\jettemplate_WS806123.zip
2022-06-01 18:29 - 2022-06-01 18:29 - 000269089 _____ C:\Users\Tanya\Downloads\DownloadandPleaseRead-Corjl.pdf
2022-05-25 11:11 - 2022-06-13 20:58 - 000000000 ___RD C:\Users\Tanya\OneDrive\Documents\Scanned Documents
2022-05-25 11:11 - 2022-05-25 11:11 - 000000000 ____D C:\Users\Tanya\OneDrive\Documents\Fax
2022-05-25 10:39 - 2022-05-25 10:39 - 000379388 _____ C:\Users\Tanya\Downloads\Notice of Privacy Practices.pdf
2022-05-25 10:39 - 2022-05-25 10:39 - 000166485 _____ C:\Users\Tanya\Downloads\Rights of PErsons.pdf
2022-05-25 10:39 - 2022-05-25 10:39 - 000146265 _____ C:\Users\Tanya\Downloads\Personal Needs Funds.pdf
2022-05-25 10:38 - 2022-05-25 10:38 - 000071467 _____ C:\Users\Tanya\Downloads\Auth for Release of Information.pdf
2022-05-25 10:38 - 2022-05-25 10:38 - 000045300 _____ C:\Users\Tanya\Downloads\Photo Release.pdf
2022-05-25 10:37 - 2022-05-25 10:37 - 000307164 _____ C:\Users\Tanya\Downloads\Dispute Policy and Procedure.pdf
2022-05-25 10:36 - 2022-05-25 10:36 - 000321229 _____ C:\Users\Tanya\Downloads\Your Health Information.pdf
2022-05-25 10:36 - 2022-05-25 10:36 - 000088405 _____ C:\Users\Tanya\Downloads\S & PS Training.pdf

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-06-24 13:25 - 2021-08-04 09:07 - 000000000 ____D C:\Program Files (x86)\Google
2022-06-24 13:05 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-06-24 12:59 - 2018-02-19 22:00 - 000000000 ___RD C:\Users\Tanya\OneDrive
2022-06-24 12:57 - 2021-06-05 05:10 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-06-24 12:46 - 2022-02-24 11:04 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-06-24 12:45 - 2021-06-05 05:10 - 000000000 ___HD C:\Program Files\WindowsApps
2022-06-24 12:45 - 2018-02-19 16:57 - 000000000 ____D C:\Users\ttbcs\AppData\LocalLow\Mozilla
2022-06-24 12:44 - 2021-09-29 17:55 - 000000000 ____D C:\Users\ttbcs\AppData\Local\D3DSCache
2022-06-24 12:44 - 2021-06-05 05:01 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-06-24 12:40 - 2021-10-20 19:30 - 000000000 ____D C:\Users\ttbcs\AppData\Roaming\MuseScore
2022-06-24 12:28 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SystemTemp
2022-06-24 12:27 - 2021-12-07 07:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\McAfee
2022-06-24 12:27 - 2018-02-19 14:47 - 000000000 ___RD C:\Users\ttbcs\OneDrive
2022-06-24 12:26 - 2021-12-07 06:38 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-06-24 12:26 - 2018-02-19 14:43 - 000000000 __SHD C:\Users\ttbcs\IntelGraphicsProfiles
2022-06-24 12:20 - 2018-02-19 21:52 - 000000000 __SHD C:\Users\Tanya\IntelGraphicsProfiles
2022-06-24 08:39 - 2021-09-14 20:00 - 000000000 ____D C:\Users\Tanya\AppData\Local\D3DSCache
2022-06-24 08:19 - 2021-08-04 08:49 - 000000000 ____D C:\Users\Tanya\AppData\Local\Packages
2022-06-23 17:34 - 2021-06-05 05:01 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-06-23 17:27 - 2021-12-07 06:45 - 000919394 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-06-23 17:27 - 2021-06-05 05:09 - 000000000 ____D C:\WINDOWS\INF
2022-06-20 19:38 - 2021-12-07 07:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-06-20 19:38 - 2021-08-09 17:41 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-06-20 19:38 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\ServiceState
2022-06-20 19:38 - 2020-11-20 08:21 - 000012288 ___SH C:\DumpStack.log.tmp
2022-06-20 19:36 - 2021-06-05 05:01 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2022-06-20 10:42 - 2021-12-07 07:13 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-06-20 10:42 - 2021-08-09 17:41 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-06-19 18:29 - 2021-12-07 06:38 - 000292696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-06-19 18:29 - 2021-08-07 12:56 - 000000000 ____D C:\Program Files (x86)\McAfee
2022-06-19 18:28 - 2022-02-25 11:56 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTanya.job
2022-06-19 18:28 - 2022-01-28 11:09 - 000000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleForttbcs.job
2022-06-19 18:28 - 2021-09-29 19:00 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2022-06-19 18:23 - 2021-06-05 06:17 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2022-06-19 18:23 - 2021-06-05 06:17 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ___SD C:\WINDOWS\system32\F12
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\gl-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\eu-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\SystemResources
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\id-ID
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\gl-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\eu-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\et-EE
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\es-MX
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\DDFs
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\ca-ES
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\appraiser
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\ShellComponents
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-06-19 18:23 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-06-19 17:20 - 2021-12-07 06:44 - 003101184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2022-06-19 16:23 - 2021-08-09 17:40 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-06-19 16:17 - 2021-08-09 17:39 - 145918784 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-06-19 16:09 - 2022-01-28 11:09 - 000003252 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForttbcs
2022-06-19 16:09 - 2021-08-03 23:14 - 000002283 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-06-19 16:09 - 2020-07-05 11:44 - 000002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-06-19 16:05 - 2017-08-17 09:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-06-19 15:51 - 2021-12-12 10:59 - 000003442 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore1d7eb71e786f83b
2022-06-19 15:51 - 2021-12-07 07:13 - 000003536 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-06-14 15:06 - 2021-08-04 09:07 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-06-14 15:06 - 2021-08-04 09:07 - 000002213 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-06-14 13:11 - 2021-06-05 05:10 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2022-06-13 20:49 - 2022-02-25 11:56 - 000003252 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForTanya
2022-06-13 20:49 - 2021-12-07 00:06 - 000000000 ____D C:\Users\Tanya
2022-06-13 20:39 - 2022-01-11 17:19 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1004
2022-06-13 20:39 - 2021-12-29 10:24 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1001
2022-06-13 20:39 - 2021-12-12 12:15 - 000003588 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-337212924-4266545201-662137970-1002
2022-06-13 20:39 - 2021-12-07 07:13 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2022-06-13 20:39 - 2021-09-29 19:00 - 000002139 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-06-09 21:22 - 2021-08-04 08:05 - 000000000 ____D C:\ProgramData\Packages

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-06-2022 01
Ran by ttbcs (24-06-2022 13:27:28)
Running from C:\Users\ttbcs\OneDrive\Desktop
Microsoft Windows 11 Home Version 21H2 22000.739 (X64) (2021-12-07 14:16:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-337212924-4266545201-662137970-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-337212924-4266545201-662137970-503 - Limited - Disabled)
defaultuser1 (S-1-5-21-337212924-4266545201-662137970-1004 - Limited - Enabled) => C:\Users\defaultuser1.LAPTOP-QG2MJM8O
Guest (S-1-5-21-337212924-4266545201-662137970-501 - Limited - Disabled)
Tanya (S-1-5-21-337212924-4266545201-662137970-1002 - Administrator - Enabled) => C:\Users\Tanya
ttbcs (S-1-5-21-337212924-4266545201-662137970-1001 - Administrator - Enabled) => C:\Users\ttbcs
WDAGUtilityAccount (S-1-5-21-337212924-4266545201-662137970-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {9D4501E6-72F6-2877-C789-89AF6F535B2C}
AV: McAfee VirusScan (Enabled - Up to date) {FE987762-0FB6-6BB6-1BF1-73F8ED8566FA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {C6A3F647-45D9-6AEE-30AE-DACD13562181}
FW: McAfee Firewall (Enabled) {A57E80C3-3899-292F-ECD6-209A91801C57}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat DC (64-bit) (HKLM\...\{AC76BA86-1033-1033-7760-BC15014EA700}) (Version: 22.001.20117 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{A894FC56-6753-44E0-AC2E-D7BEFC8E7B24}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Elevated Installer (HKLM-x32\...\{6D8B91FF-05DE-4BB6-A293-D6B29A58D9AF}) (Version: 7.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Garmin Express (HKLM-x32\...\{71FC830C-545C-4F34-AE68-4F3073D6AF8C}) (Version: 7.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{cb52ee1f-2988-4cef-bc1c-1daa567cdf88}) (Version: 7.9.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 102.0.5005.115 - Google LLC)
HP 3D DriveGuard (HKLM-x32\...\{8F183B2E-D21D-4070-8132-DD39C3CBFA5C}) (Version: 6.0.41.1 - HP)
HP Audio Switch (HKLM-x32\...\{BC852AA8-58F6-4F07-ACB1-7377E52CA4F3}) (Version: 1.0.150.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{AC154691-D9B6-4CD9-BB9B-ACDAF61367E5}) (Version: 2.22.1 - HP Inc.)
HP Customer Experience Enhancements (HKLM-x32\...\{9720A595-3D2D-440E-9523-0B6F970745DD}) (Version: 6.0.11.1 - HP Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM\...\{20185BDA-D396-4C93-95C7-ECD0FB397FF7}) (Version: 5.3.22034 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{5BBB44D5-3CC0-4434-AA0C-5883B975E45E}) (Version: 5.3.22034 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{6884D818-9E0E-4984-A6CA-B17757DCB8FA}) (Version: 5.3.22034 - HP Inc.) Hidden
HP ePrint SW (HKLM\...\{F7E8A494-97B6-4786-9E2C-A42A082483EB}) (Version: 5.3.22034 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{2889C948-F002-4992-815F-DBE0AFB5DC6E}) (Version: 5.3.22034 - HP Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{54da9769-2364-4bd3-8139-6400500778b3}) (Version: 5.3.22034 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{98AA8BB0-0C0A-411A-BB43-1265CA769155}) (Version: 5.3.22034 - HP Inc.) Hidden
HP JumpStart Apps (HKLM-x32\...\HP JumpStart Apps) (Version: 7.0.32 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{6A139049-EBB9-4076-8664-B468888E55A3}) (Version: 1.3.392.0 - HP Inc.)
HP Recovery Manager (HKLM-x32\...\{64BAA990-F1FC-4145-A7B1-E41FBBC9DA47}) (Version: 1.2.1510 - HP) Hidden
HP Registration Service (HKLM-x32\...\{EBF2C31B-E9A1-4929-BE35-6EBECF286110}) (Version: 1.0.0.30 - HP Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{05F81C27-62A5-4A0C-8519-60CB66CF87C6}) (Version: 8.4.14.41 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{183BD477-774B-4700-B40B-EE43886E74D2}) (Version: 12.6.14.19 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.5.0 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{ABE95EB9-5EA1-42A3-8009-BA7602127ED6}) (Version: 1.4.25 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{F5852AA8-30EA-495B-84B4-C2403C935D6F}) (Version: 1.1.19.1 - HP)
Intel® Chipset Device Software (HKLM\...\{94E05108-3E4E-4F2E-AC5F-33A1B22B779C}) (Version: 10.1.1.44 - Intel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel® Corporation) Hidden
Intel® Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.3.10203.4295 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1035 - Intel Corporation)
Intel® Management Engine Components (HKLM\...\{27FC885E-2456-434E-ACE8-46569962CB04}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{ACCD589F-4082-473C-B5A6-2E0022D0DE61}) (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (HKLM\...\{E9B9A1A5-6398-4C99-8FDE-10794F6505C5}) (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4708 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{ABDC630D-DC10-4991-9965-D683C8F4885D}) (Version: 15.7.0.1014 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (HKLM\...\{F6AA7E43-41A4-4304-BA96-A495C5788231}) (Version: 1.45.447.1 - Intel Corporation) Hidden
Intel® Wireless Bluetooth® (HKLM-x32\...\{559FA847-377D-4926-80A3-ED9E014D363A}) (Version: 19.60.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{ed5cef80-a339-45bd-8c06-514eaf785ca8}) (Version: 19.71.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{5E952F21-EFE4-47D8-9C8E-29AE9A2D75B7}) (Version: 19.71.0.1071 - Intel Corporation) Hidden
IrfanView 4.58 (64-bit) (HKLM\...\IrfanView64) (Version: 4.58 - Irfan Skiljan)
McAfee Multi Access - Total Protection (PC) (HKLM-x32\...\MSC) (Version: 16.0 R43 - McAfee, LLC)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.15225.20288 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 102.0.1245.44 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 102.0.1245.44 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 22.111.0522.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\Teams) (Version: 1.4.00.19572 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-337212924-4266545201-662137970-1002\...\Teams) (Version: 1.5.00.11163 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{6A2A8076-135F-4F55-BB02-DED67C8C6934}) (Version: 4.67.0.0 - Microsoft Corporation)
Microsoft VC++ redistributables repacked. (HKLM\...\{B00A8074-C8C0-48C9-B872-8CDC0ABEA33C}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft VC++ redistributables repacked. (HKLM-x32\...\{BA5D4378-D3B5-4D4A-BFB8-ABFBAF483465}) (Version: 12.0.0.0 - Intel Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 x64 Additional Runtime - 14.0.24123 (HKLM\...\{21134089-9B59-34C8-BE11-929D26AD5207}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015 x64 Minimum Runtime - 14.0.24123 (HKLM\...\{FDBE9DB4-7A91-3A28-B27E-705EF7CFAE57}) (Version: 14.0.24123 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.23.27820 (HKLM-x32\...\{86BE78D9-65A1-4E69-86F8-C1F5281F8553}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.23.27820 (HKLM-x32\...\{00AC3934-26B4-406E-807C-1692AC7329EC}) (Version: 14.23.27820 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 en-US) (HKLM\...\Mozilla Firefox 101.0.1 (x64 en-US)) (Version: 101.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 90.0.2 - Mozilla)
MuseScore 3 (HKLM\...\{FF67E071-104C-4C42-9301-184442745671}) (Version: 3.6.2.548021803 - Werner Schweer and Others)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.1.4 - Notepad++ Team)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.15225.20150 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.15128.20178 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.15225.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.12527.21986 - Microsoft Corporation) Hidden
Printer Registration (HKLM-x32\...\Canon EISRegistration) (Version: 1.8.0 - Canon Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.370.154 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Teams Machine-Wide Installer (HKLM-x32\...\{39AF0813-FA7B-4860-ADBE-93B9B214B914}) (Version: 1.4.0.7174 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1-2) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
WebAdvisor by McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.725 - McAfee, LLC)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.1.1.17 - WildTangent)
WildTangent Helper (HKLM-x32\...\{A39303AB-4898-4F12-BAA0-0B8630F86DB4}) (Version: 5.0.0.305 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows PC Health Check (HKLM\...\{B1E7D0FD-7CFE-4E0C-A5DA-0F676499DB91}) (Version: 3.2.2110.14001 - Microsoft Corporation)
Zoom (HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\ZoomUMX) (Version: 5.9.3 (3169) - Zoom Video Communications, Inc.)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2021-08-04] (Amazon.com)
Bitwarden -> C:\Program Files\WindowsApps\8bitSolutionsLLC.bitwardendesktop_2022.5.1.0_x86__h4e712dmw3xyy [2022-06-19] (8bit Solutions LLC)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.3.407.0_x86__v10z8vjag6ke6 [2021-08-04] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_136.1.269.0_x64__v10z8vjag6ke6 [2022-05-11] (HP Inc.)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.13.5310.0_x64__8wekyb3d8bbwe [2022-06-19] (Microsoft Studios) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-23] (Netflix, Inc.)
Simple Solitaire -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleSolitaire_7.4.4.0_x64__kx24dqmazqk8j [2021-09-29] (Random Salad Games LLC)
Smartfriend by HP Care -> C:\Program Files\WindowsApps\AD2F1837.SmartfriendbyHPCare_1.1.13.0_x64__v10z8vjag6ke6 [2021-08-04] (HP Inc.)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0 [2022-06-23] (Spotify AB) [Startup Task]
WildTangent Games -> C:\Program Files\WindowsApps\WildTangentGames.63435CFB65F55_2.0.84.0_x64__qt5r5pa5dyg8m [2021-08-04] (WildTangent Games)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-337212924-4266545201-662137970-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\ttbcs\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21105.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-08-21] (Notepad++ -> )
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\22.111.0522.0002\FileSyncShell64.dll [2022-06-13] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-06-19 18:45 - 2022-06-19 18:45 - 000160256 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BRIDGECommon\c053aed297b95b2b5477724c30f3f835\BRIDGECommon.ni.dll
2022-06-19 18:47 - 2022-06-19 18:47 - 000120832 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BridgeExtension\da884604f3abb1c40fd1e4bbebacc078\BridgeExtension.ni.dll
2022-06-19 18:47 - 2022-06-19 18:47 - 000370688 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CleanStartController\e3b731c4bb498a6574bcbc7a26b30440\CleanStartController.ni.dll
2022-06-19 18:48 - 2022-06-19 18:48 - 000138240 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.IWs06dcaa36#\68d37933a82300fc7d9b4dde89cc0ccf\Interop.IWshRuntimeLibrary.ni.dll
2022-06-19 18:47 - 2022-06-19 18:47 - 000072704 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NativeInterop\9c61f962704c97d8be41484436a7c18b\NativeInterop.ni.dll
2022-06-19 18:48 - 2022-06-19 18:48 - 000134656 _____ (hardcodet.net) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Hardcodet.W6cab32f3#\3e9e7f37047b8d29c9cdcbcc64c6153a\Hardcodet.Wpf.TaskbarNotification.ni.dll
2021-08-07 13:13 - 2019-02-21 09:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2022-06-19 18:48 - 2022-06-19 18:48 - 001585664 _____ (Mark Heath) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\NAudio\48f11fe26d6d968501dd11d41d079301\NAudio.ni.dll
2022-06-19 18:46 - 2022-06-19 18:46 - 002306560 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\a57e88046e7a4d8108c8e9bc5655973c\Newtonsoft.Json.ni.dll
2022-06-19 18:48 - 2022-06-19 18:48 - 000792064 _____ (The Apache Software Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\log4net\a81497f61a9531caaa5246802e6607b5\log4net.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-337212924-4266545201-662137970-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-337212924-4266545201-662137970-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-337212924-4266545201-662137970-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp17win10.msn.com/?pc=HCTE
HKU\S-1-5-21-337212924-4266545201-662137970-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp17win10.msn.com/?pc=HCTE
SearchScopes: HKLM -> {FD8715C2-4BAA-45C2-B605-17DA681835BA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {FD8715C2-4BAA-45C2-B605-17DA681835BA} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us2-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2022-04-05] (Microsoft Corporation -> Microsoft Corporation)
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2022-06-19] (McAfee, LLC -> McAfee, LLC)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2022-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2022-06-19] (McAfee, LLC -> McAfee, LLC)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2022-05-26] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2022-01-26] (McAfee, LLC -> McAfee, LLC)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\sharepoint.com -> hxxps://ccsd-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 14:03 - 2022-05-11 18:13 - 000000828 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-337212924-4266545201-662137970-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme1\img1.jpg
HKU\S-1-5-21-337212924-4266545201-662137970-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Tanya\Downloads\158547264_1078523462629313_4207099470797269292_n.jpg
HKU\S-1-5-21-337212924-4266545201-662137970-1004\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )

BITS: {04AD388A-75A3-4A7A-9CF1-E74CF2457BA1} - (HPCeeConnect) -> [NotifyCmdLine: C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe "C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe" HPCeeConnect (null)] [files:http://ceement.rssx....entWA/index.jsp-> C:\Users\Tanya\hpTemp.txt]
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "IJNetworkScannerSelectorEX2"
HKLM\...\StartupApproved\Run32: => "CanonQuickMenu"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-337212924-4266545201-662137970-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_DB75890BB2C6219E955F6B80A91E685F"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B81C98C8-6ED8-4FA9-BFA9-25D0A9B37C60}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4D9033D1-C7F7-4549-A721-7F6391BF3596}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{257ED799-7BCF-4444-803F-1E5443B5A746}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe => No File
FirewallRules: [{36EF266F-9F6E-4F07-87C5-DB0E1DA0C9D2}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{D4695A09-7058-4FC6-835E-12C82C9BEC6F}] => (Allow) C:\Program Files (x86)\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC -> McAfee, LLC)
FirewallRules: [{03379514-ED1C-4E98-A5AA-CD518429F92E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{04FD68D0-5A6B-47DB-9DB7-31F263CAB551}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{BC628495-DBA0-46F7-ADFC-2274315BBF04}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{65E80305-F23D-443C-8EB4-0AEF04105CAB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{01839C2A-6400-47C1-863B-19207E6D5A91}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel® Wireless Connectivity Solutions -> )
FirewallRules: [{5F6B805B-B4F4-4D4D-8764-9BFB1E72BCF7}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B090B33-DC5B-4492-812F-7DAB709C89BA}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_21323.200.1078.109_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{902D1CC6-7CF0-4C04-B915-AF4B14CF9C0B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CD597EE5-88A4-4EAB-AA83-28274AA9ADF8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{57D8FC27-E4FC-435E-8BF3-E2EBD4A2D651}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DEC535E8-FB0B-4A1F-AA48-52C24183CF26}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9AA95560-BFE6-42EB-A5AC-D6A41E26F8E4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E34C28BC-BB0E-4EBC-AE74-16170B519A19}] => (Allow) C:\Users\ttbcs\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{FEFFC333-DF3A-4EBC-A567-23962A30CD49}] => (Allow) C:\Users\ttbcs\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{D504E697-CBC1-4390-8A13-9E9362BC5264}] => (Allow) C:\Users\ttbcs\AppData\Roaming\Zoom\bin\airhost.exe => No File
FirewallRules: [{3217676F-A084-4FE4-941D-7F80D1E9258B}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{406845DB-DB25-4B7A-8332-0E475C2C8EC7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F55DEE28-5D87-4A96-A91C-0F229BBCD9F7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5DBCE6EA-7078-4003-A546-6B2761F127D9}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.83.3409.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B1AB74C1-6B9F-4FC8-8C29-4FB7C039FA12}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{C71EADD4-5AAB-4094-A04B-84131E5E8AB5}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\102.0.1245.44\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F6299831-28BF-44FD-BFE2-046128D2D48D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{390934C1-777A-4FB3-95C2-6E5B27EE6A2D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D25B718C-53DF-43FB-B21B-01526CF122DB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63030E09-9427-4032-AB9D-742CF1D8EE70}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{5EBD51DF-FD33-451D-9EF8-13FA331B2981}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7896596D-B1FE-4C56-8B64-61F7999E39F7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DF03A5CA-8E1A-41B6-8AFD-441BB8493F23}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{0A12E809-31C8-4E97-A7ED-2626F9B50CDA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.188.612.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{82302A93-C17B-463F-A2EC-7A2481F4D801}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1BB57753-B726-43F2-A3AF-96F5B95DA82D}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22147.303.1400.1220_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A63E41D0-56AD-4B78-A592-F6098A080512}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{632C1B36-103B-4835-912D-41B4FD50BFBF}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22133.500.1346.3200_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

01-06-2022 10:53:22 Scheduled Checkpoint
09-06-2022 21:57:18 Scheduled Checkpoint
19-06-2022 16:14:55 Windows Modules Installer

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (06/24/2022 12:20:07 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at _HPCommRecovery.HPAHLogger.CheckSession()
   at _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).

Error: (06/24/2022 12:20:01 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at _HPCommRecovery.HPAHLogger.CheckSession()
   at _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).

Error: (06/24/2022 10:12:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15625

Error: (06/24/2022 10:12:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15625

Error: (06/24/2022 10:12:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/24/2022 08:18:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program GameBar.exe version 5.722.5052.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 30e0

Start Time: 01d887dd8e134da9

Termination Time: 4294967295

Application Path: C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe\GameBar.exe

Report Id: 22e2ab92-38a1-4ea8-b0f1-4ace01a869c5

Faulting package full name: Microsoft.XboxGamingOverlay_5.722.5052.0_x64__8wekyb3d8bbwe

Faulting package-relative application ID: App

Hang type: Quiesce

Error: (06/24/2022 08:17:32 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at _HPCommRecovery.HPAHLogger.CheckSession()
   at _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).

Error: (06/24/2022 08:17:32 AM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at _HPCommRecovery.HPAHLogger.CheckSession()
   at _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).


System errors:
=============
Error: (06/24/2022 01:00:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TRAVIS)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/24/2022 01:00:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TRAVIS)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (06/24/2022 01:00:04 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-TRAVIS)
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.

Error: (06/24/2022 12:19:58 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E1F5879B-723A-4AEB-AC15-A3264A5D820F} because another computer on the network has the same name.  The server could not start.

Error: (06/24/2022 08:17:35 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E1F5879B-723A-4AEB-AC15-A3264A5D820F} because another computer on the network has the same name.  The server could not start.

Error: (06/23/2022 05:21:34 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{E1F5879B-723A-4AEB-AC15-A3264A5D820F} because another computer on the network has the same name.  The server could not start.

Error: (06/20/2022 07:39:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The XTU3SERVICE service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (06/20/2022 07:39:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (45000 milliseconds) while waiting for the XTU3SERVICE service to connect.


Windows Defender:
================
Date: 2022-02-11 18:21:56
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

CodeIntegrity:
===============
Date: 2022-06-24 12:20:34
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.01 08/10/2017
Motherboard: HP 841B
Processor: Intel® Core™ i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 64%
Total physical RAM: 8078.22 MB
Available physical RAM: 2864.68 MB
Total Virtual: 13198.22 MB
Available Virtual: 6996.39 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:916.79 GB) (Free:842.8 GB) (Model: ST1000LM035-1RK172) NTFS
Drive d: (RECOVERY) (Fixed) (Total:13.49 GB) (Free:1.63 GB) (Model: ST1000LM035-1RK172) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{c330ec84-e98a-4554-ad22-b976eea7ee24}\ () (Fixed) (Total:0.96 GB) (Free:0.35 GB) NTFS
\\?\Volume{06d48b26-b3c6-4ec8-86a4-31f688dea7a2}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: D3A88384)

Partition: GPT.

==================== End of Addition.txt =======================


  • 0

Advertisements

#2
RKinner
Posted 25 June 2022 - 07:47 AM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

You are getting a lot of:

 

Error: (06/24/2022 12:20:07 PM) (Source: HP Comm Recovery) (EventID: 0) (User: )
Description: Failed in handling the PowerEvent. The error that occurred was: System.NullReferenceException: Object reference not set to an instance of an object.
   at _HPCommRecovery.HPAHLogger.CheckSession()
   at _HPCommRecovery.HPCommRecovery.OnPowerEvent(PowerBroadcastStatus powerStatus)
   at System.ServiceProcess.ServiceBase.DeferredPowerEvent(Int32 eventType, IntPtr eventData).


 

 

errors.  I think this is part of HP Sure Connect.  You can live without it so I would search for

control panel 

then hit Enter.

View by: Large Icons

Programs and Features

 

Find and select HP Sure Connect and Uninstall.

 

Also uninstall Bonjour which is also throwing errors.  This is supposed to search your local network for Apple products to talk to.  You get a new one if you install or update iTunes.

 

Close the control panel then search for

services.msc

hit Enter.

 

Scroll down the list of services and see if 

GameDVR and Broadcast User Service is running.  Normally it should be set to Manual and not running.  If running or not manual then right click and select Properties then change the Startup Type: to Manual  OK.

 

 

At the bottom of the Services there should be 4 entries which start with Xbox.  

None of these should be running and all should be set to Manual or Manual (Triggered).  If any or running or not set to Manual or Manual Triggered then repeat the above.

 

Reboot.

 

If it is still slow then:

 

Multiple replies are OK.  Best to post a log as you get it.
 
Get Process Explorer
 
 
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
View and check Show Processes From All Users 
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 
TASKLIST /SVC  > \junk.txt
notepad \junk.txt
 
Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 
 
Get the free version of Speccy:
 
 
(Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
 
Latency Monitor:
 
Go to
 
 
Scroll down to
 
System Monitoring Tools
 
and then find
 
LatencyMon 7.0 (or it may be a higher number if they update)
 
Click on Download free home edition
 
Save it then right click and Run As Admin.  It will install and then start the program.  
It will tell you to click on the Start button but there isn't one.  
Instead click on the green arrowhead (looks like a Play button).   Let it run for at least 20 seconds.  Then hit the red box to stop it. 
 
Edit, Copy Report text to Clipboard then move to a REPLY and Ctrl + v to paste the text into a reply.  
 
 
Click on the Drivers Tab.  Click on the column header for "Total execution (ms)" once or twice until the biggest numbers are at the top of the column then take a screen shot (save as type jpg) and attach it.  
Click on the Processes tab then click on the  "Hard Pagefaults" column header once or twice until the big numbers are at the top of the column.  Take a screen shot (save as type jpg) and attach it. 

  • 0

#3
ttbcs
Posted 25 June 2022 - 01:43 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

I have uninstalled HP Sure Connect and Bonjour and verified the services were set to manual. The computer is better but still seems to be hitting 100% on startup but then starts to lower. I am going to go through the rest of the steps. Here is the information from Process Explorer

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
AggregatorHost.exe        1,092 K    5,408 K    5488            (Verified) Microsoft Windows
ApplicationFrameHost.exe        11,176 K    36,472 K    16064    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows
armsvc.exe        1,820 K    6,344 K    4460    Adobe Acrobat Update Service    Adobe Inc.    (Verified) Adobe Inc.
audiodg.exe        8,968 K    16,316 K    15896    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
backgroundTaskHost.exe    Suspended    4,188 K    20,336 K    10252    Background Task Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,348 K    9,036 K    4452    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe    < 0.01    5,348 K    9,480 K    7384    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
conhost.exe        5,416 K    10,436 K    10288    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
CoolSense.exe        3,980 K    7,068 K    13652    HP CoolSense    HP Development Company, L.P.    (Verified) HP Inc.
Cortana.exe    Suspended    30,900 K    75,508 K    12156    Cortana    Microsoft Corporation    (No signature was present in the subject) Microsoft Corporation
ctfmon.exe    < 0.01    3,600 K    16,092 K    8992    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        1,140 K    5,028 K    2468    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        6,620 K    18,348 K    2388    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        7,088 K    15,224 K    2124    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        4,164 K    12,104 K    6416    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
esif_uf.exe        1,836 K    6,692 K    4004    Intel® Dynamic Platform and Thermal Framework    Intel Corporation    (Verified) Intel Corporation
EvtEng.exe        5,336 K    15,724 K    3972    Intel® PROSet/Wireless Event Log Service    Intel® Corporation    (Verified) Intel® Wireless Connectivity Solutions
fontdrvhost.exe        1,508 K    3,728 K    1072    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
fontdrvhost.exe        3,312 K    7,700 K    13640    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
GoogleCrashHandler.exe        1,856 K    644 K    4396    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleCrashHandler64.exe        1,780 K    412 K    9244    Google Crash Handler    Google LLC    (Verified) Google LLC
GoogleUpdate.exe        2,568 K    940 K    7052    Google Installer    Google LLC    (Verified) Google LLC
HPAudioSwitch.exe        38,916 K    51,312 K    11960    HPAudioSwitch    HP Inc.    (Verified) HP Inc.
HPJumpStartBridge.exe        21,332 K    30,352 K    11580    HP JumpStart Bridge    HP Inc.    (Verified) HP Inc.
HPJumpStartLaunch.exe        3,680 K    2,896 K    11352            (Verified) HP Inc.
HPPrintScanDoctorService.exe        1,872 K    7,912 K    4068        HP Inc.    (Verified) HP Inc.
hpqwmiex.exe        2,488 K    12,220 K    12948    HP CASL Framework Service    HP    (Verified) HP Inc.
hpservice.exe        1,128 K    5,148 K    3204    HP Service    HP    (Verified) HP Inc.
HPWMISVC.exe        1,472 K    6,440 K    4476    HP WMI Service    HP Inc.    (Verified) HP Inc.
IAStorDataMgrSvc.exe    < 0.01    35,108 K    51,936 K    13424    IAStorDataSvc    Intel Corporation    (Verified) Intel® Rapid Storage Technology
ibtsiva.exe        1,188 K    5,260 K    3996    Intel® Wireless Bluetooth® iBtSiva Service    Intel Corporation    (Verified) Intel® Wireless Connectivity Solutions
igfxCUIService.exe        2,240 K    9,524 K    2900    igfxCUIService Module    Intel Corporation    (Verified) Intel® pGFX
igfxEM.exe        4,028 K    15,432 K    11440    igfxEM Module    Intel Corporation    (Verified) Intel® pGFX
IntelCpHDCPSvc.exe        1,616 K    7,708 K    3980    Intel HD Graphics Drivers for Windows®    Intel Corporation    (Verified) Intel® pGFX
IntelCpHeciSvc.exe        1,572 K    7,424 K    4516    IntelCpHeciSvc Executable    Intel Corporation    (Verified) Intel® pGFX
jhi_service.exe        1,352 K    6,408 K    5280    Intel® Dynamic Application Loader Host Interface    Intel Corporation    (Verified) Intel® Embedded Subsystems and IP Blocks Group
LMS.exe        3,116 K    9,060 K    4468    Intel® Local Management Service    Intel Corporation    (Verified) Intel Corporation
lsass.exe    < 0.01    9,240 K    24,752 K    1020    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
McCSPServiceHost.exe        7,616 K    11,380 K    4700    McAfee CSP Service Host    McAfee, LLC    (Verified) McAfee, LLC
mcshield.exe        40,700 K    25,048 K    9052    McAfee Scanner service    McAfee LLC.    (Verified) McAfee, Inc.
McUICnt.exe        11,856 K    35,512 K    4508    McAfee    McAfee, LLC    (Verified) McAfee, LLC
mfemms.exe    < 0.01    7,140 K    15,708 K    3760    McAfee Management Service    McAfee, LLC    (Verified) McAfee, Inc.
mfevtps.exe        6,432 K    12,904 K    4580    McAfee Process Validation Service    McAfee, LLC    (Verified) McAfee, Inc.
MicrosoftEdgeUpdate.exe        2,224 K    868 K    1136    Microsoft Edge Update    Microsoft Corporation    (Verified) Microsoft Corporation
MMSSHOST.exe    < 0.01    33,420 K    47,504 K    5084    McAfee Management Service Host    McAfee, LLC    (Verified) McAfee, LLC
ModuleCoreService.exe        12,960 K    36,912 K    8292    McAfee Module Core Service    McAfee, LLC    (Verified) McAfee, LLC
ModuleCoreService.exe        7,736 K    11,496 K    4100    McAfee Module Core Service    McAfee, LLC    (Verified) McAfee, LLC
OneDrive.exe        21,104 K    80,820 K    3316    Microsoft OneDrive    Microsoft Corporation    (Verified) Microsoft Corporation
PEFService.exe        17,812 K    6,580 K    4164    McAfee PEF Service    McAfee, LLC    (Verified) McAfee, LLC
PresentationFontCache.exe        24,816 K    20,236 K    2024    PresentationFontCache.exe    Microsoft Corporation    (Verified) Microsoft Corporation
procexp.exe        5,304 K    12,104 K    15876    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
ProtectedModuleHost.exe        5,448 K    18,568 K    8484    McAfee Protected Module Host    McAfee, LLC    (Verified) McAfee, LLC
Registry        11,528 K    76,452 K    160            
RegSrvc.exe        2,288 K    10,816 K    4176    Intel® PROSet/Wireless Registry Service    Intel® Corporation    (Verified) Intel® Wireless Connectivity Solutions
RtkNGUI64.exe        5,032 K    8,620 K    15016    Realtek HD Audio Manager    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp.
RuntimeBroker.exe        6,220 K    27,840 K    9708    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        7,820 K    32,928 K    10996    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        1,808 K    8,492 K    10584    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        2,704 K    12,204 K    14976    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        4,456 K    23,340 K    12280    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        3,092 K    19,772 K    12300    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
SearchHost.exe    Suspended    93,212 K    171,892 K    15800        Microsoft Corporation    (Verified) Microsoft Windows
SearchIndexer.exe        26,896 K    34,516 K    9144    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SearchProtocolHost.exe        1,964 K    8,692 K    15864    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
SearchProtocolHost.exe        4,116 K    18,648 K    9448    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
SecurityHealthService.exe        6,896 K    17,772 K    11692    Windows Security Health Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SecurityHealthSystray.exe        1,756 K    10,372 K    16036    Windows Security notification icon    Microsoft Corporation    (Verified) Microsoft Windows
SgrmBroker.exe        5,384 K    8,728 K    13572    System Guard Runtime Monitor Broker Service    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sihost.exe        7,624 K    38,356 K    14644    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
smartscreen.exe        8,960 K    26,908 K    12216    Windows Defender SmartScreen    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        1,128 K    1,284 K    568    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
spoolsv.exe        12,644 K    29,856 K    3648    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
StartMenuExperienceHost.exe        36,568 K    95,980 K    6700            (Verified) Microsoft Windows
svchost.exe        2,648 K    12,200 K    8252    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,840 K    8,116 K    3200    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,828 K    7,828 K    4796    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,404 K    6,120 K    1788    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,552 K    8,716 K    8664    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,468 K    9,824 K    16188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,632 K    7,812 K    13052    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,696 K    12,964 K    11672    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,096 K    13,252 K    5156    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,056 K    13,544 K    12516    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,072 K    12,576 K    13692    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,916 K    6,684 K    9508    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,452 K    9,304 K    9196    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        23,308 K    24,272 K    12696    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        15,120 K    31,028 K    11864    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,120 K    14,908 K    15088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,944 K    8,644 K    2032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,544 K    5,848 K    1900    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,760 K    12,712 K    1576    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,528 K    10,896 K    1736    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,040 K    12,000 K    1568    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,200 K    9,328 K    1552    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,828 K    9,224 K    1864    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,464 K    6,984 K    2836    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,860 K    7,676 K    2984    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,200 K    9,208 K    2824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,116 K    8,372 K    2340    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,100 K    8,224 K    2624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,064 K    8,724 K    2976    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,644 K    15,472 K    3180    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,312 K    10,488 K    3272    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,504 K    12,992 K    1840    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        8,316 K    34,776 K    9544    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,312 K    5,652 K    4212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,780 K    7,040 K    4188    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,000 K    8,116 K    3888    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,828 K    8,352 K    3988    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,696 K    11,080 K    1744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,736 K    22,152 K    4252    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,996 K    10,888 K    4060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,628 K    14,984 K    11348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        13,916 K    25,736 K    4044    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,184 K    10,052 K    2724    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,108 K    7,004 K    3288    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,648 K    18,456 K    1724    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,100 K    18,596 K    13232    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,516 K    17,020 K    1952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,300 K    12,788 K    8688    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4,084 K    23,084 K    696    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,892 K    13,768 K    5572    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,668 K    6,408 K    1512    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,428 K    7,688 K    4604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,236 K    13,084 K    2432    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,348 K    5,936 K    2612    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,444 K    9,552 K    5548    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        20,000 K    23,652 K    2484    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    14,908 K    31,428 K    3964    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,524 K    13,756 K    12752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    16,812 K    39,232 K    1036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    4,516 K    14,640 K    832    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1,624 K    7,604 K    6620    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,044 K    9,412 K    1304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,112 K    9,288 K    6624    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        5,808 K    9,864 K    2072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,568 K    24,520 K    14960    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,912 K    8,192 K    3280    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,660 K    11,380 K    4036    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    2,620 K    8,060 K    3404    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3,588 K    8,940 K    2728    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,100 K    23,040 K    8372    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,300 K    10,660 K    6704    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2,496 K    8,380 K    6804    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,428 K    31,156 K    8020    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        6,580 K    18,536 K    8152    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    6,644 K    21,424 K    3568    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        11,408 K    20,572 K    3156    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7,128 K    23,588 K    7912    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        3,632 K    12,868 K    13992    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,640 K    23,304 K    4244    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SynTPEnhService.exe        2,424 K    9,692 K    4200    64-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPHelper.exe        1,112 K    5,504 K    3800    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
SystemSettings.exe    Suspended    39,872 K    63,636 K    6560    Settings    Microsoft Corporation    (Verified) Microsoft Windows
TabTip.exe    < 0.01    3,744 K    17,148 K    8128    Touch Keyboard and Handwriting Panel    Microsoft Corporation    (Verified) Microsoft Windows
uihost.exe    < 0.01    7,464 K    18,340 K    10500    McAfee WebAdvisor(user level process)    McAfee, LLC    (Verified) McAfee, LLC
unsecapp.exe        3,792 K    12,440 K    7156    Sink to receive asynchronous callbacks for WMI client application    Microsoft Corporation    (Verified) Microsoft Windows
UserOOBEBroker.exe        2,044 K    10,276 K    8932    User OOBE Broker    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        1,788 K    7,652 K    940    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
winlogon.exe        2,568 K    10,620 K    4344    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wlanext.exe        5,080 K    17,900 K    3808    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        4,364 K    15,164 K    7520    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WUDFHost.exe        4,312 K    13,888 K    1048    Windows Driver Foundation - User-mode Driver Framework Host Process    Microsoft Corporation    (Verified) Microsoft Windows
XtuService.exe        112,652 K    55,720 K    4300    XtuService    Intel® Corporation    (Verified) Intel Corporation
YourPhone.exe    Suspended    28,204 K    54,684 K    12600         Microsoft Corporation    (Verified) Microsoft Corporation
ZeroConfigService.exe        5,600 K    19,932 K    4308    Intel® PROSet/Wireless Zero Configure Service    Intel® Corporation    (Verified) Intel® Wireless Connectivity Solutions
Memory Compression    < 0.01    188 K    18,408 K    2744            
svchost.exe        3,176 K    14,748 K    3592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        10,392 K    22,092 K    11400    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SynTPEnh.exe    < 0.01    6,168 K    22,012 K    9540    Synaptics TouchPad 64-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
servicehost.exe    < 0.01    18,748 K    27,312 K    7432    McAfee WebAdvisor(service)    McAfee, LLC    (Verified) McAfee, LLC
HPSupportSolutionsFrameworkService.exe    < 0.01    48,912 K    51,452 K    13328    HP Support Solutions Framework Service    HP Inc.    (Verified) HP Inc.
TextInputHost.exe    < 0.01    15,416 K    62,944 K    13492        Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    < 0.01    2,476 K    6,928 K    856    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12,404 K    22,096 K    3708    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
OfficeClickToRun.exe    < 0.01    37,712 K    56,068 K    4028    Microsoft Office Click-to-Run (SxS)    Microsoft Corporation    (Verified) Microsoft Corporation
services.exe    < 0.01    6,768 K    11,380 K    1012    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
mcapexe.exe    < 0.01    3,624 K    2,916 K    9220    McAfee Access Protection    McAfee, LLC    (Verified) McAfee, LLC
dptf_helper.exe    < 0.01    1,316 K    4,892 K    9356    Intel® Dynamic Platform and Thermal Framework Utility Application    Intel Corporation    (Verified) Intel Corporation
svchost.exe    < 0.01    7,088 K    17,032 K    2208    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe        6,412 K    16,224 K    2832    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
ModuleCoreService.exe    < 0.01    38,940 K    44,828 K    7376    McAfee Module Core Service    McAfee, LLC    (Verified) McAfee, LLC
FileCoAuth.exe    < 0.01    5,512 K    28,176 K    15168    Microsoft OneDriveFile Co-Authoring Executable    Microsoft Corporation    (Verified) Microsoft Corporation
MfeAVSvc.exe    < 0.01    25,820 K    28,264 K    10440    McAfee Cloud AV    McAfee, LLC    (Verified) McAfee, LLC
taskhostw.exe    < 0.01    5,280 K    15,628 K    5580    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    8,268 K    16,168 K    1252    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
csrss.exe    < 0.01    2,688 K    7,116 K    16112    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    7.58    87,472 K    98,156 K    2604    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    < 0.01    72,916 K    172,812 K    13372    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
WildTangentHelperService.exe    < 0.01    5,792 K    20,348 K    4484            (Verified) WildTangent, Inc.
System    < 0.01    60 K    2,692 K    4            
dwm.exe    < 0.01    58,164 K    85,208 K    14936    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    < 0.01    0 K    0 K    n/a    Hardware Interrupts and DPCs        
procexp64.exe    0.57    47,272 K    88,736 K    11664    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
System Idle Process    91.89    60 K    8 K    0            


 


  • 0

#4
ttbcs
Posted 25 June 2022 - 01:49 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                       160 N/A                                         
smss.exe                       568 N/A                                         
csrss.exe                      856 N/A                                         
wininit.exe                    940 N/A                                         
services.exe                  1012 N/A                                         
lsass.exe                     1020 KeyIso, SamSs, VaultSvc                     
svchost.exe                   1036 BrokerInfrastructure, DcomLaunch, PlugPlay,
                                   Power, SystemEventsBroker                   
WUDFHost.exe                  1048 N/A                                         
fontdrvhost.exe               1072 N/A                                         
svchost.exe                   1252 RpcEptMapper, RpcSs                         
svchost.exe                   1304 LSM                                         
svchost.exe                   1512 CoreMessagingRegistrar                      
svchost.exe                   1552 BTAGService                                 
svchost.exe                   1568 BthAvctpSvc                                 
svchost.exe                   1576 bthserv                                     
svchost.exe                   1724 Schedule                                    
svchost.exe                   1736 ProfSvc                                     
svchost.exe                   1744 NcbService                                  
svchost.exe                   1840 TimeBrokerSvc                               
svchost.exe                   1864 DisplayEnhancementService                   
svchost.exe                   1900 hidserv                                     
svchost.exe                   1952 UserManager                                 
svchost.exe                   2032 TabletInputService                          
svchost.exe                   2072 nsi                                         
svchost.exe                   2208 netprofm                                    
svchost.exe                   2340 DeviceAssociationService                    
dasHost.exe                   2388 N/A                                         
svchost.exe                   2432 camsvc                                      
svchost.exe                   2484 EventLog                                    
svchost.exe                   2604 SysMain                                     
svchost.exe                   2612 Themes                                      
svchost.exe                   2624 EventSystem                                 
svchost.exe                   2724 PhoneSvc                                    
svchost.exe                   2728 Dnscache                                    
Memory Compression            2744 N/A                                         
svchost.exe                   2824 SENS                                        
igfxCUIService.exe            2900 igfxCUIService2.0.0.0                       
svchost.exe                   2976 AudioEndpointBuilder                        
svchost.exe                   2984 FontCache                                   
dasHost.exe                   2468 N/A                                         
svchost.exe                   2836 DispBrokerDesktopSvc                        
svchost.exe                    832 StiSvc                                      
svchost.exe                   3156 StateRepository                             
svchost.exe                   3180 Audiosrv                                    
hpservice.exe                 3204 hpsrv                                       
svchost.exe                   3272 Wcmsvc                                      
svchost.exe                   3280 Dhcp                                        
svchost.exe                   3288 DusmSvc                                     
svchost.exe                   3404 WinHttpAutoProxySvc                         
svchost.exe                   3568 WlanSvc                                     
svchost.exe                   3592 ShellHWDetection                            
spoolsv.exe                   3648 Spooler                                     
svchost.exe                   3708 BFE, mpssvc                                 
wlanext.exe                   3808 N/A                                         
svchost.exe                   3888 LanmanWorkstation                           
svchost.exe                   3964 DiagTrack                                   
EvtEng.exe                    3972 EvtEng                                      
IntelCpHDCPSvc.exe            3980 cplspcon                                    
svchost.exe                   3988 IKEEXT                                      
ibtsiva.exe                   3996 ibtsiva                                     
esif_uf.exe                   4004 esifsvc                                     
OfficeClickToRun.exe          4028 ClickToRunSvc                               
svchost.exe                   4036 CryptSvc                                    
svchost.exe                   4044 DPS                                         
svchost.exe                   4060 iphlpsvc                                    
HPPrintScanDoctorService.     4068 HPPrintScanDoctorService                    
mfemms.exe                    3760 mfemms, mfevtp                              
ModuleCoreService.exe         4100 ModuleCoreService                           
PEFService.exe                4164 PEFService                                  
RegSrvc.exe                   4176 RegSrvc                                     
svchost.exe                   4188 SstpSvc                                     
SynTPEnhService.exe           4200 SynTPEnhService                             
svchost.exe                   4212 TrkWks                                      
svchost.exe                   4244 Winmgmt                                     
svchost.exe                   4252 WpnService                                  
XtuService.exe                4300 XTU3SERVICE                                 
ZeroConfigService.exe         4308 ZeroConfigService                           
conhost.exe                   4452 N/A                                         
armsvc.exe                    4460 AdobeARMservice                             
LMS.exe                       4468 LMS                                         
HPWMISVC.exe                  4476 HPWMISVC                                    
WildTangentHelperService.     4484 WildTangentHelper                           
IntelCpHeciSvc.exe            4516 cphs                                        
svchost.exe                   4604 TapiSrv                                     
MMSSHOST.exe                  5084 N/A                                         
mfevtps.exe                   4580 N/A                                         
jhi_service.exe               5280 jhi_service                                 
AggregatorHost.exe            5488 N/A                                         
svchost.exe                   5548 LanmanServer                                
svchost.exe                   5572 RasMan                                      
svchost.exe                   6624 NcdAutoSetup                                
svchost.exe                   6620 fdPHost                                     
svchost.exe                   6704 FDResPub                                    
svchost.exe                   6804 SSDPSRV                                     
unsecapp.exe                  7156 N/A                                         
dllhost.exe                   6416 N/A                                         
WmiPrvSE.exe                  2832 N/A                                         
ModuleCoreService.exe         7376 N/A                                         
conhost.exe                   7384 N/A                                         
WmiPrvSE.exe                  7520 N/A                                         
MicrosoftEdgeUpdate.exe       1136 N/A                                         
GoogleUpdate.exe              7052 N/A                                         
svchost.exe                    696 TokenBroker                                 
PresentationFontCache.exe     2024 FontCache3.0.0.0                            
McCSPServiceHost.exe          4700 mccspsvc                                    
svchost.exe                   8372 CDPSvc                                      
ProtectedModuleHost.exe       8484 N/A                                         
svchost.exe                   8688 Appinfo                                     
svchost.exe                   9196 RmSvc                                       
svchost.exe                   8252 NgcCtnrSvc                                  
SearchIndexer.exe             9144 WSearch                                     
servicehost.exe               7432 McAfee WebAdvisor                           
mcapexe.exe                   9220 McAPExe                                     
MfeAVSvc.exe                 10440 N/A                                         
mcshield.exe                  9052 N/A                                         
svchost.exe                   3200 PolicyAgent                                 
SecurityHealthService.exe    11692 SecurityHealthService                       
svchost.exe                  11348 LicenseManager                              
svchost.exe                  12752 PcaSvc                                      
svchost.exe                  11400 BITS                                        
svchost.exe                   9508 WdiSystemHost                               
svchost.exe                  11672 Netman                                      
GoogleCrashHandler.exe        4396 N/A                                         
GoogleCrashHandler64.exe      9244 N/A                                         
hpqwmiex.exe                 12948 hpqcaslwmiex                                
svchost.exe                   8152 DoSvc                                       
svchost.exe                   5156 StorSvc                                     
HPJumpStartBridge.exe        11580 HPJumpStartBridge                           
HPSupportSolutionsFramewo    13328 HPSupportSolutionsFrameworkService          
IAStorDataMgrSvc.exe         13424 IAStorDataMgrSvc                            
SgrmBroker.exe               13572 SgrmBroker                                  
svchost.exe                  13692 UsoSvc                                      
svchost.exe                  13992 wscsvc                                      
csrss.exe                    16112 N/A                                         
winlogon.exe                  4344 N/A                                         
fontdrvhost.exe              13640 N/A                                         
dwm.exe                      14936 N/A                                         
svchost.exe                  15088 lfsvc                                       
svchost.exe                   1788 lmhosts                                     
dptf_helper.exe               9356 N/A                                         
uihost.exe                   10500 N/A                                         
SynTPEnh.exe                  9540 N/A                                         
sihost.exe                   14644 N/A                                         
svchost.exe                   8020 CDPUserSvc_3676b0                           
svchost.exe                   9544 WpnUserService_3676b0                       
taskhostw.exe                 5580 N/A                                         
HPJumpStartLaunch.exe        11352 N/A                                         
McUICnt.exe                   4508 N/A                                         
igfxEM.exe                   11440 N/A                                         
SynTPHelper.exe               3800 N/A                                         
explorer.exe                 13372 N/A                                         
svchost.exe                  13052 NgcSvc                                      
svchost.exe                  13232 cbdhsvc_3676b0                              
SearchHost.exe               15800 N/A                                         
StartMenuExperienceHost.e     6700 N/A                                         
RuntimeBroker.exe             9708 N/A                                         
svchost.exe                   8664 UdkUserSvc_3676b0                           
RuntimeBroker.exe            10996 N/A                                         
dllhost.exe                   2124 N/A                                         
YourPhone.exe                12600 N/A                                         
ctfmon.exe                    8992 N/A                                         
TabTip.exe                    8128 N/A                                         
TextInputHost.exe            13492 N/A                                         
smartscreen.exe              12216 N/A                                         
SecurityHealthSystray.exe    16036 N/A                                         
OneDrive.exe                  3316 N/A                                         
Cortana.exe                  12156 N/A                                         
CoolSense.exe                13652 N/A                                         
RuntimeBroker.exe            12280 N/A                                         
svchost.exe                   7912 AarSvc_3676b0                               
svchost.exe                  12516 NPSMSvc_3676b0                              
ModuleCoreService.exe         8292 N/A                                         
conhost.exe                  10288 N/A                                         
HPAudioSwitch.exe            11960 N/A                                         
RuntimeBroker.exe            12300 N/A                                         
svchost.exe                  14960 OneSyncSvc_3676b0,                          
                                   PimIndexMaintenanceSvc_3676b0,              
                                   UnistoreSvc_3676b0, UserDataSvc_3676b0      
RtkNGUI64.exe                15016 N/A                                         
SystemSettings.exe            6560 N/A                                         
ApplicationFrameHost.exe     16064 N/A                                         
UserOOBEBroker.exe            8932 N/A                                         
taskhostw.exe                 4796 N/A                                         
svchost.exe                  12428 gpsvc                                       
svchost.exe                   5964 AppXSvc                                     
svchost.exe                  12376 ClipSVC                                     
Widgets.exe                   2880 N/A                                         
msedgewebview2.exe             440 N/A                                         
msedgewebview2.exe            3540 N/A                                         
msedgewebview2.exe           11512 N/A                                         
msedgewebview2.exe            3388 N/A                                         
msedgewebview2.exe            9716 N/A                                         
MiniSearchHost.exe            5564 N/A                                         
msedgewebview2.exe            6428 N/A                                         
audiodg.exe                   5996 N/A                                         
cmd.exe                      13760 N/A                                         
conhost.exe                   7388 N/A                                         
firefox.exe                  13844 N/A                                         
firefox.exe                  14380 N/A                                         
firefox.exe                   2960 N/A                                         
firefox.exe                  14092 N/A                                         
firefox.exe                  12664 N/A                                         
firefox.exe                  15312 N/A                                         
browserhost.exe               4704 N/A                                         
MfeBrowserHost.exe           12708 N/A                                         
conhost.exe                   4080 N/A                                         
conhost.exe                   6564 N/A                                         
firefox.exe                  14724 N/A                                         
firefox.exe                   7300 N/A                                         
firefox.exe                   5092 N/A                                         
firefox.exe                  15456 N/A                                         
firefox.exe                  15168 N/A                                         
tasklist.exe                 16380 N/A                                         

 


  • 0

#5
ttbcs
Posted 25 June 2022 - 01:57 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Speccy file attached

Attached Files


  • 0

#6
ttbcs
Posted 25 June 2022 - 02:00 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system appears to be having trouble handling real-time audio and other tasks. You are likely to experience buffer underruns appearing as drop outs, clicks or pops. One or more DPC routines that belong to a driver running in your system appear to be executing for too long. At least one detected problem appears to be network related. In case you are using a WLAN adapter, try disabling it to get better results. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:00:55  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LAPTOP-TRAVIS
OS version:                                           Windows 11, 10.0, version 2009, build: 22000 (x64)
Hardware:                                             HP Pavilion Laptop 15-ck0xx, HP
BIOS:                                                 F.01
CPU:                                                  GenuineIntel Intel® Core™ i5-8250U CPU @ 1.60GHz
Logical processors:                                   8
Processor groups:                                     1
Processor group size:                                 8
RAM:                                                  8078 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed (registry):                        180 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   1366.20
Average measured interrupt to process latency (µs):   13.137952

Highest measured interrupt to DPC latency (µs):       1362.80
Average measured interrupt to DPC latency (µs):       5.391146


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              156.7950
Driver with highest ISR routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Highest reported total ISR routine time (%):          0.012780
Driver with highest ISR total time:                   ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Total time spent in ISRs (%)                          0.012943

ISR count (execution time <250 µs):                   1187
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              2515.080
Driver with highest DPC routine execution time:       ndis.sys - Network Driver Interface Specification (NDIS), Microsoft Corporation

Highest reported total DPC routine time (%):          0.050712
Driver with highest DPC total execution time:         ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Total time spent in DPCs (%)                          0.116767

DPC count (execution time <250 µs):                   30995
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              369
DPC count (execution time 1000-2000 µs):              1
DPC count (execution time 2000-4000 µs):              3
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 msedgewebview2.exe

Total number of hard pagefaults                       464
Hard pagefault count of hardest hit process:          248
Number of processes hit:                              22


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       2.152848
CPU 0 ISR highest execution time (µs):                156.7950
CPU 0 ISR total execution time (s):                   0.057324
CPU 0 ISR count:                                      1175
CPU 0 DPC highest execution time (µs):                2515.080
CPU 0 DPC total execution time (s):                   0.469943
CPU 0 DPC count:                                      27163
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.943526
CPU 1 ISR highest execution time (µs):                0.0
CPU 1 ISR total execution time (s):                   0.0
CPU 1 ISR count:                                      0
CPU 1 DPC highest execution time (µs):                224.6150
CPU 1 DPC total execution time (s):                   0.023526
CPU 1 DPC count:                                      1624
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.537878
CPU 2 ISR highest execution time (µs):                1.368333
CPU 2 ISR total execution time (s):                   0.000009
CPU 2 ISR count:                                      11
CPU 2 DPC highest execution time (µs):                537.280556
CPU 2 DPC total execution time (s):                   0.006892
CPU 2 DPC count:                                      702
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.529371
CPU 3 ISR highest execution time (µs):                4.243333
CPU 3 ISR total execution time (s):                   0.000004
CPU 3 ISR count:                                      1
CPU 3 DPC highest execution time (µs):                411.912222
CPU 3 DPC total execution time (s):                   0.006189
CPU 3 DPC count:                                      478
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       0.460283
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                173.133889
CPU 4 DPC total execution time (s):                   0.004689
CPU 4 DPC count:                                      606
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       0.424102
CPU 5 ISR highest execution time (µs):                0.0
CPU 5 ISR total execution time (s):                   0.0
CPU 5 ISR count:                                      0
CPU 5 DPC highest execution time (µs):                102.292222
CPU 5 DPC total execution time (s):                   0.000709
CPU 5 DPC count:                                      131
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       0.417812
CPU 6 ISR highest execution time (µs):                0.0
CPU 6 ISR total execution time (s):                   0.0
CPU 6 ISR count:                                      0
CPU 6 DPC highest execution time (µs):                135.336667
CPU 6 DPC total execution time (s):                   0.004314
CPU 6 DPC count:                                      508
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       0.402421
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                53.036111
CPU 7 DPC total execution time (s):                   0.001015
CPU 7 DPC count:                                      156
_________________________________________________________________________________________________________

 


  • 0

#7
ttbcs
Posted 25 June 2022 - 02:04 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Total execution screenshot attached

Attached Thumbnails

  • Total execution Screenshot 2022-06-25 130216.jpg

  • 0

#8
ttbcs
Posted 25 June 2022 - 02:06 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Hard Pagefaults attached

Attached Thumbnails

  • Hard Pagefaults Screenshot 2022-06-25 130529.jpg

  • 0

#9
RKinner
Posted 25 June 2022 - 03:19 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

Latency Monitor is complaining about your network connection.  This probably means you need a newer version of

Intel® PROSet/Wireless WiFi Software  (Version: 19.71-)

I'd go straight to intel since HP is not that good about updating their drivers

 

https://www.intel.co...8/wireless.html

 

22.1.40

 

Latency Monitor is also showing a problem with msedgewebview2.  See if the following helps.  (Since you have Microsoft 365 which I assume is their new name for Office you probably can't live without it but perhaps updating 365 will help.)

 

https://www.thewindo...nd-memory-usage

 

(Rerun Latency Monitor as before)


  • 0

#10
ttbcs
Posted 26 June 2022 - 05:09 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

I followed the second link you provided but didn't pay enough attention to your instructions. I saw a link to download a program and installed it. It was called restoro. After it ran a scan and offered a fix for a price I realized my mistake. I shut it down and uninstalled the program. I hope this doesn't set us back. I will rerun Latency Monitor as before.


  • 0

Advertisements

#11
ttbcs
Posted 26 June 2022 - 05:11 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

_________________________________________________________________________________________________________
CONCLUSION
_________________________________________________________________________________________________________
Your system seems to be having difficulty handling real-time audio and other tasks. You may experience drop outs, clicks or pops due to buffer underruns. One problem may be related to power management, disable CPU throttling settings in Control Panel and BIOS setup. Check for BIOS updates.
LatencyMon has been analyzing your system for  0:01:01  (h:mm:ss) on all processors.


_________________________________________________________________________________________________________
SYSTEM INFORMATION
_________________________________________________________________________________________________________
Computer name:                                        LAPTOP-TRAVIS
OS version:                                           Windows 11, 10.0, version 2009, build: 22000 (x64)
Hardware:                                             HP Pavilion Laptop 15-ck0xx, HP
BIOS:                                                 F.01
CPU:                                                  GenuineIntel Intel® Core™ i5-8250U CPU @ 1.60GHz
Logical processors:                                   8
Processor groups:                                     1
Processor group size:                                 8
RAM:                                                  8078 MB total


_________________________________________________________________________________________________________
CPU SPEED
_________________________________________________________________________________________________________
Reported CPU speed (WMI):                             160 MHz
Reported CPU speed (registry):                        180 MHz

Note: reported execution times may be calculated based on a fixed reported CPU speed. Disable variable speed settings like Intel Speed Step and AMD Cool N Quiet in the BIOS setup for more accurate results.


_________________________________________________________________________________________________________
MEASURED INTERRUPT TO USER PROCESS LATENCIES
_________________________________________________________________________________________________________
The interrupt to process latency reflects the measured interval that a usermode process needed to respond to a hardware request from the moment the interrupt service routine started execution. This includes the scheduling and execution of a DPC routine, the signaling of an event and the waking up of a usermode thread from an idle wait state in response to that event.

Highest measured interrupt to process latency (µs):   1115.10
Average measured interrupt to process latency (µs):   14.606993

Highest measured interrupt to DPC latency (µs):       1112.50
Average measured interrupt to DPC latency (µs):       4.442671


_________________________________________________________________________________________________________
 REPORTED ISRs
_________________________________________________________________________________________________________
Interrupt service routines are routines installed by the OS and device drivers that execute in response to a hardware interrupt signal.

Highest ISR routine execution time (µs):              132.669444
Driver with highest ISR routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Highest reported total ISR routine time (%):          0.002031
Driver with highest ISR total time:                   ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Total time spent in ISRs (%)                          0.002365

ISR count (execution time <250 µs):                   407
ISR count (execution time 250-500 µs):                0
ISR count (execution time 500-1000 µs):               0
ISR count (execution time 1000-2000 µs):              0
ISR count (execution time 2000-4000 µs):              0
ISR count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
REPORTED DPCs
_________________________________________________________________________________________________________
DPC routines are part of the interrupt servicing dispatch mechanism and disable the possibility for a process to utilize the CPU while it is interrupted until the DPC has finished execution.

Highest DPC routine execution time (µs):              902.264444
Driver with highest DPC routine execution time:       ACPI.sys - ACPI Driver for NT, Microsoft Corporation

Highest reported total DPC routine time (%):          0.031031
Driver with highest DPC total execution time:         storport.sys - Microsoft Storage Port Driver, Microsoft Corporation

Total time spent in DPCs (%)                          0.117130

DPC count (execution time <250 µs):                   41723
DPC count (execution time 250-500 µs):                0
DPC count (execution time 500-10000 µs):              49
DPC count (execution time 1000-2000 µs):              0
DPC count (execution time 2000-4000 µs):              0
DPC count (execution time >=4000 µs):                 0


_________________________________________________________________________________________________________
 REPORTED HARD PAGEFAULTS
_________________________________________________________________________________________________________
Hard pagefaults are events that get triggered by making use of virtual memory that is not resident in RAM but backed by a memory mapped file on disk. The process of resolving the hard pagefault requires reading in the memory from disk while the process is interrupted and blocked from execution.

NOTE: some processes were hit by hard pagefaults. If these were programs producing audio, they are likely to interrupt the audio stream resulting in dropouts, clicks and pops. Check the Processes tab to see which programs were hit.

Process with highest pagefault count:                 svchost.exe

Total number of hard pagefaults                       989
Hard pagefault count of hardest hit process:          497
Number of processes hit:                              9


_________________________________________________________________________________________________________
 PER CPU DATA
_________________________________________________________________________________________________________
CPU 0 Interrupt cycle time (s):                       1.482635
CPU 0 ISR highest execution time (µs):                132.669444
CPU 0 ISR total execution time (s):                   0.011612
CPU 0 ISR count:                                      391
CPU 0 DPC highest execution time (µs):                902.264444
CPU 0 DPC total execution time (s):                   0.553347
CPU 0 DPC count:                                      40097
_________________________________________________________________________________________________________
CPU 1 Interrupt cycle time (s):                       0.409728
CPU 1 ISR highest execution time (µs):                0.908889
CPU 1 ISR total execution time (s):                   0.000001
CPU 1 ISR count:                                      1
CPU 1 DPC highest execution time (µs):                51.287222
CPU 1 DPC total execution time (s):                   0.000642
CPU 1 DPC count:                                      85
_________________________________________________________________________________________________________
CPU 2 Interrupt cycle time (s):                       0.618689
CPU 2 ISR highest execution time (µs):                3.278333
CPU 2 ISR total execution time (s):                   0.000013
CPU 2 ISR count:                                      10
CPU 2 DPC highest execution time (µs):                56.232222
CPU 2 DPC total execution time (s):                   0.001463
CPU 2 DPC count:                                      197
_________________________________________________________________________________________________________
CPU 3 Interrupt cycle time (s):                       0.561893
CPU 3 ISR highest execution time (µs):                3.371667
CPU 3 ISR total execution time (s):                   0.000006
CPU 3 ISR count:                                      4
CPU 3 DPC highest execution time (µs):                96.591111
CPU 3 DPC total execution time (s):                   0.001806
CPU 3 DPC count:                                      163
_________________________________________________________________________________________________________
CPU 4 Interrupt cycle time (s):                       1.353159
CPU 4 ISR highest execution time (µs):                0.0
CPU 4 ISR total execution time (s):                   0.0
CPU 4 ISR count:                                      0
CPU 4 DPC highest execution time (µs):                37.8850
CPU 4 DPC total execution time (s):                   0.001327
CPU 4 DPC count:                                      178
_________________________________________________________________________________________________________
CPU 5 Interrupt cycle time (s):                       1.564078
CPU 5 ISR highest execution time (µs):                1.146667
CPU 5 ISR total execution time (s):                   0.000001
CPU 5 ISR count:                                      1
CPU 5 DPC highest execution time (µs):                223.811667
CPU 5 DPC total execution time (s):                   0.014310
CPU 5 DPC count:                                      780
_________________________________________________________________________________________________________
CPU 6 Interrupt cycle time (s):                       0.419239
CPU 6 ISR highest execution time (µs):                0.0
CPU 6 ISR total execution time (s):                   0.0
CPU 6 ISR count:                                      0
CPU 6 DPC highest execution time (µs):                98.788333
CPU 6 DPC total execution time (s):                   0.001925
CPU 6 DPC count:                                      164
_________________________________________________________________________________________________________
CPU 7 Interrupt cycle time (s):                       0.451011
CPU 7 ISR highest execution time (µs):                0.0
CPU 7 ISR total execution time (s):                   0.0
CPU 7 ISR count:                                      0
CPU 7 DPC highest execution time (µs):                96.042778
CPU 7 DPC total execution time (s):                   0.001308
CPU 7 DPC count:                                      108
_________________________________________________________________________________________________________

 


  • 0

#12
ttbcs
Posted 26 June 2022 - 05:15 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Images attached

Attached Thumbnails

  • Total execution Screenshot 2022-06-26 161222.jpg
  • Hard Pagefaults Screenshot 2022-06-26 161430.jpg

  • 0

#13
RKinner
Posted 26 June 2022 - 09:12 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

SVCHOST.exe is now the big pagefault cause.  Let's see if DISM and/or SFC can help there.

 

 
Download the attached fixlist.txt to the same location as FRST  (Best to pause McAfee while downloading/Running the fix file)
 
 
 
Run FRST (right click and Run As Admin)  and press Fix (Will take about 25 minutes unless the PC is really slow.)
A fix log will be generated please post that 
 
Reboot if the fix doesn't reboot it for you
 
Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.
 
Also rerun Latency Monitor.
 
If svchost.exe is still the top PageFaultcause then also:
 
 
Copy the next 2 lines:
 
TASKLIST /SVC  > \junk.txt
notepad \junk.txt
 
Open an Elevated Command Prompt:
Win 7: Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 
 

 

Attached Files


  • 0

#14
ttbcs
Posted 27 June 2022 - 09:55 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Fixlog attached. Will continue tomorrow.


  • 0

#15
ttbcs
Posted 27 June 2022 - 09:59 PM

ttbcs

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 102 posts

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
Registry                       160 N/A                                         
smss.exe                       576 N/A                                         
csrss.exe                      848 N/A                                         
wininit.exe                    932 N/A                                         
csrss.exe                      940 N/A                                         
services.exe                  1004 N/A                                         
lsass.exe                      300 KeyIso, SamSs, VaultSvc                     
winlogon.exe                   712 N/A                                         
WUDFHost.exe                     8 N/A                                         
fontdrvhost.exe               1028 N/A                                         
fontdrvhost.exe               1032 N/A                                         
svchost.exe                   1100 BrokerInfrastructure, DcomLaunch, PlugPlay,
                                   Power, SystemEventsBroker                   
svchost.exe                   1228 RpcEptMapper, RpcSs                         
svchost.exe                   1280 LSM                                         
dwm.exe                       1344 N/A                                         
svchost.exe                   1476 NcbService                                  
svchost.exe                   1524 DisplayEnhancementService                   
svchost.exe                   1556 hidserv                                     
svchost.exe                   1616 TabletInputService                          
svchost.exe                   1644 TimeBrokerSvc                               
svchost.exe                   1684 nsi                                         
svchost.exe                   1788 netprofm                                    
svchost.exe                   1888 camsvc                                      
svchost.exe                   2004 CoreMessagingRegistrar                      
svchost.exe                   2044 EventLog                                    
svchost.exe                    768 ProfSvc                                     
svchost.exe                   1776 Themes                                      
svchost.exe                   1912 SysMain                                     
svchost.exe                   1952 EventSystem                                 
Memory Compression            2156 N/A                                         
svchost.exe                   2236 SENS                                        
svchost.exe                   2248 Dnscache                                    
svchost.exe                   2296 UserManager                                 
igfxCUIService.exe            2308 igfxCUIService2.0.0.0                       
svchost.exe                   2372 FontCache                                   
svchost.exe                   2380 AudioEndpointBuilder                        
svchost.exe                   2424 Schedule                                    
svchost.exe                   2680 DispBrokerDesktopSvc                        
svchost.exe                   2724 Audiosrv                                    
hpservice.exe                 2748 hpsrv                                       
svchost.exe                   2836 StateRepository                             
svchost.exe                   2860 Dhcp                                        
svchost.exe                   2868 DusmSvc                                     
svchost.exe                   2876 Wcmsvc                                      
svchost.exe                   2992 WinHttpAutoProxySvc                         
svchost.exe                   2476 WlanSvc                                     
svchost.exe                   2776 ShellHWDetection                            
spoolsv.exe                   3200 Spooler                                     
svchost.exe                   3236 BFE, mpssvc                                 
svchost.exe                   3392 AppXSvc                                     
svchost.exe                   3532 LanmanWorkstation                           
EvtEng.exe                    3584 EvtEng                                      
IntelCpHDCPSvc.exe            3592 cplspcon                                    
svchost.exe                   3600 DiagTrack                                   
HPPrintScanDoctorService.     3604 HPPrintScanDoctorService                    
svchost.exe                   3616 CryptSvc                                    
svchost.exe                   3624 DPS                                         
OfficeClickToRun.exe          3652 ClickToRunSvc                               
esif_uf.exe                   3660 esifsvc                                     
ibtsiva.exe                   3668 ibtsiva                                     
svchost.exe                   3676 IKEEXT                                      
svchost.exe                   3744 iphlpsvc                                    
armsvc.exe                    3828 AdobeARMservice                             
LMS.exe                       3840 LMS                                         
PEFService.exe                3868 PEFService                                  
mfemms.exe                    3876 mfemms, mfevtp                              
RegSrvc.exe                   3884 RegSrvc                                     
svchost.exe                   3892 SstpSvc                                     
HPWMISVC.exe                  3900 HPWMISVC                                    
ModuleCoreService.exe         3920 ModuleCoreService                           
WildTangentHelperService.     3948 WildTangentHelper                           
SynTPEnhService.exe           3956 SynTPEnhService                             
XtuService.exe                3988 XTU3SERVICE                                 
ZeroConfigService.exe         4000 ZeroConfigService                           
servicehost.exe               4024 McAfee WebAdvisor                           
svchost.exe                   3336 TrkWks                                      
svchost.exe                   4128 StiSvc                                      
svchost.exe                   4136 WpnService                                  
svchost.exe                   4144 Winmgmt                                     
IntelCpHeciSvc.exe            4208 cphs                                        
svchost.exe                   4232 TapiSrv                                     
jhi_service.exe               4540 jhi_service                                 
MMSSHOST.exe                  4688 N/A                                         
mfevtps.exe                   4708 N/A                                         
ProtectedModuleHost.exe       4744 N/A                                         
svchost.exe                   4864 LanmanServer                                
svchost.exe                   4952 RasMan                                      
svchost.exe                   5024 DeviceAssociationService                    
dasHost.exe                   5176 N/A                                         
dasHost.exe                   5332 N/A                                         
AggregatorHost.exe            4576 N/A                                         
ModuleCoreService.exe         6564 N/A                                         
conhost.exe                   6572 N/A                                         
MfeAVSvc.exe                  6856 N/A                                         
mcapexe.exe                   7156 McAPExe                                     
unsecapp.exe                  6240 N/A                                         
WmiPrvSE.exe                  6496 N/A                                         
WmiPrvSE.exe                  6500 N/A                                         
McCSPServiceHost.exe          7204 mccspsvc                                    
svchost.exe                   7216 RmSvc                                       
svchost.exe                   7868 BDESVC                                      
svchost.exe                   7956 NgcSvc                                      
svchost.exe                   8008 NgcCtnrSvc                                  
dllhost.exe                   8108 N/A                                         
svchost.exe                   7904 PolicyAgent                                 
mcshield.exe                  8096 N/A                                         
uihost.exe                    3228 N/A                                         
dptf_helper.exe               3548 N/A                                         
sihost.exe                    3712 N/A                                         
SynTPEnh.exe                  4344 N/A                                         
svchost.exe                   8552 CDPUserSvc_83996                            
svchost.exe                   8700 Appinfo                                     
svchost.exe                   8708 WpnUserService_83996                        
PresentationFontCache.exe     8772 FontCache3.0.0.0                            
HPJumpStartLaunch.exe         8872 N/A                                         
svchost.exe                   8936 TokenBroker                                 
taskhostw.exe                 9028 N/A                                         
svchost.exe                   9204 CDPSvc                                      
SynTPHelper.exe               6264 N/A                                         
svchost.exe                   8652 PcaSvc                                      
explorer.exe                  8780 N/A                                         
svchost.exe                   9408 cbdhsvc_83996                               
igfxEM.exe                    9732 N/A                                         
SearchIndexer.exe            10100 WSearch                                     
ModuleCoreService.exe         2432 N/A                                         
SearchHost.exe                9432 N/A                                         
StartMenuExperienceHost.e     2744 N/A                                         
conhost.exe                   3724 N/A                                         
CoolSense.exe                 9504 N/A                                         
svchost.exe                   8184 UdkUserSvc_83996                            
RuntimeBroker.exe             9616 N/A                                         
RuntimeBroker.exe             2016 N/A                                         
dllhost.exe                  10028 N/A                                         
YourPhone.exe                 9264 N/A                                         
ctfmon.exe                    3692 N/A                                         
TabTip.exe                    7420 N/A                                         
ShellExperienceHost.exe      11068 N/A                                         
smartscreen.exe              11076 N/A                                         
McUICnt.exe                  11224 N/A                                         
HPAudioSwitch.exe            11240 N/A                                         
SecurityHealthSystray.exe    11248 N/A                                         
RuntimeBroker.exe             7128 N/A                                         
OneDrive.exe                  7140 N/A                                         
SecurityHealthService.exe     8836 SecurityHealthService                       
svchost.exe                  10172 NPSMSvc_83996                               
SystemSettingsBroker.exe      1368 N/A                                         
svchost.exe                   9024 BthAvctpSvc                                 
Cortana.exe                  10060 N/A                                         
TextInputHost.exe            12188 N/A                                         
ApplicationFrameHost.exe     11848 N/A                                         
RuntimeBroker.exe            12308 N/A                                         
svchost.exe                  12392 LicenseManager                              
svchost.exe                  12440 ClipSVC                                     
svchost.exe                  12488 wuauserv                                    
svchost.exe                  12504 AarSvc_83996                                
svchost.exe                   9304 lmhosts                                     
svchost.exe                  13764 fdPHost                                     
svchost.exe                  13768 NcdAutoSetup                                
svchost.exe                  13956 FDResPub                                    
svchost.exe                  14136 SSDPSRV                                     
svchost.exe                  13804 BITS                                        
firefox.exe                  13732 N/A                                         
svchost.exe                  13036 OneSyncSvc_83996,                           
                                   PimIndexMaintenanceSvc_83996,               
                                   UnistoreSvc_83996, UserDataSvc_83996        
RtkNGUI64.exe                12672 N/A                                         
firefox.exe                  13420 N/A                                         
firefox.exe                   1732 N/A                                         
svchost.exe                   9748 WdiSystemHost                               
firefox.exe                  11000 N/A                                         
firefox.exe                  13096 N/A                                         
firefox.exe                  14732 N/A                                         
browserhost.exe              13748 N/A                                         
conhost.exe                  14264 N/A                                         
MfeBrowserHost.exe           10416 N/A                                         
conhost.exe                  14308 N/A                                         
dllhost.exe                  14928 N/A                                         
GoogleCrashHandler.exe       15152 N/A                                         
GoogleCrashHandler64.exe     11556 N/A                                         
hpqwmiex.exe                  1108 hpqcaslwmiex                                
svchost.exe                  14612 DoSvc                                       
svchost.exe                  13244 StorSvc                                     
HPJumpStartBridge.exe        11820 HPJumpStartBridge                           
HPSupportSolutionsFramewo    15400 HPSupportSolutionsFrameworkService          
IAStorDataMgrSvc.exe         15528 IAStorDataMgrSvc                            
svchost.exe                  15788 Netman                                      
SgrmBroker.exe               16076 SgrmBroker                                  
svchost.exe                  16160 UsoSvc                                      
RuntimeBroker.exe            16244 N/A                                         
svchost.exe                  16348 wscsvc                                      
svchost.exe                  14112 AJRouter                                    
firefox.exe                  14292 N/A                                         
firefox.exe                  15924 N/A                                         
firefox.exe                   4048 N/A                                         
backgroundTaskHost.exe       15476 N/A                                         
firefox.exe                  11836 N/A                                         
FileCoAuth.exe               16828 N/A                                         
RuntimeBroker.exe            17156 N/A                                         
audiodg.exe                  17012 N/A                                         
svchost.exe                  17168 wlidsvc                                     
SearchProtocolHost.exe       16600 N/A                                         
SearchProtocolHost.exe       17368 N/A                                         
SearchFilterHost.exe         17076 N/A                                         
SystemSettings.exe           16760 N/A                                         
UserOOBEBroker.exe           17324 N/A                                         
svchost.exe                  15260 Browser                                     
dllhost.exe                  15932 N/A                                         
dllhost.exe                  17320 N/A                                         
cmd.exe                      15352 N/A                                         
conhost.exe                  16780 N/A                                         
tasklist.exe                 17064 N/A                                         

 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP